METHOD AND SYSTEM FOR PROTECTING REAL ESTATE FROM FRADULENT TITLE CHANGES

US 20100318801A1
Filed: 10/24/2008
Published: 12/16/2010
Est. Priority Date: 10/24/2007
Status: Active Grant

First Claim

Patent Images

1. A method of effecting secure communication over a network, comprising:

interfacing a hardware token with a computer host, the hardware token comprising security software and communication software stored thereon, the security software being stored in a memory of the hardware token, the computer host comprising a memory distinct from the hardware token memory;

on the hardware token, determining an authenticity of the security software;

upon successful validation of the authenticity of the security software on the hardware token, determining an authenticity of the communication software by loading the security software from the hardware token memory into the computer host memory and executing the loaded security software from the computer host memory; and

after successful validation of the authenticity of the communication software, facilitating communication, via the computer host, between the hardware token and a remote computer remote from the computer host, by executing the communication software from the computer host memory.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of effecting secure communication over a network begins by interfacing a hardware token with a computer host. The hardware token includes security software and communication software stored thereon. The security software is stored in a memory of the hardware token. The computer host has a memory distinct from the hardware token memory. The authenticity of the security software is determined on the hardware token. Upon successful validation of the authenticity of the security software on the hardware token, the authenticity of the communication software is determined by loading the security software from the hardware token memory into the computer host memory and executing the loaded security software from the computer host memory. After successful validation of the authenticity of the communication software, the computer host facilitates communication between the hardware token and a remote computer by executing the communication software from the computer host memory.

84 Citations

View as Search Results

26 Claims

1. A method of effecting secure communication over a network, comprising:
- interfacing a hardware token with a computer host, the hardware token comprising security software and communication software stored thereon, the security software being stored in a memory of the hardware token, the computer host comprising a memory distinct from the hardware token memory;
  
  on the hardware token, determining an authenticity of the security software;
  
  upon successful validation of the authenticity of the security software on the hardware token, determining an authenticity of the communication software by loading the security software from the hardware token memory into the computer host memory and executing the loaded security software from the computer host memory; and
  
  after successful validation of the authenticity of the communication software, facilitating communication, via the computer host, between the hardware token and a remote computer remote from the computer host, by executing the communication software from the computer host memory.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method according to claim 1, wherein the hardware token memory comprises a passcode stored thereon, and the communication software executing comprises prompting for entry of a passcode, determining a validity of the entered passcode at the hardware token by comparing the entered passcode against the stored passcode, and executing the communication software from the computer host memory after successful validation of the entered passcode and the authenticity of the communication software.
  - 3. The method according to claim 2, wherein the computer host is configured for communication with a software update server over a network, and the communication software authenticity determining comprises downloading a reference copy of the communication software from the software server over the network to the hardware token memory upon unsuccessful validation of the authenticity of the communication software.
  - 4. The method according to claim 1, wherein the hardware token comprises a hash code stored in the hardware token memory, the hash code comprising a one-way hash of the security software, and the security software authenticity determining comprises at the hardware token computing a one-way hash of the security software and comparing the computed one-way hash against the stored hash code.
  - 5. The method according to claim 4, wherein the hardware token comprises a second hash code stored in the hardware token memory, the second hash code comprising a one-way hash of the communication software, and the communication software authenticity determining comprises at the computer host computing a one-way hash of the communication software and comparing the computed communication software hash against the second hash code.
  - 6. The method according to claim 1, wherein the hardware token comprises a hash code stored in the hardware token memory, the hash code comprising a one-way hash of the communication software, and the communication software authenticity determining comprises at the hardware token computing a one-way hash of the communication security software and comparing the computed one-way hash against the stored hash code.
  - 7. The method according to claim 1, wherein the hardware token memory comprises a read-only memory and a read-write memory, the security software comprises an integrity check procedure and an application loader procedure, the integrity check procedure being stored in the read-only memory and being configured to determine the authenticity of the application loader procedure, the application loader procedure being configured to determine the authenticity of the communication software, the hardware token comprises a hash code comprising a one-way hash of the integrity check procedure, and the security software authenticity determining comprises the integrity check procedure computing a one-way hash of the loader program and effecting loading of the application loader procedure into the computer host memory after a match between the computed one-way hash and the stored hash code.
  - 8. The method according to claim 7, wherein the hardware token comprises a second hash code comprising a one-way hash of the communication software, the communication software being stored in the read-write memory of the hardware token, and the communication software authenticity determining comprises the application loader procedure computing a one-way hash of the communication software and loading the communication software into the computer host memory after a match between the communication software hash and the second hash code.
  - 9. The method according to claim 8, wherein the hardware token memory comprises a passcode stored thereon, and the communication software executing comprises prompting for entry of a passcode, determining a validity of the entered passcode at the hardware token by comparing the entered passcode against the stored passcode, and executing the communication software from the computer host memory after a match between the entered passcode and the stored passcode and a match between the communication software hash and the second hash code.
  - 10. The method according to claim 1, further comprising at the hardware token verifying an identity of the remote computer by receiving a digital signature purporting to be signed by the remote computer and determining whether the received digital signature was signed by the remote computer.
  - 11. The method according to claim 1, further comprising interfacing a Smartcard with the hardware token, and at the Smartcard verifying an identity of the remote computer and the hardware token by receiving at the Smartcard digital signatures each purporting to be signed respectively by the remote computer and the hardware token and determining whether each received respective digital signature was signed by the remote computer and the hardware token.
  - 12. The method according to claim 1, further comprising interfacing a Smartcard with the hardware token, and at the hardware token verifying on behalf of the Smartcard an identity of the remote computer by receiving at the hardware token the digital signatures purporting to be signed by the remote computer and determining whether the received digital signature was produced by the remote computer.

