Personal access management system

US 5,619,574 A
Filed: 02/13/1995
Issued: 04/08/1997
Est. Priority Date: 02/13/1995
Status: Expired due to Term

First Claim

Patent Images

1. A method for coordinating the exchange of information between a user device and a provider device, comprising the steps of:

the user device;

generating a message;

retrieving a user device file name and a set of identification information stored in the user device;

deriving a first key code;

processing said identification information using said first key code to derive a set of processed identification information;

sending said user device file name, said processed identification information, and said message to the provider device;

the provider device;

receiving said user device file name, said processed identification information, and said message;

accessing a user file stored in the provider device using said user device file name as an index, said user file containing a set of recognition parameters corresponding to the user device;

deriving a second key code using said recognition parameters;

processing said processed identification information using said second key code to derive a set of de-processed identification information;

comparing said de-processed identification information with a set of reference information stored in said user file; and

terminating communication with the user device in response to a determination that said de-processed identification information is inconsistent with said reference information.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A multi-component system for linking a user to a product or service provider includes a user processing device, a storage device, and a provider device. The storage device stores provider-specific application software, user-specific data, and a file management program. The storage device and the processing device are coupled to each other to form a user device which communicates with the provider device. Under direction of the file management program, the processing device carries out a recognition methodology which determines whether the processing device and the storage device are authorized to operate with each other. This aspect of the system makes it possible to render the storage device operable only with a specific user processing device, referred to as the principal processing device. This, in turn, reduces the possibility of fraud since the storage device cannot be used without the principal processing device. Once it is determined that the processing and storage devices are authorized to interact with each other, the processing device executes the provider-specific application software to exchange information with the provider device. Together, the user and provider devices implement unique recognition and comprehension methodologies to ensure that the parties are authorized to communicate with each other and to ensure that the information exchanged cannot be understood by third parties. Overall, the system provides a highly secure mechanism for transferring information from one party to another.

Citations

92 Claims

1. A method for coordinating the exchange of information between a user device and a provider device, comprising the steps of:
- the user device;
  
  generating a message;
  
  retrieving a user device file name and a set of identification information stored in the user device;
  
  deriving a first key code;
  
  processing said identification information using said first key code to derive a set of processed identification information;
  
  sending said user device file name, said processed identification information, and said message to the provider device;
  
  the provider device;
  
  receiving said user device file name, said processed identification information, and said message;
  
  accessing a user file stored in the provider device using said user device file name as an index, said user file containing a set of recognition parameters corresponding to the user device;
  
  deriving a second key code using said recognition parameters;
  
  processing said processed identification information using said second key code to derive a set of de-processed identification information;
  
  comparing said de-processed identification information with a set of reference information stored in said user file; and
  
  terminating communication with the user device in response to a determination that said de-processed identification information is inconsistent with said reference information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, further comprising the steps of:
    - the provider device;
      
      generating a new user device file name;
      
      sending said new user device file name to the user device;
      
      the user device;
      
      receiving said new user device file name;
      
      generating a new message; and
      
      sending at least said new device file name and said new message to the provider device.
  - 3. The method of claim 2, wherein the provider device assigns said new user device file name to said user file, and wherein said method further comprises the steps of:
    - the provider device;
      
      receiving said new device file name and said new message; and
      
      accessing said user file, using said new device file name as an index, to retrieve said recognition parameters corresponding to the user device.
  - 4. The method of claim 1, wherein the user device has a provider historical file maintained therein, and wherein said identification information includes an entry from said provider historical file.
  - 5. The method of claim 4, further comprising the steps of:
    - the provider device;
      
      generating a provider historical file entry designation;
      
      sending said entry designation to the user device;
      
      the user device;
      
      receiving said entry designation;
      
      retrieving an entry from said provider historical file corresponding to said entry designation; and
      
      sending said provider historical file entry corresponding to said entry designation to the provider device as identification information in a subsequent transmission.
  - 6. The method of claim 1, wherein said identification information includes an encrypted application address (EAA) assigned to the user device, and wherein said method further comprises the step of:
    - the provider device;
      
      decrypting said EAA using a secret provider key code as a decryption key to derive an encrypted transaction address (ETA), said ETA representing an address at which other information pertaining to the user device is stored.
  - 7. The method of claim 1, wherein the step of generating said message comprises the steps of:
    - the user device;
      
      generating a request; and
      
      providing an authorization code to accompany said request.
  - 8. The method of claim 7, further comprising the steps of:
    - the provider device;
      
