SYSTEMS AND METHODS FOR NFC ACCESS CONTROL IN A SECURE ELEMENT CENTRIC NFC ARCHITECTURE

US 20150089586A1
Filed: 09/24/2013
Published: 03/26/2015
Est. Priority Date: 09/24/2013
Status: Active Grant

First Claim

Patent Images

1. A computer-readable medium storing computer-executable instructions which, when executed by a processor, cause the processor to perform operations comprising:

receiving a request for information;

processing the received request to identify a first access level associated with the request and a second access level associated with an originator of the request;

determining if the first access level matches the second access level;

in response to determining the first access level does not match the second access level, transmitting a message to the originator of the request indicating a denial of the request; and

in response to determining the first access level matches the second access level,transmitting the request to a near field communication (NFC) controller;

receiving information from the NFC controller; and

transmitting the information from the NFC controller to the originator of the request.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This disclosure describes systems, methods, and computer-readable media related to near field communication (NFC) access control in a secure element centric NFC architecture. A secure element may receive a request for information and process the received request to identify a first access level associated with the request and a second access level associated with an originator of the request. The secure element may determine if the first access level matches the second access level. If the first access level does not match the second access level, the secure element may transmit a message to the originator of the request indicating a denial of the request. If the first access level does match the second access level, the secure element may transmit the request to a near field communication (NFC) controller, receive information from the NFC controller, and transmit the information from the NFC controller to the originator of the request.

Citations

24 Claims

1. A computer-readable medium storing computer-executable instructions which, when executed by a processor, cause the processor to perform operations comprising:
- receiving a request for information;
  
  processing the received request to identify a first access level associated with the request and a second access level associated with an originator of the request;
  
  determining if the first access level matches the second access level;
  
  in response to determining the first access level does not match the second access level, transmitting a message to the originator of the request indicating a denial of the request; and
  
  in response to determining the first access level matches the second access level,transmitting the request to a near field communication (NFC) controller;
  
  receiving information from the NFC controller; and
  
  transmitting the information from the NFC controller to the originator of the request.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The computer-readable medium of claim 1, wherein processing the received request to identify the first access level associated with the request and the second access level associated with the originator of the request further comprises:
    - processing, based at least in part on one or more access control policies, the received request to identify the first access level associated with the request and the second access level associated with the originator of the request.
  - 3. The computer-readable medium of claim 2, wherein the computer-executable instructions further cause the processor to perform operations comprising:
    - receiving the one or more access control policies from a trusted service manager, wherein the one or more access control policies are encrypted by the trusted service manager based at least in part on a secure key.
  - 4. The computer-readable medium of claim 3, wherein the computer-executable instructions further cause the processor to perform operations comprising:
    - decrypting the one or more access control policies from the trusted service manager using a second locally stored secure key.
  - 5. The computer-readable medium of claim 1, wherein the computer-executable instructions further cause the processor to perform operations comprising:
    - generating one or more instructions based at least in part on the request, wherein the one or more instructions instruct the NFC controller to enter a mode; and
      
      transmitting the one or more instructions to the NFC controller.
  - 6. The computer-readable medium of claim 1, wherein the mode is one of a card emulation mode, a reader/writer mode, or a peer-to-peer communication mode.
  - 7. The computer-readable medium of claim 1, wherein the information from the NFC controller is received from an NFC enabled device.

8. A computer-implemented method comprising:
- receiving, by a secure element, a request for information;
  
  processing, by the secure element, the received request to identify a first access level associated with the request and a second access level associated with an originator of the request;
  
  determining, by the secure element, if the first access level matches the second access level;
  
  in response to determining the first access level does not match the second access level, transmitting, by the secure element, a message to the originator of the request indicating a denial of the request; and
  
  in response to determining the first access level matches the second access level,transmitting, by the secure element, the request to a near field communication (NFC) controller;
  
