Methods and systems for nonce generation in a token
First Claim
1. A method of providing a nonce during a login associated with a token in a multi-user computer system, the multi-user computer system including a client, the method comprising:
- activating a login process after inserting the token into a token interface associated with the multi-user computer system, the login process activated by a request to execute a user privileged operation made by a client application process;
validating, in the token, a password provided to the login process by an access requester associated with authorized use of the token;
generating a nonce in the token after successfully validating the password; and
passing the nonce to the client application process,wherein the nonce is used by the client application process during execution of the user privileged operation.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of the present invention provide a method, a client and a token for providing a nonce during a login associated with the token in a multi-user computer system. A login process is activated after token insertion by a request to execute a user privileged operation made by a client application process. If a password provided to the login process by an access requester associated with authorized use of the token is validated in the token, a nonce is generated in the token. The password is passed to the token in a command and the nonce is passed to the client application process in a response to the command. The nonce is used by the client application process or any other additional processes during execution of the user privileged operation. Additional nonces, including those based on security level can be generated and passed to additional client application processes as execution of user privileged operations is requested.
104 Citations
24 Claims
-
1. A method of providing a nonce during a login associated with a token in a multi-user computer system, the multi-user computer system including a client, the method comprising:
-
activating a login process after inserting the token into a token interface associated with the multi-user computer system, the login process activated by a request to execute a user privileged operation made by a client application process; validating, in the token, a password provided to the login process by an access requester associated with authorized use of the token; generating a nonce in the token after successfully validating the password; and passing the nonce to the client application process, wherein the nonce is used by the client application process during execution of the user privileged operation. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A client in a token-access multi-user computer system for providing access to information on a secure basis to an authorized requester associated with a token, the token having a memory including a volatile memory area, the multi-user computer system including a token interface coupled to the client, the client comprising:
-
a client memory; and a client processor coupled to the client memory, the client processor configured to; activate a login process in response to a request to execute a user privileged operation; collect a password provided by an access requester associated with authorized use of the token during operation of the login process and transmit the password to the token in a command; and receive a nonce from the token in a response to the command after the password is successfully validated by the token, wherein the nonce is used by a client application process during execution of the user privileged operation. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
-
20. A token for insertion into a multi-user computer system, the token interfacing with a client application process, the token comprising:
-
a memory having a volatile memory area; and a processor coupled to the memory, the processor configured to; activate an interface process in response to insertion of the token into the multi-user computer system, the interface process for validating a password received in a command from the client application process, the command generated in response to a request to execute a user privileged operation in the client application process; generate a nonce upon validation of the password; return the nonce to the client application process in a response to the command; and store the nonce in the volatile memory area of the memory. - View Dependent Claims (21, 22, 23, 24)
-
Specification