      comparing said authorization code with a reference authorization code stored in said user file; and
      
      disregarding said request in response to a determination that said authorization code is inconsistent with said reference authorization code.
  - 9. The method of claim 1, wherein the step of generating said message comprises the steps of:
    - the user device;
      
      generating an instruction for the provider device to change a current authorization code; and
      
      providing said current authorization code and a new authorization code to accompany said instruction.
  - 10. The method of claim 9, further comprising the steps of:
    - the provider device;
      
      receiving said instruction;
      
      comparing said current authorization code with a reference authorization code stored in said user file; and
      
      in response to a determination that said current authorization code is consistent with said reference authorization code, changing said reference authorization code to said new authorization code.
  - 11. The method of claim 1, further comprising the steps of:
    - the provider device;
      
      generating a new recognition parameter;
      
      sending said new recognition parameter to the user device;
      
      the user device;
      
      receiving said new recognition parameter;
      
      generating a new message;
      
      deriving a new key code using said new recognition parameter;
      
      processing said new message using said new key code to derive a processed new message; and
      
      sending said processed new message to the provider device.
  - 12. The method of claim 11, further comprising the steps of:
    - the provider device;
      
      receiving said processed new message;
      
      deriving said new key code using said new recognition parameter; and
      
      processing said processed new message using said new key code.
  - 13. The method of claim 1, further comprising the steps of:
    - the provider device;
      
      generating a set of processed confirmation information;
      
      sending said processed confirmation information to the user device;
      
      the user device;
      
      receiving said processed confirmation information;
      
      deriving a third key code different from said first and second key codes; and
      
      processing said processed confirmation information using said third key code to derive a set of de-processed confirmation information.
  - 14. The method of claim 13, further comprising the steps of:
    - the user device;
      
      extracting a de-processed device file name from said de-processed confirmation information;
      
      comparing said de-processed device file name with said user device file name; and
      
      disregarding said de-processed confirmation information in response to a determination that said de-processed device file name is inconsistent with said user device file name.
  - 15. The method of claim 13, wherein said de-processed confirmation information includes a provider historical file entry and a corresponding entry designation, and wherein said method further comprises the steps of:
    - the user device;
      
      storing said file entry and said entry designation into a provider historical file maintained within the user device.

16. A method for coordinating the exchange of information between a user device and a provider device, comprising the steps of:
- the user device;
  
  generating a message;
  
  retrieving a user device file name, a set of identification information, a current user key code (CUKC), and a current provider key code (CPKC) stored in the user device;
  
  deriving a current session key code (CSKC) using said CUKC and said CPKC;
  
  processing said identification information using said CSKC to derive a set of processed identification information;
  
  sending said user device file name, said processed identification information, and said message to the provider device;
  
  the provider device;
  
  receiving said user device file name, said processed identification information, and said message;
  
  accessing a user file stored in the provider device using said user device file name as an index, said user file containing a set of recognition parameters corresponding to the user device;
  
  deriving a second key code using said recognition parameters;
  
  processing said processed identification information using said second key code to derive a set of de-processed identification information;
  
  comparing said de-processed identification information with a set of reference information stored in said user file; and
  
  terminating communication with the user device in response to a determination that said de-processed identification information is inconsistent with said reference information.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
- - 17. The method of claim 16, further comprising the steps of:
    - the provider device;
      
      generating a new user device file name;
      
      sending said new user device file name to the user device;
      
      the user device;
      
      receiving said new user device file name;
      
      generating a new message; and
      
      sending at least said new device file name and said new message to the provider device.
  - 18. The method of claim 17, wherein the provider device assigns said new user device file name to said user file, and wherein said method further comprises the steps of:
    - the provider device;
      
      receiving said new device file name and said new message; and
      
      accessing said user file, using said new device file name as an index, to retrieve said recognition parameters corresponding to the user device.
  - 19. The method of claim 16, wherein the user device has a provider historical file maintained therein, and wherein said identification information includes an entry from said provider historical file.
  - 20. The method of claim 19, further comprising the steps of:
    - the provider device;
      
      generating a provider historical file entry designation;
      
      sending said entry designation to the user device;
      
      the user device;
      
      receiving said entry designation;
      
      retrieving an entry from said provider historical file corresponding to said entry designation; and
      
      sending said provider historical file entry corresponding to said entry designation to the provider device as identification information in a subsequent transmission.
  - 21. The method of claim 16, wherein said identification information includes an encrypted application address (EAA) assigned to the user device, and wherein said method further comprises the step of:
    - the provider device;
      
