USE OF A SECURE ELEMENT FOR WRITING TO AND READING FROM MACHINE READABLE CREDENTIALS

US 20110264926A1
Filed: 09/10/2009
Published: 10/27/2011
Est. Priority Date: 09/12/2008
Status: Abandoned Application

First Claim

Patent Images

1. A secure element comprising:

information including one or more of cryptographic material, sensitive data, and encoding rules; and

a provisioning program operable to access the information and provide the information via a secure communication channel to an encoding device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for conducting secure communications with credential cards using existing reader/writer hardware that enhances the security of the provisioning process is provided. The method moves the sensitive data contained in these communications together with the program that uses this sensitive data for the purpose of interacting with a credential card inside a secure computational element such as an integrated circuit card. The provisioning program inside the secure element issues commands to readers/writers of existing art in order to establish secure communication with the credential card and then uses the secure channel so created for the purpose of direction communication between the secure computation element and the credential card.

33 Citations

View as Search Results

22 Claims

1. A secure element comprising:
- information including one or more of cryptographic material, sensitive data, and encoding rules; and
  
  a provisioning program operable to access the information and provide the information via a secure communication channel to an encoding device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The secure element of claim 1, wherein the provisioning program resides inside an integrated circuit.
  - 3. The secure element of claim 1, wherein the encoding rules are utilized by the encoding device to provision a credential card.
  - 4. The secure element of claim 1, wherein the encoding rules and sensitive data are provided to the encoding device in response to the secure element receiving a request for the encoding rules and sensitive data.
  - 5. The secure element of claim 1, wherein the secure element resides within the encoding device.
  - 6. The secure element of claim 1, wherein the secure element is a peripheral device to the encoding device.
  - 7. The secure element of claim 1, wherein the secure element comprises two communication channels, a first of the two channels being in communication with an initiator and a second of the two channels being in communication with a device comprising the encoding device.
  - 8. The secure element of claim 7, wherein the first channel uses a USB communication protocol and the second channel uses a serial communication protocol.

9. A system, comprising:
- an encoding device; and
  
  a secure element, the secure element comprising information including one or more of cryptographic material, sensitive data, and encoding rules and further comprising a provisioning program operable to access the information and provide the information via a secure communication channel to the encoding device.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 10. The system of claim 9, wherein the secure element is integral to the encoding device.
  - 11. The system of claim 9, wherein the encoding rules, cryptographic material, and sensitive data are utilized by the encoding device to provision a credential card.
  - 12. The system of claim 11, wherein the encoding device is only allowed to provision a predetermined number of credential cards before the secure element begins to restrict the encoding device'"'"'s ability to provision credential cards.
  - 13. The system of claim 9, wherein the encoding rules are provided to the encoding device in response to the secure element receiving a request for the encoding rules.
  - 14. The system of claim 9, wherein the secure element is a peripheral device to the encoding device.
  - 15. The system of claim 9, further comprising:
    - an initiator adapted to interface with an administrative user, wherein the initiator is further adapted to provide one or more messages to the encoding device instructing the encoding device to provision a credential.
  - 16. The system of claim 15, wherein the secure element resides in the initiator and the initiator is capable of retrieving the encoding rules and providing the encoding rules to the encoding device via the secure communication channel.
  - 17. The system of claim 15, wherein the secure element comprises two communication channels, a first of the two channels being in communication with the initiator and a second of the two channels being in communication with the encoding device.
  - 18. The system of claim 17, wherein the first channel uses a USB communication protocol and the second port uses a serial communication protocol.
  - 19. The system of claim 9, wherein the secure element comprises an antenna for communicating wirelessly with a credential card and wherein the secure element comprises the encoding device.

20. A method, comprising:
- receiving, at an encoding device, instructions to provision a credential;
  
  retrieving, by the encoding device, encoding rules, cryptographic data, and/or sensitive data from a secure element and using the information retrieved from the secure element to provision the credential.
- View Dependent Claims (21, 22)
- - 21. The method of claim 20, wherein the secure element is integral to the encoding device.
  - 22. The method of claim 20, wherein the information is provided to the encoding device in response to the secure element receiving a request for the encoding rules.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Assa Abloy AB
Original Assignee
Assa Abloy AB
Inventors
Guthery, Scott B.

Application Number

US13/063,072
Publication Number

US 20110264926A1
Time in Patent Office

Days
Field of Search
US Class Current

713/193
CPC Class Codes

G06F 21/606   by securing the transmissio...

G06F 21/85   interconnection devices, e....

H04L 63/0853   using an additional device,...

H04L 63/20   for managing network securi...

USE OF A SECURE ELEMENT FOR WRITING TO AND READING FROM MACHINE READABLE CREDENTIALS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

33 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

USE OF A SECURE ELEMENT FOR WRITING TO AND READING FROM MACHINE READABLE CREDENTIALS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

33 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links