SMART CARD READER WITH A SECURE LOGGING FEATURE
First Claim
1. A smart card reader for generating electronic signatures in conjunction with an inserted smart card comprising:
- a communication interface for communicating with a host computer;
a smart card connector for communicating with the smart card;
a first memory component for securely storing one or more cryptographic keys;
a second memory component for storing a log;
a user interface comprising a user output interface for presenting information to the user and a user input interface for receiving user indications;
a data processing component for communicating with the host computer, communicating with the smart card and driving the user interface;
said smart card reader adapted to exchange smart card commands with a smart card using the smart card connector;
said smart card reader further adapted to operate in a secure logging mode in which the smart card reader logs in said log security related events relative to the reader or the reader'"'"'s usage; and
said smart card reader further adapted to generate a reader signature on said log using at least one of the one or more cryptographic keys stored in said first memory.
2 Assignments
0 Petitions
Accused Products
Abstract
A secure smart card reader is disclosed that is enabled to make reader signatures on data representative of events and actions which may be security related and which may include data representative of reader commands received from a host or remote application, smart card commands exchanged with an inserted smart card, data presented to a user for approval, and/or configuration parameters applied when dealing with any of the foregoing. The smart card reader may be adapted to maintain logs of events and actions which may include exchanging reader commands, exchanging smart card commands, and/or interactions with a user. The logs may include data representative of the reader commands received, the smart card commands exchanged, data presented to the user for approval, and/or configuration parameters applied when dealing with any of the foregoing. The secure smart card reader may be adapted to generate a reader signature over the logs.
-
Citations
35 Claims
-
1. A smart card reader for generating electronic signatures in conjunction with an inserted smart card comprising:
-
a communication interface for communicating with a host computer; a smart card connector for communicating with the smart card; a first memory component for securely storing one or more cryptographic keys; a second memory component for storing a log; a user interface comprising a user output interface for presenting information to the user and a user input interface for receiving user indications; a data processing component for communicating with the host computer, communicating with the smart card and driving the user interface; said smart card reader adapted to exchange smart card commands with a smart card using the smart card connector; said smart card reader further adapted to operate in a secure logging mode in which the smart card reader logs in said log security related events relative to the reader or the reader'"'"'s usage; and said smart card reader further adapted to generate a reader signature on said log using at least one of the one or more cryptographic keys stored in said first memory. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 34, 35)
-
-
21. A method for generating an electronic signature over data to be signed comprising the steps of:
-
connecting a smart card reader to a host computer; inserting a smart card in the reader; the reader entering a secure logging mode; submitting to the reader data for review and approval by a user; presenting to the user by the reader using a user output interface on the reader the data for review and approval by a user; capturing by the reader using a user input interface on the reader the user'"'"'s approval of the presented data; logging by the reader in a log on the reader the data for review and approval; submitting to the inserted smart card data to be signed, thereafter generating by the inserted smart card an electronic card signature over the submitted data to be signed, and thereafter obtaining from the inserted smart card the generated electronic card signature over the submitted data; generating by the reader an electronic reader signature over the log on the reader using a cryptographic data signing algorithm parameterized with a cryptographic key stored in the reader and thereafter obtaining the electronic reader signature over the log generated by the reader. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
-
Specification