      decrypting said EAA using a secret provider key code as a decryption key to derive an encrypted transaction address (ETA), said ETA representing an address at which other information pertaining to the user device is stored.
  - 22. The method of claim 16, wherein the step of generating said message comprises the steps of:
    - the user device;
      
      generating a request; and
      
      providing an authorization code to accompany said request.
  - 23. The method of claim 22, further comprising the steps of:
    - the provider device;
      
      comparing said authorization code with a reference authorization code stored in said user file; and
      
      disregarding said request in response to a determination that said authorization code is inconsistent with said reference authorization code.
  - 24. The method of claim 16, wherein the step of generating said message comprises the steps of:
    - the user device;
      
      generating an instruction for the provider device to change a current authorization code; and
      
      providing said current authorization code and a new authorization code to accompany said instruction.
  - 25. The method of claim 24, further comprising the steps of:
    - the provider device;
      
      receiving said instruction;
      
      comparing said current authorization code with a reference authorization code stored in said user file; and
      
      in response to a determination that said current authorization code is consistent with said reference authorization code, changing said reference authorization code to said new authorization code.
  - 26. The method of claim 16, wherein the user device further generates a future user key code (FUKC) and sends said FUKC to the provider device along with said user device file name, said processed identification information, and said message, said method further comprising the steps of:
    - the provider device;
      
      receiving said FUKC;
      
      generating a future provider key code (FPKC);
      
      sending said FPKC to the user device;
      
      the user device;
      
      receiving said FPKC;
      
      generating a new message;
      
      deriving a new key code using said FUKC and said FPKC;
      
      processing said new message using said new key code to derive a processed new message; and
      
      sending said processed new message to the provider device.
  - 27. The method of claim 26, further comprising the steps of:
    - the provider device;
      
      receiving said processed new message;
      
      deriving said new key code using said FUKC and said FPKC; and
      
      processing said processed new message using said new key code.
  - 28. The method of claim 16, wherein said user file has said CPKC stored therein, wherein the user device further generates a future user key code (FUKC) and sends said FUKC to the provider device along with said user device file name, said processed identification information, and said message, and wherein said method further comprises the steps of:
    - the provider device;
      
      receiving said FUKC;
      
      generating a set of confirmation information;
      
      deriving a third key code using said CPKC and said FUKC;
      
      processing said confirmation information using said third key code to derive a set of processed confirmation information;
      
      sending said processed confirmation information to the user device;
      
      the user device;
      
      receiving said processed confirmation information;
      
      deriving said third key code using said CPKC and said FUKC; and
      
      processing said processed confirmation information using said third key code to derive a set of de-processed confirmation information.
  - 29. The method of claim 28, further comprising the steps of:
    - the user device;
      
      extracting a de-processed device file name from said de-processed confirmation information;
      
      comparing said de-processed device file name with said user device file name; and
      
      disregarding said de-processed confirmation information in response to a determination that said de-processed device file name is inconsistent with said user device file name.
  - 30. The method of claim 28, wherein the step of generating said confirmation information comprises the steps of:
    - the provider device;
      
      generating a provider historical file entry and a corresponding entry designation;
      
      encrypting said provider historical file entry using a secret provider key code as an encryption key to derive an encrypted file entry; and
      
      providing said encrypted file entry and said entry designation as at least a portion of said confirmation information.
  - 31. The method of claim 30, further comprising the steps of:
    - said user device;
      
      storing said encrypted file entry and said entry designation into a provider historical file maintained within the user device.

32. A method for coordinating the exchange of information between a user device and a provider device, comprising the steps of:
- the user device;
  
  generating a message;
  
  retrieving a user device file name, a set of identification information, and a current provider public code (CPPUC) stored in the user device;
  
  processing said identification information using said CPPUC to derive a set of processed identification information;
  
  sending said user device file name, said processed identification information, and said message to the provider device;
  
  the provider device;
  
  receiving said user device file name, said processed identification information, and said message;
  
  accessing a user file stored in the provider device using said user device file name as an index, said user file containing a set of recognition parameters corresponding to the user device;
  
  retrieving a current provider private code (CPPRC) stored in said user file;
  
  processing said processed identification information using said CPPRC to derive a set of de-processed identification information;
  
  comparing said de-processed identification information with a set of reference information stored in said user file; and
  
