TRUSTED STORAGE AND DISPLAY

US 20090183249A1
Filed: 01/11/2008
Published: 07/16/2009
Est. Priority Date: 01/11/2008
Status: Active Grant

First Claim

Patent Images

1. A storage token removeably attachable to a computer comprising:

a port for removably coupling to the computer, the port supporting bi-directional data communication;

a memory with a hierarchical file system;

a display;

an input; and

a processor executing a token operating system that displays a hierarchical memory location and a confirmation message when access to the hierarchical memory location is requested by the computer.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A storage token has a display and a keyboard, or other input device, that allows a user to view a request to access a memory location and enter a response to the request. The display allows presentation of details of the request, such as a pathname to a requested memory location, metadata describing a cryptographic key for use in a transaction confirmation, and/or transaction details which are awaiting verification by a credential stored on the token. The storage token may also include a cryptographic engine and a secure memory allowing signing data returned in response to the request.

9 Citations

20 Claims

1. A storage token removeably attachable to a computer comprising:
- a port for removably coupling to the computer, the port supporting bi-directional data communication;
  
  a memory with a hierarchical file system;
  
  a display;
  
  an input; and
  
  a processor executing a token operating system that displays a hierarchical memory location and a confirmation message when access to the hierarchical memory location is requested by the computer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The storage token of claim 1, wherein the hierarchical memory location contains a computer operating system element.
  - 3. The storage token of claim 2, wherein the computer operating system element is required for normal operation of the computer.
  - 4. The storage token of claim 1, wherein the hierarchical memory location contains a cryptographic key.
  - 5. The storage token of claim 1, wherein the port is a wireless port.
  - 6. The storage token of claim 1, wherein the display is a bitmapped display supporting graphical images.
  - 7. The storage token of claim 1, further comprising a cryptographic circuit for performing a cryptographic function.
  - 8. The storage token of claim 7, wherein the cryptographic function is one of a hash, an encryption, and a decryption.
  - 9. The storage token of claim 1, further comprising an energy device for operation of the display and input while removed from the computer.
  - 10. The storage token of claim 9, wherein the energy device is one of a battery, a capacitor, and a solar energy device.

11. A method of operating a storage token with a user interface integral to the storage token, the method comprising:
- coupling the storage token to a host;
  
  accepting a request for access to the storage token from the host;
  
  displaying the request for access to the storage token on the user interface, including a reference to a type of the request;
  
  receiving an instruction via the user interface corresponding to the request; and
  
  providing a signed response to the host.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
- - 12. The method of claim 11, further comprising:
    - decoupling the storage token from the host after displaying the request; and
      
      re-coupling the storage token to the host after receiving the instruction.
  - 13. The method of claim 11, wherein coupling the storage token to the host comprises coupling the storage token to the host via a wireless network.
  - 14. The method of claim 11, wherein accepting the request for access comprises accepting the request for access to a cryptographic key for digitally signing the request.
  - 15. The method of claim 11, wherein accepting the request for access comprises accepting the request for access to a hierarchical memory location.
  - 16. The method of claim 15, wherein providing the signed response to the host comprises:
    - retrieving a content of the hierarchical memory location;
      
      signing the content to form a signed content; and
      
      returning the signed content.
  - 17. The method of claim 11, wherein accepting the request for access comprises accepting the request for access to a software component for use by an operating system of the host.
  - 18. The method of claim 11, wherein displaying the request for access including the reference to the type comprises one of displaying a pathname to a file location and displaying a cryptographic key name.

19. A method of controlling access to data stored in a storage token having computer-readable storage, a display, a plurality of keys, and a cryptographic unit, the method comprising:
- coupling the storage token to a computer and creating a session;
  
  receiving a request via the session for access to the computer-readable storage;
  
  displaying the request, including a name corresponding to one of a memory location and a cryptographic key;
  
  receiving a personal identification number (PIN) via the plurality of keys;
  
  verifying that the PIN corresponds to an authorized entity;
  
  retrieving data corresponding to the request when the PIN is verified;
  
  signing the data to form a signed data; and
  
  responding to the request with the signed data.
- View Dependent Claims (20)
- - 20. The method of claim 19, further comprising:
    - storing a session authentication data;
      
      decoupling the storage token from the computer prior to displaying the request;
      
      re-coupling the storage token to the computer after receiving the PIN via the plurality of keys;
      
      re-establishing the session using the session authentication data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Hartrell, Gregory, Carpenter, Todd L., Myers, Mark, Abzarian, David, Steeves, David

Granted Patent

US 8,914,901 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/9
CPC Class Codes

G06F 21/79   in semiconductor storage me...

G06F 2221/2153   Using hardware token as a s...

Y04S 40/20   Information technology spec...

TRUSTED STORAGE AND DISPLAY

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

9 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

TRUSTED STORAGE AND DISPLAY

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

9 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links