Web Server Bypass of Backend Process on Near Field Communications and Secure Element Chips

US 20130305333A1
Filed: 05/11/2012
Published: 11/14/2013
Est. Priority Date: 05/11/2012
Status: Active Grant

First Claim

Patent Images

1. A mobile access terminal providing access to data in a secure element of the mobile access terminal comprising:

the secure element;

a web browser;

a near field communications system;

an over-the-air proxy;

an application programming interface layer; and

a web server residing on a secure storage area of the mobile access terminal, wherein the web browser is provided with exclusive access to the web server.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mobile access terminal providing access to data in a secure element of the mobile access terminal is provided. The mobile access terminal comprises the secure element; a web browser; a near field communications system; an over-the-air proxy; an application programming interface layer; and a web server residing on a secure storage area of the mobile access terminal, wherein the web browser is provided with exclusive access to the web server.

Citations

20 Claims

1. A mobile access terminal providing access to data in a secure element of the mobile access terminal comprising:
- the secure element;
  
  a web browser;
  
  a near field communications system;
  
  an over-the-air proxy;
  
  an application programming interface layer; and
  
  a web server residing on a secure storage area of the mobile access terminal, wherein the web browser is provided with exclusive access to the web server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The system of claim 1, wherein the web server resides within the secure element of the mobile access terminal, and wherein the web server comprises one or more of software and hardware.
  - 3. The system of claim 1, wherein the web server is operable to interact with the web browser to share data from the secure element.
  - 4. The system of claim 1, wherein a call session control function resides on the core of the secure element.
  - 5. The system of claim 1, wherein the secure element comprises dedicated, embedded hardware in the mobile access terminal.
  - 6. The system of claim 1, wherein the secure element further comprises a kernel of an operating system.
  - 7. The system of claim 1, wherein the web browser accesses the web server via one or more of a certificate and a secret key.
  - 8. The system of claim 1, wherein the web server is secure and is protected from being compromised.

9. A method for securing user data on a mobile access terminal comprising:
- providing, by a mobile access terminal, a secure element, a web browser, a near field communication system, an over-the-air proxy, a trusted security zone, an application programming interface layer, and a web server, wherein the web server is located in a secure storage area of the mobile access terminal;
  
  securely storing, by the mobile access terminal, secure user data of the user of the mobile access terminal;
  
  initiating, by the mobile access terminal, a transaction with another system;
  
  accessing the secure data from the web server in the secure storage area of the mobile access terminal by the web browser of the mobile access terminal, wherein the access is exclusive to the web browser of the mobile access terminal; and
  
  executing a secure transaction, by the mobile access terminal, with another system.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The method of claim 9, wherein the web server resides within one or more of a secure element of the mobile access terminal and a trusted security zone of the mobile access terminal.
  - 11. The method of claim 10, wherein the web server is operable to interface with the web browser to share data from one or more of the secure element and the trusted security zone.
  - 12. The method of claim 9, further comprising a call session control function residing on the core of the secure element.
  - 13. The method of claim 9, wherein the trusted security zone is built into the mobile access terminal processor architecture.
  - 14. The method of claim 9, wherein the secure user data is stored in the trusted security zone of the mobile access terminal and wherein the stored secure user data comprises a certificate and a secret key for use by an enterprise application on the mobile access terminal to verify the identity of the device to an enterprise cloud service.
  - 15. The method of claim 14, wherein the enterprise application accesses the web server using the Hypertext Transfer Protocol Secure (HTTPS) protocol to create a secure tunnel to retrieve the certificate and secret key.

16. A mobile access terminal providing access to data in a secure element of the mobile access terminal comprising:
- the secure element;
  
  a web browser;
  
  a near field communications system;
  
  an over-the-air proxy;
  
  a trusted security zone;
  
  an application programming interface layer; and
  
  a web server residing on a secure storage area of the mobile access terminal, wherein the web browser is provided with exclusive access to the web server.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The system of claim 16, wherein the web server resides within one or more of the secure element and the trusted security zone of the mobile access terminal, and wherein the web server comprises one or more of software and hardware.
  - 18. The system of claim 16, wherein the web server is operable to interact with the web browser to share data from one or more of the secure element and the trusted security zone.
  - 19. The system of claim 16, wherein the web server resides within the trusted security zone of the mobile access terminal, and wherein the web server enables communication using the Hypertext Transfer Protocol Secure (HTTPS) protocol.
  - 20. The system of claim 19, further comprising an enterprise application communicating with an enterprise cloud service, wherein the enterprise application accesses the web server to retrieve a certificate and a secret key stored in the trusted security zone and wherein the certificate and the secret key are used to confirm the identity of the mobile access terminal to the enterprise cloud service.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
T-Mobile Innovations LLC (Deutsche Telekom AG)
Original Assignee
Sprint Communications Company LP (Deutsche Telekom AG)
Inventors
Katzer, Robin D., Paczkowski, Lyle W.

Granted Patent

US 9,027,102 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/7
CPC Class Codes

G06F 21/6245   Protecting personal data, e...

G06Q 20/3227   using secure elements embed...

G06Q 20/3278   RFID or NFC payments by mea...

H04W 12/08   Access security

H04W 4/80   Services using short range ...

Web Server Bypass of Backend Process on Near Field Communications and Secure Element Chips

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Web Server Bypass of Backend Process on Near Field Communications and Secure Element Chips

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links