  receiving, by the secure element, information from the NFC controller; and
  
  transmitting, by the secure element, the information from the NFC controller to the originator of the request.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The computer-implemented method of claim 8, wherein processing the received request to identify the first access level associated with the request and the second access level associated with the originator of the request further comprises:
    - processing, by the secure element based at least in part on one or more access control policies, the received request to identify the first access level associated with the request and the second access level associated with the originator of the request.
  - 10. The computer-implemented method of claim 9, further comprising:
    - receiving, by the secure element, the one or more access control policies from a trusted service manager, wherein the one or more access control policies are encrypted by the trusted service manager based at least in part on a secure key.
  - 11. The computer-implemented method of claim 10, further comprising:
    - decrypting, by the secure element, the one or more access control policies from the trusted service manager using a second locally stored secure key.
  - 12. The computer-implemented method of claim 8, further comprising:
    - generating, by the secure element, one or more instructions based at least in part on the request, wherein the one or more instructions instruct the NFC controller to enter a mode; and
      
      transmitting, by the secure element, the one or more instructions to the NFC controller.
  - 13. The computer-implemented method of claim 8, wherein the mode is one of a card emulation mode, a reader/writer mode, or a peer-to-peer communication mode.
  - 14. The computer-implemented method of claim 13, wherein the information from the NFC controller is received from an NFC enabled device.
  - 15. The computer-implemented method of claim 8, wherein the secure element comprises at least one of an NFC access control applet, an NFC control native application, or an NFC access control Java Card operating system extension.

16. A device comprising:
- one or more antennas;
  
  one or more radios;
  
  at least one transceiver;
  
  at least one near field communication (NFC) controller;
  
  at least one processor;
  
  at least one memory storing computer-executable instructions; and
  
  at least one secure element, wherein the at least one secure element is configured to access the at least one memory and to execute the computer-executable instructions to;
  
  receive a request for information;
  
  process the received request to identify a first access level associated with the request and a second access level associated with an originator of the request;
  
  determine if the first access level matches the second access level;
  
  in response to a determination that the first access level does not match the second access level, transmit a message to the originator of the request indicating a denial of the request; and
  
  in response to a determination that the first access level matches the second access level,transmit the request to the at least one NFC controller;
  
  receive information from the at least one NFC controller; and
  
  transmit the information from the at least one NFC controller to the originator of the request.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
- - 17. The device of claim 16, wherein, to process the received request to identify the first access level associated with the request and the second access level associated with the originator of the request, the at least one secure element is configured to access the at least one memory and to execute the computer-executable instructions to:
    - process, based at least in part on one or more access control policies, the received request to identify the first access level associated with the request and the second access level associated with the originator of the request.
  - 18. The device of claim 17, wherein the at least one secure element is configured to access the at least one memory and to execute the computer-executable instructions to:
    - receive the one or more access control policies from a trusted service manager, wherein the one or more access control policies are encrypted by the trusted service manager based at least in part on a secure key.
  - 19. The device of claim 18, wherein the at least one secure element is configured to access the at least one memory and to execute the computer-executable instructions to:
    - decrypt the one or more access control policies from the trusted service manager using a second locally stored secure key.
  - 20. The device of claim 16, wherein the at least one secure element is configured to access the at least one memory and to execute the computer-executable instructions to:
    - generate one or more instructions based at least in part on the request, wherein the one or more instructions instruct the at least one NFC controller to enter a mode; and
      
      transmit the one or more instructions to the at least one NFC controller.
  - 21. The device of claim 16, wherein the mode is one of a card emulation mode, a reader/writer mode, or a peer-to-peer communication mode.
  - 22. The device of claim 21, wherein the information from the at least one NFC controller is received from an NFC enabled device.
  - 23. The device of claim 16, wherein the secure element comprises at least one of an NFC access control applet, an NFC control native application, or an NFC access control Java Card operating system extension.

24-25. -25. (canceled)

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Miguel Ballesteros
Original Assignee
Intel Corporation
Inventors
Ballesteros, Miguel

Granted Patent

US 10,194,318 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/3
CPC Class Codes

G06F 21/44   Program or device authentic...

G06F 21/62   Protecting access to data v...

H04L 63/102   Entity profiles

H04L 63/105   Multiple levels of security

H04L 63/20   for managing network securi...

H04W 12/088   using filters or firewalls

H04W 4/80   Services using short range ...

SYSTEMS AND METHODS FOR NFC ACCESS CONTROL IN A SECURE ELEMENT CENTRIC NFC ARCHITECTURE

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEMS AND METHODS FOR NFC ACCESS CONTROL IN A SECURE ELEMENT CENTRIC NFC ARCHITECTURE

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links