System and Method for Providing Diverse Secure Data Communication Permissions to Trusted Applications on a Portable Communication Device
First Claim
1. A system for providing first and second trusted applications diverse permission to communicate via a secure element associated with a portable communication device, the system comprising:
- a first digital identifier and a first digital token operably associated with the first trusted application;
a second digital identifier and a second digital token operably associated with the second trusted application;
a card services module disposed on the portable communication device and operably associated with the secure element to provide an application programming interface to the secure element; and
a secure data table electronically associated with the card service module, the secure data table including a first entry pairing the first digital identifier with the first digital token and a second entry pairing the second digital identifier with the second digital token, the first entry further including a first set of permissions and the second entry further including a second set of permissions,wherein the card services module issues one or more commands to the secure element based on a first action requested by the first trusted application in conjunction with the presentation of the first digital token only if the one or more commands will not violate the first set of permissions and the card services module issues one or more commands to the secure element based on a second action requested by the second trusted application in conjunction with the presentation of the second digital token only if the one more commands will not violate the second set of permissions.
4 Assignments
0 Petitions
Accused Products
Abstract
A system for providing first and second trusted applications diverse permission to communicate via a secure element. The system comprising first digital identifier and digital token operably associated with the first trusted application; a second digital identifier and digital token operably associated with the second trusted application. The system further includes a card services module that provides an application programming interface to the secure element supported by a secure data table including first and second sets of permissions. The card services module issues one or more commands to the secure element based on a first action requested by the first trusted application in conjunction with the presentation of the first digital token only if the one or more commands will not violate the first set of permissions. A method is also disclosed.
20 Citations
13 Claims
-
1. A system for providing first and second trusted applications diverse permission to communicate via a secure element associated with a portable communication device, the system comprising:
-
a first digital identifier and a first digital token operably associated with the first trusted application; a second digital identifier and a second digital token operably associated with the second trusted application; a card services module disposed on the portable communication device and operably associated with the secure element to provide an application programming interface to the secure element; and a secure data table electronically associated with the card service module, the secure data table including a first entry pairing the first digital identifier with the first digital token and a second entry pairing the second digital identifier with the second digital token, the first entry further including a first set of permissions and the second entry further including a second set of permissions, wherein the card services module issues one or more commands to the secure element based on a first action requested by the first trusted application in conjunction with the presentation of the first digital token only if the one or more commands will not violate the first set of permissions and the card services module issues one or more commands to the secure element based on a second action requested by the second trusted application in conjunction with the presentation of the second digital token only if the one more commands will not violate the second set of permissions. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for providing first and second trusted applications diverse permission to communicate via a secure element associated with a portable communication device, the method comprising:
-
assigning a first set of permissions to the first trusted application; assigning a second set of permissions to the second trusted application; requesting from the first trusted application that a card services module operably associated with the secure element implement a first action; and issuing one or more commands to the secure element based on the first action requested by the first trusted application only if the one or more commands will not violate the first set of permissions. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
Specification