PORTABLE ENCRYPTION AND AUTHENTICATION SERVICE MODULE

US 20160226833A1
Filed: 01/29/2016
Published: 08/04/2016
Est. Priority Date: 01/29/2015
Status: Active Grant

First Claim

Patent Images

11. The portable, hand-held electronic device of claim 1, wherein the software instructions further configure the processor to decrypt the information.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Portable, hand-held electronic devices and methods to allow a user to anonymously utilize a host device are presented. The host device includes a processor to communicate with an application having a target network address. The portable, hand-held electronic devices includes an onboard database that stores user credential information and a portable encryption and authentication service module (PPEASM) that allows to make a secure communication channel with the host device. The PPEASM configures the processor of the host device to instantiate a virtual machine and render an encrypted messaging interface for communicating between the virtual machine and the application in the host device. Then, PPEASM can also configure the processor to negotiate authentication of the user with the application by utilizing the user credential information and information received through the encrypted messaging interface.

Citations

21 Claims

11. The portable, hand-held electronic device of claim 1, wherein the software instructions further configure the processor to decrypt the information.
- View Dependent Claims (1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 1. A portable, hand-held electronic device, through which a user can anonymously utilize a host device comprising a processor to communicate with an application having a target network address, wherein the host device includes a native operating system (OS), the portable, hand-held electronic device comprises:
    - an onboard database that stores user credential information; and
      
      an onboard memory storing software instructions that, when executed by the processor, configure the processor to perform the steps of (a) instantiating a virtual machine that runs on top of the native OS, wherein the virtual machine comprises a Transmission Control Protocol/Internet Protocol (TCP/IP) messaging server having an IP address different from any IP address of the host device, (b) rendering an encrypted messaging interface that utilizes the TCP/IP messaging server for communicating between the virtual machine and the application over a TCP/IP networking layer, and (c) negotiating authentication of the user with the application by utilizing the user credential information and information received through the encrypted messaging interface.
  - 2. The portable, hand-held electronic device of claim 1, wherein the application runs on top of the native OS.
  - 3. The portable, hand-held electronic device of claim 1, wherein the application runs on a remote device communicatively coupled to the host device over a network.
  - 4. The portable, hand-held electronic device of claim 1, wherein the software instructions further configure the processor to establish a secured communication channel between the virtual machine and the application over the TCP/IP networking layer.
  - 5. The portable, hand-held electronic device of claim 4, wherein the software instructions further configure the processor to send the user credential information to the application through the secured communication channel.
  - 6. The portable, hand-held electronic device of claim 5, wherein the software instructions further configure the processor to encrypt the user credential information before sending the encrypted user credential to the target address.
  - 7. The portable, hand-held electronic device of claim 1, wherein the host device further comprises a network card, wherein the software instructions further configure the processor to enable the virtual machine to utilize the network card to communicate with the application via an interface of the native OS.
  - 8. The portable, hand-held electronic device of claim 1, wherein the user credential comprises at least one of the following:
    - a password, a challenge phrase, and a challenge phrase hash.
  - 9. The portable, hand-held electronic device of claim 1, wherein the virtual machine comprises a secure Linux Kernel.
  - 10. The portable, hand-held electronic device of claim 1, wherein the onboard database further comprises a static read-only data volume for certificate storage and a read/write data volume for runtime work.
  - 12. The portable, hand-held electronic device of claim 1, wherein the software instructions further configure the processor to provide a user interface that enables the user to interact with the application via the virtual machine.
  - 13. The method of claim 11, wherein the application runs on a remote device communicatively coupled to the host device over a network.
  - 14. The method of claim 11, further comprising establishing a secured communication channel between the virtual machine and the application over the TCP/IP networking layer.
  - 15. The method of claim 14, further comprising sending, by the virtual machine, the user credential information to the application through the secured communication channel.
  - 16. The method of claim 15, wherein the software instructions further configure the processor to encrypt the user credential information before sending it the target address.
  - 17. The method of claim 15, wherein sending the user credential information comprises utilizing a network card of the host device to send the user credential information to the application via an interface of the native OS.
  - 18. The method of claim 11, wherein the user credential comprises at least one of the following:
    - a password, a challenge phrase, and a challenge phrase hash.
  - 19. The method of claim 1, wherein the virtual machine comprises a secure Linux Kernel.
  - 20. The method of claim 1, further comprising decrypting the information received through the encrypted messaging interface.
  - 21. The method of claim 11, further comprising enabling the user to interact with the application via the virtual machine.

11-1. A method of authenticating a user to access an application having a target network address, comprising:
- causing a processor of a host device to instantiate a virtual machine on top of a native operating system (OS) running on the host device, wherein the virtual machine stores user credential information associated with the user;
  
  instantiating, by the virtual machine, a Transmission Control Protocol/Internet Protocol (TCP/IP) messaging server having an IP address different from any IP address of the host device;
  
  rendering, by the virtual machine, an encrypted messaging interface that utilizes that TCP/IP messaging server to communicate with the application over a TCP/IP networking layer; and
  
  negotiating, by the virtual machine, authentication of the user with the application by utilizing the user credential information and information received through the encrypted messaging interface.

12-1. The method of claim 11, wherein the application runs on top of the native OS.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Webcloak LLC
Original Assignee
Webcloak LLC
Inventors
Dawson, Martin

Granted Patent

US 10,171,427 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 63/0853   using an additional device,...

H04L 69/162   involving adaptations of so...

H04L 69/321   Interlayer communication pr...

H04W 12/06   Authentication

H04W 12/068   using credential vaults, e....

PORTABLE ENCRYPTION AND AUTHENTICATION SERVICE MODULE

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

PORTABLE ENCRYPTION AND AUTHENTICATION SERVICE MODULE

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links