METHOD AND SYSTEM FOR VALIDATING A DEVICE THAT USES A DYNAMIC IDENTIFIER

US 20090216679A1
Filed: 12/23/2008
Published: 08/27/2009
Est. Priority Date: 12/20/2007
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

obtaining a currently received signature from a device;

obtaining a candidate identifier associated with the device;

consulting a database to obtain a set of previously received signatures associated with the candidate identifier; and

validating the currently received signature based on a comparison of the currently received signature to the set of previously received signatures associated with the candidate identifier.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method that comprises obtaining a currently received signature from a device; obtaining a candidate identifier associated with the device; consulting a database to obtain a set of previously received signatures associated with the candidate identifier; and validating the currently received signature based on a comparison of the currently received signature to the set of previously received signatures associated with the candidate identifier. Also, a method that comprises obtaining a currently received signature from a device; decrypting the currently received signature to obtain a candidate identifier; and a candidate scrambling code; consulting a database to obtain a set of previously received scrambling codes associated with the candidate identifier; and validating the currently received signature based on a comparison of the candidate scrambling code to the set of previously received scrambling codes associated with the candidate identifier.

100 Citations

View as Search Results

85 Claims

1. A method, comprising:
- obtaining a currently received signature from a device;
  
  obtaining a candidate identifier associated with the device;
  
  consulting a database to obtain a set of previously received signatures associated with the candidate identifier; and
  
  validating the currently received signature based on a comparison of the currently received signature to the set of previously received signatures associated with the candidate identifier.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 2. The method defined in claim 1, wherein the candidate identifier is obtained without decrypting the currently received signature.
  - 3. The method defined in claim 1, wherein the candidate identifier is obtained by decryption of the currently received signature using a decryption key.
  - 4. The method defined in claim 3, further comprising receiving an index accompanying the currently received signature;
    - and consulting a database that stores potential keys associated with respective indexes to identify the decryption key as the potential key associated with the index accompanying the currently received signature.
  - 5. The method defined in claim 1, wherein the set of previously received signatures is empty.
  - 6. The method defined in claim 1, wherein validating comprises determining whether the currently received signature is a member of the set of previously received signatures associated with the candidate identifier.
  - 7. The method defined in claim 6, further comprising concluding that the validating is unsuccessful if the determining indicates that the currently received signature is a member of the set of previously received signatures associated with the candidate identifier.
  - 8. The method defined in claim 6, further comprising concluding that the validating is potentially successful if the determining indicates that the currently received signature is not a member of the set of previously received signatures associated with the candidate identifier.
  - 9. The method defined in claim 6, further comprising updating the set of previously received signatures associated with the candidate identifier to include the currently received signature.
  - 10. The method defined in claim 1, wherein validating comprises determining a number of times that the currently received signature has been previously received.
  - 11. The method defined in claim 10, further comprising concluding that the validating is unsuccessful if the determining indicates that the currently received signature has been previously received more than a pre-determined number of times.
  - 12. The method defined in claim 1, wherein validating comprises determining how long ago the currently received signature was first received.
  - 13. The method defined in claim 12, further comprising concluding that the validating is unsuccessful if the determining indicates that the currently received signature was first received more than a pre-determined time interval ago.
  - 14. The method defined in claim 1, further comprising issuing a read request to the device over a contact-less channel, wherein obtaining the currently received signature occurs over the contact-less channel subsequent to issuing of the read request.
  - 15. The method defined in claim 1, wherein the currently received signature is received over a non-secure pathway.
  - 16. The method defined in claim 1, wherein the non-secure pathway traverses the Internet.
  - 17. The method defined in claim 1, wherein if the validating is successful, the method further comprises granting access to a resource and wherein if the validating is unsuccessful, the method further comprises denying access to the resource.
  - 18. The method defined in claim 17, wherein the resource comprises at least one of:
    - computing equipment, a computer network, a building, a portion of a building, an entrance, an exit and a vehicle.
  - 19. The method defined in claim 17, wherein the resource comprises at least one of an online resource and a financial resource.
  - 20. The method defined in claim 1, wherein if the validating is successful, the method further comprises authorizing an attempted transaction and wherein if the validating is unsuccessful, the method further comprises denying the attempted transaction.
  - 21. The method defined in claim 20, wherein the transaction comprises a financial transaction.

