Receiving an access key

US 20090178115A1
Filed: 06/20/2008
Published: 07/09/2009
Est. Priority Date: 11/18/2004
Status: Active Grant

First Claim

Patent Images

1. A machine-implemented method comprising:

receiving an access key;

performing an action that requires the access key as a part of performing the action for the action to be performed properly;

erasing the access key prior to receiving a next access key; and

receiving a next access key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In an embodiment, a secure module is provided that provides access keys to an unsecured system. In an embodiment, the secure module may generate passcodes and supply the passcodes to the unsecured system. In an embodiment, the access keys are sent to the unsecured system after receiving the passcode from the unsecured system. In an embodiment, after authenticating the passcode, the secure module does not store the passcode in its memory. In an embodiment, the unsecured module requires the access key to execute a set of instructions or another entity. In an embodiment, the unsecured system does not store access keys. In an embodiment, the unsecured system erases the access key once the unsecured system no longer requires the access key. In an embodiment, the unsecured system receives a new passcode to replace the stored passcode after using the stored passcode. Each of these embodiments may be used separately.

83 Citations

View as Search Results

24 Claims

1. A machine-implemented method comprising:
- receiving an access key;
  
  performing an action that requires the access key as a part of performing the action for the action to be performed properly;
  
  erasing the access key prior to receiving a next access key; and
  
  receiving a next access key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 11, 20, 21, 22, 23, 24)
- - 2. The method of claim 1, further comprising:
    - receiving a request to perform the action.
  - 3. The method of claim 2, further comprising:
    - in response to the receiving, sending a stored passcode to a module from which the request originated.
  - 4. The method of claim 3, further comprising:
    - generating a new passcode based on the access key.
  - 5. The method of claim 4, further comprising:
    - storing the new passcode.
  - 6. The method of claim 3, wherein the receiving of the access key is in response to the sending.
  - 7. The method of claim 1, wherein the performing of the action includes at least executing one or more encryption instructions based on the access key.
  - 8. The method of claim 1, wherein the access key received is encrypted, and the method further comprises decrypting the access key received.
  - 11. The method of claim 1, the receiving is from a secure device and occurs at an unsecured device.
  - 20. The method of claim 1, no personal data is stored by the method other than a passcode.
  - 21. The method of claim 1, the method does not store keys other than access keys, and the access key is only kept during a period of time in which the access key is in use.
  - 22. The method of claim 4, the generating occurring automatically in response to receiving the encryption key.
  - 23. The method of claim 4, the generating including at least applying a function to the access key, therein obtaining the new passcode.
  - 24. The method of claim 1, the receiving includes at least receiving the access key from a self-contained user device.

9. A machine-implemented method comprising:
- receiving from a module a request to perform a task, the receiving occurring anytime after setting up for the module is complete; and
  
  in response to the receiving, sending a stored passcode to the module from which the request originated.
- View Dependent Claims (13)
- - 13. The method of claim 9, the receiving occurs at an unsecure device and the module that sent the request is a secure device.

10. A machine-implemented method comprising:
- receiving a request to execute one or more encryption instructions;
  
  in response, sending a stored passcode to a module from which the request originated;
  
  receiving an access key;
  
  generating a new passcode based on the access key;
  
  executing the one or more encryption instructions based on the access key;
  
  erasing the access key;
  
  erasing the stored passcode; and
  
  storing the new passcode.
- View Dependent Claims (14, 15)
- - 14. The method of claim 10, the receiving of the access key being in reply to the sending of the stored passcode.
  - 15. The method of claim 10, the erasing of the access key being performed after using the access key for the executing.

12. A machine-implemented method comprising:
- receiving an access key;
  
  performing an action that requires the access key as a part of performing the action for the action to be performed properly; and
  
  erasing the access key prior to receiving a next access key;
  
  the next access key is not stored at a device that performed the task during a period between the erasing and performing another task requiring the next access key.

16. A machine-implemented method comprising:
- after a device is set up, receiving an access key at the device;
  
  performing an action that requires the access key; and
  
  erasing the access key.

17. A method comprising:
- after an unsecured device and a secured module are set up, receiving at the unsecured device from the secured module, a request to perform an action that requires authorization;
  
  in response to the receiving, the unsecured system sends a first passcode to the secure module;
  
  in reply to the sending of the first passcode, if the first passcode is correct, receiving at the unsecured system a first encryption key from the secure module;
  
  in response to receiving at the unsecured system the first encryption key,encrypting or decrypting data with the first encryption key, andgenerating a second passcode, that is different from the first passcode, by at least applying a function to the first encryption key;
  
  at the unsecured system, erasing the first passcode and replacing the first passcode with the second passcode; and
  
  after the encrypting or decrypting of the data is complete and before a second encryption key is received at the unsecured device, erasing the first encryption key at the unsecured system;
  
  the first encryption key and second encryption key are different values that are based on one or more values that results from applying a function to biometric information, the function being one for which computing an inverse is computationally intractable.
- View Dependent Claims (18)
- - 18. The method of claim 17, the encryption key received is encrypted, and the method further comprising decrypting the encryption key received.

19. A machine-implemented method comprising:
- receiving an access key;
  
  performing an action that requires the access key as a part of performing the action for the action to be performed properly; and
  
  erasing the access key prior to receiving a next access key;
  
  the access key is based on a value that results from applying a function to user information that is expected to be unique to the user, the function being one for which computing an inverse is computationally intractable.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Biogy, Inc.
Original Assignee
Biogy, Inc.
Inventors
Fiske, Michael Stephen

Granted Patent

US 8,209,751 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/2
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/34   involving the use of extern...

G06F 21/46   by designing passwords or c...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 9/0891   Revocation or update of sec...

H04L 9/3226   using a predetermined code,...

Receiving an access key

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

83 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Receiving an access key

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

83 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links