Securing Access To An Application Service Based On A Proximity Token
First Claim
1. A computer-implemented method comprising:
- receiving an instruction at an application service;
generating a command at the application service based upon the instruction;
automatically communicating the command from the application service to a proximity token, via a wireless connection;
transforming the command at the proximity token using a first cryptographic technique;
automatically communicating the transformed command from the proximity token to the application service;
automatically communicating the transformed command from the application service to a security token;
recovering the command from the transformed command at the security token using a second cryptographic technique;
executing the recovered command, recovered from the transformed comment, at the security token to produce a result; and
automatically communicating the result from the security token to the application service.
2 Assignments
0 Petitions
Accused Products
Abstract
A system for providing secured access to an application service includes a security token that couples to the application service. The security token performs a first element of a cryptographic technique, such as, for example, encryption or decryption. A. proximity token is provided that is associated with the security token. The proximity token performs a second element of the cryptographic technique to validate a communication between the application service and the security token. The proximity token is operable to validate the communication only when the proximity token is located within a predetermined validation distance from the security token or the application service. The security token may perform the first element of the cryptographic technique to verify that the proximity token has validated the communication between the application service and the security token. The system may be configured to provide secured access to the application service when the proximity token validates the communication and to prevent secured access to the application service when the proximity token does not validate the communication.
21 Citations
28 Claims
-
1. A computer-implemented method comprising:
-
receiving an instruction at an application service;
generating a command at the application service based upon the instruction;
automatically communicating the command from the application service to a proximity token, via a wireless connection;
transforming the command at the proximity token using a first cryptographic technique;
automatically communicating the transformed command from the proximity token to the application service;
automatically communicating the transformed command from the application service to a security token;
recovering the command from the transformed command at the security token using a second cryptographic technique;
executing the recovered command, recovered from the transformed comment, at the security token to produce a result; and
automatically communicating the result from the security token to the application service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 22)
-
-
12. A computer-implemented method comprising:
-
receiving an instruction at an application service;
generating a command at the application service based upon the instruction;
automatically communicating the command to a security token;
executing the command, communicated from the application service, at the security token to produce a result;
modifying the result at the security token using a first cryptographic technique;
automatically communicating the modified result from the security token to a proximity token, via a wireless connection;
transforming the modified result at the proximity token using a second cryptographic technique;
automatically communicating the transformed result from the proximity token to the security token;
recovering the modified result from the transformed result at the security token based upon a third cryptographic technique;
recovering the result from the recovered modified result at the security token based upon a fourth cryptographic technique; and
automatically communicating the recovered result from the security token to the application service. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
23. A system comprising:
-
an application service, the application service;
receiving an instruction, generating a command based upon the instruction, automatically communicating the command, receiving a transformer and command, and automatically communicating the transformed command;
a proximity token, the proximity token;
receiving the command from the application service, via a wireless connection, transforming the command using a first cryptographic technique, and automatically communicating the transformed command to the application service; and
a security token, the security token;
receiving the transformed command from the application service, recovering the command from the transformed command using a second cryptographic technique, executing the recovered command, recovered from the transformed command, to produce a result, and automatically communicating the result to the application service.
-
-
24. A system comprising:
-
an application service, the application service;
receiving an instruction, generating a command based upon the instruction, and automatically communicating the command;
a security token, the security token;
receiving the command from the application service, executing the command, received from the application service, to produce a result, modifying the result using a first cryptographic technique, automatically communicating the modified result, receiving a transformed result, recovering the modified result from the transformed result based upon a third cryptographic technique, recovering the result from the recovered modified result based upon a fourth cryptographic technique, and automatically communicating the recovered result to the application service; and
a proximity token, the proximity token;
receiving the modified result from the security token, via a wireless connection, transforming the modified result using a second cryptographic technique, and automatically communicating the transformed result to the security token.
-
-
25. A computer program product, tangibly embodied in a machine-readable medium, the computer program product comprising instructions that, when read by a machine, cause a data processing apparatus to:
-
receive an instruction at an application service;
generate a command at the application service based upon the instruction;
automatically communicate the command from the application service to a proximity token, via a wireless connection;
transform the command at the proximity token using a first cryptographic technique;
automatically communicate the transformed command from the proximity token to the application service;
automatically communicate the transformed command from the application service to a security token;
recover the command from the transformed command at the security token using a second cryptographic technique;
execute the recovered command, recovered from the transformed comment, at the security token to produce a result; and
automatically communicate the result from the security token to the application service.
-
-
26. A computer program product, tangibly embodied in a machine-readable medium, the computer program product comprising instructions that, when read by a machine, case a data processing apparatus to:
-
receive an instruction at an application service;
generate a command at the application service based upon the instruction;
automatically communicate the command to a security token;
execute the command, communicated from the application service, at the security token to produce a result;
modify the result at the security token using a first cryptographic technique;
automatically communicate the modified result from the security token to a proximity token, via a wireless connection;
transform the modified result at the proximity token using a second cryptographic technique;
automatically communicate the transformed result from the proximity token to the security token;
recover the modified result from the transformed result at the security token based upon a third cryptographic technique;
recover the result from the recovered modified result at the security token based upon a fourth cryptographic technique; and
automatically communicate the recovered result from the security token to the application service.
-
-
27. A computer-implemented method comprising receiving validated result data at an application service if a secure execution function that produces result data is performed at a security token on command data communicated from the application service, and if a data validation function is performed at a proximity token on the command data or the result data, the proximity token performing the data validation function if the proximity token is within a predetermined distance of the application service.
-
28. A device comprising means for receiving validated result data at an application service if a secure execution function that produces result data is performed at a security token on command data communicated from the application service, and if a data validation function is performed at a proximity token on the command data or the result data, the proximity token performing the data validation function if the proximity token is within a predetermined distance of the application service.
Specification