22. A computer-readable storage medium comprising computer-readable program code which, when interpreted by a computing apparatus, causes the computing apparatus to execute a method that includes:
- obtaining a currently received signature from a device;
  
  obtaining a candidate identifier associated with the device;
  
  consulting a database to obtain a set of previously received signatures associated with the candidate identifier; and
  
  validating the currently received signature based on a comparison of the currently received signature to the set of previously received signatures associated with the candidate identifier.

23. A system for processing signatures received from devices, comprising:
- an interrogation portion configured to obtain a currently received signature from a particular device and a candidate identifier associated with the particular device; and
  
  a processing portion configured to consult a database in order to obtain a set of previously received signatures associated with the candidate identifier; and
  
  to validate the currently received signature based on a comparison of the currently received signature to the set of previously received signatures associated with the candidate identifier.
- View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44)
- - 24. The system defined in claim 23, wherein the candidate identifier is obtained without decrypting the currently received signature.
  - 25. The system defined in claim 23, wherein the candidate identifier is obtained by decryption of the currently received signature using a decryption key.
  - 26. The system defined in claim 25, the processing portion being further configured to effect the decryption of the currently received signature.
  - 27. The system defined in claim 25, further comprising a network controller communicatively coupled to the interrogation portion and configured to effect the decryption of the currently received signature.
  - 28. The system defined in claim 23, further comprising a network controller communicatively coupled to the interrogation portion and configured to implement the processing portion.
  - 29. The system defined in claim 23, wherein to validate the currently received signature, the processing portion is configured to carry out a determination of whether the currently received signature is a member of the set of previously received signatures associated with the candidate identifier.
  - 30. The system defined in claim 29, wherein the processing portion is further configured to conclude that validation of the currently received signature is unsuccessful if the determination indicates that the currently received signature is a member of the set of previously received signatures associated with the candidate identifier.
  - 31. The system defined in claim 29, wherein the processing portion is further configured to conclude that the validation of the currently received signature is potentially successful if the determination indicates that the currently received signature is not a member of the set of previously received signatures associated with the candidate identifier.
  - 32. The system defined in claim 29, wherein the processing portion is further configured to update the set of previously received signatures associated with the candidate identifier to include the currently received signature.
  - 33. The system defined in claim 29, wherein the processing portion is one among a plurality of processing portions spatially distributed over a plurality of sites, the processing portions being communicatively coupled to one another to enable the determination to be made jointly by the plurality of processing portions.
  - 34. The system defined in claim 23, wherein the processing portion is distributed among a plurality of spatially distributed sites.
  - 35. The system defined in claim 23, wherein the interrogation portion is one among a plurality of interrogation portions spatially distributed over a plurality of sites.
  - 36. The system defined in claim 23, wherein to validate the currently received signature, the processing portion is configured to effect a determination of a number of times that the currently received signature has been previously received.
  - 37. The system defined in claim 36, wherein the processing portion is further configured to conclude that validation of the currently received signature is unsuccessful if the determination is indicative of the currently received signature having been previously received more than a pre-determined number of times.
  - 38. The system defined in claim 23, wherein to validate the currently received signature, the processing portion is configured to effect a determination of how long ago the currently received signature was first received.
  - 39. The system defined in claim 38, wherein the processing portion is further configured to conclude that validation of the currently received signature is unsuccessful if the determination is indicative of the currently received signature having been first received more than a pre-determined time interval ago.
  - 40. The system defined in claim 23, wherein if the validating is successful, the processing portion is configured to grant access to a resource and wherein if the validating is unsuccessful, the processing portion is configured to deny access to the resource.
  - 41. The system defined in claim 40, wherein the resource comprises at least one of:
    - computing equipment, a computer network, a building, a portion of a building, an entrance, an exit and a vehicle.
  - 42. The system defined in claim 40, wherein the resource comprises at least one of an online resource and a financial resource.
  - 43. The system defined in claim 23, wherein if the validating is successful, the processing portion is configured to authorize an attempted transaction and wherein if the validating is unsuccessful, the processing portion is configured to deny the attempted transaction.
  - 44. The system defined in claim 43, wherein the transaction comprises a financial transaction.

