SECURE ISLAND COMPUTING SYSTEM AND METHOD

US 20130086691A1
Filed: 08/23/2012
Published: 04/04/2013
Est. Priority Date: 09/29/2011
Status: Active Grant

First Claim

Patent Images

1. A method for generating an n-bit result comprising:

receiving, by a secure containment device (SCD), a request to generate the n-bit result, wherein the request comprises an n-bit generator input and a master secret identifier and wherein the request is sent from an application executing on a host system using a first input/output (I/O) interface;

disabling, by the SCD, all I/O interfaces on the SCD between the host system and the SCD after receiving the request from the host system;

after disabling all the I/O interfaces on the SCD between the host system and the SCD;

providing, by the SCD, the n-bit generator input and the master secret identifier to a secured hardware token over a second I/O interface;

receiving, by the SCD, the n-bit result from the secured hardware token over the second I/O interface;

enabling, by the SCD, at least the first I/O interface after the n-bit result is generated; and

providing by the SCD, after enabling the first I/O interface, the n-bit result to the application using the first I/O interface.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for generating an n-bit result includes a secured containment device (SCD) receiving a request to generate the n-bit result. The request includes an n-bit generator input and a master secret identifier. The request is sent from an application executing on a host system using an input/output (I/O) interface. The SCD disables all I/O interfaces on the SCD between the host system and the SCD. After disabling all the I/O interfaces on the SCD between the host system and the SCD, the SCD provides the n-bit generator input and the master secret identifier to a secured hardware token over a second I/O interface, receives the n-bit result from the secured hardware token over the second I/O interface, enables at least the first I/O interface after the n-bit result is generated, and provides, after enabling the first I/O interface, the n-bit result to the application using the first I/O interface.

37 Citations

View as Search Results

15 Claims

1. A method for generating an n-bit result comprising:
- receiving, by a secure containment device (SCD), a request to generate the n-bit result, wherein the request comprises an n-bit generator input and a master secret identifier and wherein the request is sent from an application executing on a host system using a first input/output (I/O) interface;
  
  disabling, by the SCD, all I/O interfaces on the SCD between the host system and the SCD after receiving the request from the host system;
  
  after disabling all the I/O interfaces on the SCD between the host system and the SCD;
  
  providing, by the SCD, the n-bit generator input and the master secret identifier to a secured hardware token over a second I/O interface;
  
  receiving, by the SCD, the n-bit result from the secured hardware token over the second I/O interface;
  
  enabling, by the SCD, at least the first I/O interface after the n-bit result is generated; and
  
  providing by the SCD, after enabling the first I/O interface, the n-bit result to the application using the first I/O interface.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, further comprising:
    - after disabling all the I/O interfaces between the host system and the SCD;
      
      obtaining, by the SCD, a token activation code by the SCD from a user, wherein the token activation code is input by the user via a user interface on the SCD;
      
      providing, by the SCD, the token activation code to the secured hardware token, wherein the n-bit result is generated upon successful activation of the secured hardware token using the token activation code.
  - 3. The method of claim 1, further comprising:
    - after disabling all the I/O interfaces between the host system and the SCD;
      
      receiving a notification from the secured token hardware that the n-bit result has been generated,wherein enabling the first I/O interface is initiated in response to the notification.
  - 4. The method of claim 1, wherein the user interface on the SCD is one selected from a group consisting of a ten digit keypad, a touch screen, a QWERTY keyboard.
  - 5. The method of claim 1, wherein the second I/O interface is disabled when the first I/O interface is enabled.
  - 6. The method of claim 1, wherein the n-bit result is one of a plurality of n-bit results.

7. A non-transitory computer readable medium comprising instructions, which when executed perform a method, the method comprising:
- receiving, by a secure containment device (SCD), a request to generate an n-bit result, wherein the request comprises an n-bit generator input and a master secret identifier and wherein the request is sent from an application executing on a host system using a first input/output (I/O) interface;
  
  disabling, by the SCD, all I/O interfaces on the SCD between the host system and the SCD after receiving the request from the host system;
  
  after disabling all the I/O interfaces on the SCD between the host system and the SCD;
  
  providing, by the SCD, the n-bit generator input and the master secret identifier to a secured hardware token over a second I/O interface;
  
  receiving, by the SCD, the n-bit result from the secured hardware token over the second I/O interface;
  
  enabling, by the SCD, at least the first I/O interface after the n-bit result is generated; and
  
  providing by the SCD, after enabling the first I/O interface, the n-bit result to the application using the first I/O interface.

8. A secure containment device (SCD), comprising:
- a first input/out (I/O) interface connected to a host system;
  
  a second I/O interface connected to a secured hardware token;
  
  a processor;
  
  a memory connected to the processor, comprising instructions, when executed by the processor perform a method, the method comprising;
  
  receiving, from an application on the host system over the first I/O interface, a request to generate an n-bit result, wherein the request comprises an n-bit generator input and a master secret identifier;
  
  disabling, by the SCD, the first I/O interface;
  
  after disabling the first I/O interface;
  
  providing the n-bit generator input and the master secret identifier to the secured hardware token over the second I/O interface;
  
  receiving the n-bit result from the secured hardware token over the second I/O interface;
  
  enabling the first I/O interface after the n-bit result is generated; and
  
  providing, after enabling the first I/O interface, the n-bit result to the application using the first I/O interface.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein the first I/O interface is one selected from a group consisting of a universal serial bus (USB) interface, a wireless interface, and a wired interface.
  - 10. The system of claim 8, wherein the second I/O interface is one selected from a group consisting of a USB interface, an Secure Digital (SD) card slot, a mircoSD card slot, and a miniSD card slot.
  - 11. The system of claim 8, wherein the processor is at least one selected from a group consisting of an ARM processor and an embedded processor.
  - 12. The system of claim 8, wherein the user interface on the SCD is one selected from a group consisting of a twelve digit keypad, a touch screen, and a QWERTY keyboard.
  - 13. The system of claim 8, wherein the user interface comprises a keyboard and a display.
  - 14. The system of claim 8, wherein the second I/O interface is disabled when the first I/O interface is enabled.

15. A secure containment device (SCD), comprising:
- a first input/out (I/O) interface connected to a host system;
  
  a second I/O interface connected to a secured hardware token;
  
  an integrated circuit configured to;
  
  receive, from an application on the host system over the first I/O interface, a request to generate an n-bit result, wherein the request comprises an n-bit generator input and a master secret identifier;
  
  disable, by the SCD, the first I/O interface;
  
  after disabling the first I/O interface;
  
  provide the n-bit generator input and the master secret identifier to the secured hardware token over the second I/O interface;
  
  receive the n-bit result from the secured hardware token over the second I/O interface;
  
  enable the first I/O interface after the n-bit result is generated; and
  
  provide, after enabling the first I/O interface, the n-bit result to the application using the first I/O interface.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
PACid Technologies, LLC
Original Assignee
PACid Technologies, LLC
Inventors
Fielder, Guy

Granted Patent

US 8,479,021 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/26
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 21/78   to assure secure storage of...

G06F 2212/1052   Security improvement

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/083   using passwords cryptograph...

H04L 63/0861   using biometrical features,...

SECURE ISLAND COMPUTING SYSTEM AND METHOD

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

37 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

SECURE ISLAND COMPUTING SYSTEM AND METHOD

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

37 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links