13. A hardware token comprising:
- an interface configured for interfacing the hardware token with a computer host; and
  
  a memory coupled to the interface and storing communication software and security software, the communication software being configured to facilitate communication between the hardware token and a computer server via the computer host, the security software being configured to determine an authenticity of the security software and an authenticity of the communication software and to load the communication software into the computer host for execution thereon after successful validation of the authenticity of the security software and the communication software.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 14. The hardware token according to claim 13, wherein the memory comprises a passcode stored thereon, and the security software is configured to prompt for entry of a passcode at the hardware token, determine a validity of the entered passcode at the hardware token by comparing the entered passcode against the stored passcode, and load the communication software into the computer host after successful validation of the entered passcode and the authenticity of the communication software.
  - 15. The hardware token according to claim 14, wherein the security software is configured to cause the computer host to download a reference copy of the communication software from a software update computer to the memory upon unsuccessful validation of the authenticity of the communication software.
  - 16. The hardware token according to claim 13, wherein the memory stores a hash code comprising a one-way hash of the security software, and the security software is configured to determine an authenticity thereof by causing the hardware token to compute a one-way hash of the security software and compare the computed one-way hash against the stored hash code.
  - 17. The hardware token according to claim 16, wherein the memory stores a second hash code comprising a one-way hash of the communication software, and the security software is configured to determine the authenticity of the communication software by causing the computer host to compute a one-way hash of the communication software and compare the computed communication software hash against the second hash code.
  - 18. The hardware token according to claim 13, wherein the memory stores a hash code comprising a one-way hash of the communication software, and the security software is configured to determine an authenticity of the communication software by causing the hardware token to compute a one-way hash of the communication software and compare the computed one-way hash against the stored hash code.
  - 19. The hardware token according to claim 13, wherein the memory comprises a read-only memory and a read-write memory, the security software comprises an integrity check procedure and an application loader procedure, the integrity check procedure being stored in the read-only memory and being configured to determine the authenticity of the application loader procedure, the application loader procedure being configured to determine the authenticity of the communication software, the memory comprises a hash code comprising a one-way hash of the integrity check procedure, and the integrity check procedure is configured to compute a one-way hash of the loader program and to effect loading of the application loader procedure into the computer host memory after a match between the computed one-way hash and the stored hash code.
  - 20. The hardware token according to claim 19, wherein the memory comprises a second hash code comprising a one-way hash of the communication software, the communication software being stored in the read-write memory, and the application loader procedure is configured to compute a one-way hash of the communication software and load the communication software into the computer host memory after a match between the communication software hash and the second hash code.
  - 21. The hardware token according to claim 13, further comprising a wireless card reader coupled to the interface and configured for communication with a RFID device.
  - 22. The hardware token according to claim 13, wherein the interface is configured for removably interfacing the hardware token with the computer host, and the hardware token further comprises a data port coupled to the interface and configured for communication with a keyboard device.

23. A method of effecting a transaction over a network, comprising:
- interfacing a hardware token with a computer host, and interfacing a Smartcard with the hardware token, the computer host being in communication with a computer server over the network, the hardware token, the Smartcard and the computer server all being participants to the transaction;
  
  at each transaction participant verifying an identity of each other participant by receiving at each transaction participant digital signatures each purporting to be signed by a respective one of the other transaction participants, and determining whether each digital signature received at each transaction participant was signed by the respective other participant; and
  
  proceeding with the transaction in accordance with an outcome of the identity verifications.
- View Dependent Claims (24, 25, 26)
- - 24. A method according to claim 23, wherein the Smartcard delegates to the hardware token responsibility for verifying the identity of the computer host by receiving the computer host participant digital signature purporting to be signed by a computer host, and determining whether the purported computer host-signed digital signature received at each transaction participant was signed by the computer host;
    - and proceeding with the transaction in accordance with an outcome of the identity verifications.
  - 25. The method according to claim 23, wherein the digital signature verifying comprises at the hardware token generating a digital signature and transmitting the token-signed digital signature to the Smartcard after successful validation of the digital signature purporting to be signed by the computer server.
  - 26. The method according to claim 25, wherein the digital signature verifying further comprises at the Smartcard generating a digital signature and transmitting the Smartcard-signed digital signature to the hardware token after successful validation of the token-signed digital signature.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SecureKey Technologies, Inc. (Gen Digital Inc.)
Original Assignee
SecureKey Technologies, Inc. (Gen Digital Inc.)
Inventors
Wolfond, Gregory Howard, Engel, Patrick Hans, Roberge, Pierre Antoine

Granted Patent

US 9,094,213 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/172
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04L 63/0869   for achieving mutual authen...

H04L 63/123   received data contents, e.g...

H04L 9/3234   involving additional secure...

H04L 9/3236   using cryptographic hash fu...

H04L 9/3247   involving digital signatures

METHOD AND SYSTEM FOR PROTECTING REAL ESTATE FROM FRADULENT TITLE CHANGES

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

84 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND SYSTEM FOR PROTECTING REAL ESTATE FROM FRADULENT TITLE CHANGES

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

84 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links