45. A method, comprising:
- obtaining a currently received signature from a device;
  
  decrypting the currently received signature to obtain a candidate identifier; and
  
  a candidate scrambling code;
  
  consulting a database to obtain a set of previously received scrambling codes associated with the candidate identifier; and
  
  validating the currently received signature based on a comparison of the candidate scrambling code to the set of previously received scrambling codes associated with the candidate identifier.
- View Dependent Claims (46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66)
- - 46. The method defined in claim 45, wherein decrypting the currently received signature is performed using a decryption key, the method further comprising receiving an index accompanying the currently received signature;
    - and consulting a database that stores potential keys associated with respective indexes to identify the decryption key as the potential key associated with the index accompanying the currently received signature.
  - 47. The method defined in claim 45, further comprising consulting a database comprising a plurality of potential keys;
    - wherein the decrypting is performed using a first one of the potential keys.
  - 48. The method defined in claim 47, further comprising comparing the candidate identifier to a set of expected identifiers and, if there is no match, repeating the decrypting using another one of the potential keys until occurrence of:
    - (i) a match between the candidate identifier and one of the expected identifiers; and
      
      (ii) exhaustion of all potential keys without finding a match between the candidate identifier and any of the expected identifiers.
  - 49. The method defined in claim 48, further comprising concluding that the validation is unsuccessful in the case of exhaustion of all potential keys without finding a match between the candidate identifier and any of the expected identifiers.
  - 50. The method defined in claim 45, wherein the set of previously received scrambling codes is empty.
  - 51. The method defined in claim 45, wherein validating comprises determining whether the candidate scrambling code is a member of the set of previously received scrambling codes associated with the candidate identifier.
  - 52. The method defined in claim 51, further comprising concluding that the validating is unsuccessful if the determining indicates that the candidate scrambling code is a member of the set of previously received scrambling codes associated with the candidate identifier.
  - 53. The method defined in claim 51, further comprising concluding that the validating is potentially successful if the determining indicates that the candidate scrambling code is not a member of the set of previously received scrambling codes associated with the candidate identifier.
  - 54. The method defined in claim 51, further comprising updating the set of previously received scrambling codes associated with the candidate identifier to include the candidate scrambling code.
  - 55. The method defined in claim 45, wherein validating comprises determining a number of times that the candidate scrambling code has been previously received.
  - 56. The method defined in claim 55, further comprising concluding that the validating is unsuccessful if the determining indicates that the candidate scrambling code has been previously received more than a pre-determined number of times.
  - 57. The method defined in claim 45, wherein validating comprises determining how long ago the candidate scrambling code was first received.
  - 58. The method defined in claim 57, further comprising concluding that the validating is unsuccessful if the determining indicates that the candidate scrambling code was first received more than a pre-determined time interval ago.
  - 59. The method defined in claim 45, further comprising issuing a read request to the device over a contact-less channel, wherein obtaining the currently received signature occurs over the contact-less channel subsequent to issuing of the read request.
  - 60. The method defined in claim 45, wherein the currently received signature is received over a non-secure pathway.
  - 61. The method defined in claim 45, wherein the non-secure pathway traverses the Internet.
  - 62. The method defined in claim 45, wherein if the validating is successful, the method further comprises granting access to a resource and wherein if the validating is unsuccessful, the method further comprises denying access to the resource.
  - 63. The method defined in claim 62, wherein the resource comprises at least one of:
    - computing equipment, a computer network, a building, a portion of a building, an entrance, an exit and a vehicle.
  - 64. The method defined in claim 62, wherein the resource comprises at least one of an online resource and a financial resource.
  - 65. The method defined in claim 45, wherein if the validating is successful, the method further comprises authorizing an attempted transaction and wherein if the validating is unsuccessful, the method further comprises denying the attempted transaction.
  - 66. The method defined in claim 65, wherein the transaction comprises a financial transaction.

67. A computer-readable storage medium comprising computer-readable program code which, when interpreted by a computing apparatus, causes the computing apparatus to execute a method that includes:
- obtaining a currently received signature from a device;
  
  decrypting the currently received signature to obtain a candidate identifier; and
  
  a candidate scrambling code;
  
  consulting a database to obtain a set of previously received scrambling codes associated with the candidate identifier; and
  
  validating the currently received signature based on a comparison of the candidate scrambling code to the set of previously received scrambling codes associated with the candidate identifier.

