Certified deployment of applications on terminals
First Claim
1. At a terminal key management server, a method for electronically certifying an application for installation at a transaction terminal, the method comprising:
- an act of receiving an application along with a request to certify the application;
an act of comparing the application to one or more terminal constraints to determine whether the application complies with the one or more terminal constraints, where the one or more terminal constraints require at a minimum that the application will function properly in the operating environment on the transaction terminal;
if the application complies with the one or more terminal constraints, an act of issuing a certificate that corresponds to the application and certifies that the application complies with the one or more terminal constraints;
an act of digitally signing the certificate using an application management private key, the application management private key being part of a public/private key pair, the corresponding application management public key being accessible to the transaction terminal;
an act of encrypting the application using a terminal master public key, the terminal master public key being part of a public/private key pair, the corresponding terminal master private key being accessible to the transaction terminal; and
an act of making the digitally signed certificate and the encrypted application available to the transaction terminal.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of the present invention relate to secure deployment of software applications on transaction terminals using keys and certificates. In one embodiment, a method for electronically certifying an application for installation at a transaction terminal is accomplished at a terminal key management server by receiving an application along with a request to certify the application, comparing the application to one or more terminal constraints, issuing a certificate that corresponds to the application, digitally signing the certificate, and making the digitally signed certificate and the encrypted application available to the transaction terminal. In another embodiment, a method for validating a certified application for installation on the transaction terminal is accomplished by receiving a notification, downloading an encrypted version of the application, downloading a digitally signed certificate, decrypting the application, verifying the digital signature of the certificate, and installing the application on the transaction terminal.
-
Citations
20 Claims
-
1. At a terminal key management server, a method for electronically certifying an application for installation at a transaction terminal, the method comprising:
-
an act of receiving an application along with a request to certify the application;
an act of comparing the application to one or more terminal constraints to determine whether the application complies with the one or more terminal constraints, where the one or more terminal constraints require at a minimum that the application will function properly in the operating environment on the transaction terminal;
if the application complies with the one or more terminal constraints, an act of issuing a certificate that corresponds to the application and certifies that the application complies with the one or more terminal constraints;
an act of digitally signing the certificate using an application management private key, the application management private key being part of a public/private key pair, the corresponding application management public key being accessible to the transaction terminal;
an act of encrypting the application using a terminal master public key, the terminal master public key being part of a public/private key pair, the corresponding terminal master private key being accessible to the transaction terminal; and
an act of making the digitally signed certificate and the encrypted application available to the transaction terminal. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 17, 18)
-
-
10. At a transaction terminal, a method for validating a certified application for installation on the transaction terminal, the method comprising:
-
an act of receiving a notification that a certified application is ready to be installed;
in response to receiving the notification, an act of downloading an encrypted version of the application at the transaction terminal, the encrypted version of the application being encrypted with a terminal master public key, the terminal master public key being part of a public/private key pair, the corresponding terminal master private key being accessible to the transaction terminal;
an act of downloading a digitally signed certificate that corresponds to the encrypted version of the application, the digitally signed certificate certifying that the application complies with one or more terminal constraints, the certificate being digitally signed using an application management private key, the application management private key being part of a public/private key pair, the corresponding application management public key being accessible to the transaction terminal;
an act of decrypting the encrypted version of the application using the terminal master private key to reveal an unencrypted version of the application;
an act of verifying the digital signature of the certificate using the application management public key to determine whether the corresponding application has been validly certified as complying with one or more terminal constraints of the transaction terminal; and
if the application has been validly certified, an act of installing the application on the transaction terminal.
-
- 11. The method as recited in claim 11, wherein the certificate specifies the one or more terminal constraints.
-
19. At a security access module delivery server, a method for securely providing an application key to a transaction terminal, the method comprising:
-
an act of sending a request to a hardware security module at the transaction terminal to load an application key onto the transaction terminal, the hardware security module being embedded in a processor at the transaction terminal and configured to securely store application keys, where the request is encrypted using a terminal master public key, the terminal master public key being part of a public/private key pair, the corresponding terminal master private key being accessible to the transaction terminal;
an act of receiving a response from the hardware security module granting permission to load the application key onto the terminal, where the response is digitally signed using the terminal master private key;
in response to receiving the response granting permission, an act of generating an application key to be used by the hardware security module when performing an encryption operation on data associated with the application corresponding to the application key;
an act of transmitting the application key to a secure key storage in the hardware security module of the transaction terminal, where the application key is encrypted using the terminal master public key. - View Dependent Claims (20)
-
Specification