68. A system for processing signatures received from devices, comprising:
- an interrogation portion configured to obtain a currently received signature from a particular device; and
  
  a processing portion configured to;
  
  decrypt the currently received signature in order to obtain a candidate identifier and a candidate scrambling code;
  
  consult a database in order to obtain a set of previously received scrambling codes associated with the candidate identifier; and
  
  validate the currently received signature based on a comparison of the candidate scrambling code to the set of previously received scrambling codes associated with the candidate identifier.
- View Dependent Claims (69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85)
- - 69. The system defined in claim 68, further comprising a network controller communicatively coupled to the interrogation portion and configured to implement the processing portion.
  - 70. The system defined in claim 68, wherein to validate the currently received signature, the processing portion is configured to carry out a determination of whether the candidate scrambling code is a member of the set of previously received scrambling codes associated with the candidate identifier.
  - 71. The system defined in claim 70, wherein the processing portion is further configured to conclude that validation of the currently received signature is unsuccessful if the determination indicates that the candidate scrambling code is a member of the set of previously received scrambling codes associated with the candidate identifier.
  - 72. The system defined in claim 70, wherein the processing portion is further configured to conclude that the validation of the currently received signature is potentially successful if the determination indicates that the candidate scrambling code is not a member of the set of previously received scrambling codes associated with the candidate identifier.
  - 73. The system defined in claim 70, wherein the processing portion is further configured to update the set of previously received scrambling codes associated with the candidate identifier to include the candidate scrambling code.
  - 74. The system defined in claim 70, wherein the processing portion is one among a plurality of processing portions spatially distributed over a plurality of sites, the processing portions being communicatively coupled to one another to enable the determination to be made jointly by the plurality of processing portions.
  - 75. The system defined in claim 68, wherein the processing portion is distributed among a plurality of spatially distributed sites.
  - 76. The system defined in claim 68, wherein the interrogation portion is one among a plurality of interrogation portions spatially distributed over a plurality of sites.
  - 77. The system defined in claim 68, wherein to validate the currently received signature, the processing portion is configured to effect a determination of a number of times that the candidate scrambling code has been previously received.
  - 78. The system defined in claim 77, wherein the processing portion is further configured to conclude that validation of the currently received signature is unsuccessful if the determination is indicative of the candidate scrambling code having been previously received more than a pre-determined number of times.
  - 79. The system defined in claim 68, wherein to validate the currently received signature, the processing portion is configured to effect a determination of how long ago the candidate scrambling code was first received.
  - 80. The system defined in claim 79, wherein the processing portion is further configured to conclude that validation of the currently received signature is unsuccessful if the determination is indicative of the candidate scrambling code having been first received more than a pre-determined time interval ago.
  - 81. The system defined in claim 68, wherein if the validating is successful, the processing portion is configured to grant access to a resource and wherein if the validating is unsuccessful, the processing portion is configured to deny access to the resource.
  - 82. The system defined in claim 81, wherein the resource comprises at least one of:
    - computing equipment, a computer network, a building, a portion of a building, an entrance, an exit and a vehicle.
  - 83. The system defined in claim 81, wherein the resource comprises at least one of an online resource and a financial resource.
  - 84. The system defined in claim 68, wherein if the validating is successful, the processing portion is configured to authorize an attempted transaction and wherein if the validating is unsuccessful, the processing portion is configured to deny the attempted transaction.
  - 85. The system defined in claim 84, wherein the transaction comprises a financial transaction.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
BCE Incorporated
Original Assignee
BCE Incorporated
Inventors
O'Brien, William G., YEAP, Tet Hin

Granted Patent

US 8,412,638 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/71
CPC Class Codes

G06F 21/43   wireless channels

G06F 21/79   in semiconductor storage me...

G06F 9/445   Program loading or initiati...

G06Q 10/087   Inventory or stock manageme...

G06Q 20/02   involving a neutral party, ...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/3825   Use of electronic signatures

G06Q 20/3829   involving key management

G06Q 20/385   using an alias or single-us...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/401   Transaction verification

G06Q 20/40975   using encryption therefor

G06Q 20/425   using two different network...

G07F 7/1008   Active credit-cards provide...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 2209/84   Vehicles

H04L 63/0823   using certificates cryptogr...

H04L 63/0846   using time-dependent-passwo...

H04L 63/126   the source of the received ...

H04L 9/3247 : involving digital signatures

H04W 12/08 : Access security

H04W 12/10 : Integrity

H04W 12/47 : using near field communicat...

View All

METHOD AND SYSTEM FOR VALIDATING A DEVICE THAT USES A DYNAMIC IDENTIFIER

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

100 Citations

85 Claims

Specification

Use Cases

Quick Links

Others

METHOD AND SYSTEM FOR VALIDATING A DEVICE THAT USES A DYNAMIC IDENTIFIER

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

100 Citations

85 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others