  terminating communication with the user device in response to a determination that said de-processed identification information is inconsistent with said reference information.
- View Dependent Claims (33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49)
- - 33. The method of claim 32, further comprising the steps of:
    - the provider device;
      
      generating a new user device file name;
      
      sending said new user device file name to the user device;
      
      the user device;
      
      receiving said new user device file name;
      
      generating a new message; and
      
      sending at least said new device file name and said new message to the provider device.
  - 34. The method of claim 33, wherein the provider device assigns said new user device file name to said user file, and wherein said method further comprises the steps of:
    - the provider device;
      
      receiving said new device file name and said new message; and
      
      accessing said user file, using said new device file name as an index, to retrieve said recognition parameters corresponding to the user device.
  - 35. The method of claim 32, wherein the user device has a provider historical file maintained therein, and wherein said identification information includes an entry from said provider historical file.
  - 36. The method of claim 35, further comprising the steps of:
    - the provider device;
      
      generating a provider historical file entry designation;
      
      sending said entry designation to the user device;
      
      the user device;
      
      receiving said entry designation;
      
      retrieving an entry from said provider historical file corresponding to said entry designation; and
      
      sending said provider historical file entry corresponding to said entry designation to the provider device as identification information in a subsequent transmission.
  - 37. The method of claim 32, wherein said identification information includes an encrypted application address (EAA) assigned to the user device, and wherein said method further comprises the step of:
    - the provider device;
      
      decrypting said EAA using a secret provider key code as a decryption key to derive an encrypted transaction address (ETA), said ETA representing an address at which other information pertaining to the user device is stored.
  - 38. The method of claim 32, wherein the step of generating said message comprises the steps of:
    - the user device;
      
      generating a request; and
      
      providing an authorization code to accompany said request.
  - 39. The method of claim 38, further comprising the steps of:
    - the provider device;
      
      comparing said authorization code with a reference authorization code stored in said user file; and
      
      disregarding said request in response to a determination that said authorization code is inconsistent with said reference authorization code.
  - 40. The method of claim 32, wherein the step of generating said message comprises the steps of:
    - the user device;
      
      generating an instruction for the provider device to change a current authorization code; and
      
      providing said current authorization code and a new authorization code to accompany said instruction.
  - 41. The method of claim 40, further comprising the steps of:
    - the provider device;
      
      receiving said instruction;
      
      comparing said current authorization code with a reference authorization code stored in said user file; and
      
      in response to a determination that said current authorization code is consistent with said reference authorization code, changing said reference authorization code to said new authorization code.
  - 42. The method of claim 32, further comprising the steps of:
    - the provider device;
      
      generating a future provider key code comprising a future provider public code (FPPUC) and a future provider private code (FPPRC);
      
      sending said FPPUC to the user device;
      
      the user device;
      
      receiving said FPPUC;
      
      generating a new message;
      
      processing said new message using said FPPUC to derive a processed new message; and
      
      sending said processed new message to the provider device.
  - 43. The method of claim 42, further comprising the steps of:
    - the provider device;
      
      receiving said processed new message; and
      
      processing said processed new message using said FPPRC.
  - 44. The method of claim 32, wherein the user device further generates a future user key code comprising a future user public code (FUPUC) and a future user private code (FUPRC), wherein the user device sends said FUPUC to the provider device along with said user device file name, said processed identification information, and said message, wherein said user file has a current user public code (CUPUC) stored therein, and wherein said method further comprises the steps of:
    - the provider device;
      
      receiving said FUPUC;
      
      generating a set of confirmation information;
      
      retrieving said CUPUC from said user file;
      
      processing said confirmation information using said CUPUC to derive a set of processed confirmation information;
      
      sending said processed confirmation information to the user device;
      
      the user device;
      
      receiving said processed confirmation information;
      
      retrieving a current user private code (CUPRC) stored in the user device; and
      
      processing said processed confirmation information using said CUPRC to derive a set of de-processed confirmation information.
  - 45. The method of claim 44, further comprising the steps of:
    - the user device;
      
      extracting a de-processed device file name from said de-processed confirmation information;
      
      comparing said de-processed device file name with said user device file name; and
      
      disregarding said de-processed confirmation information in response to a determination that said de-processed device file name is inconsistent with said user device file name.
  - 46. The method of claim 44, wherein the step of generating said confirmation information comprises the steps of:
    - the provider device;
      
      generating a provider historical file entry and a corresponding entry designation;
      
      encrypting said provider historical file entry using a secret provider key code as an encryption key to derive an encrypted file entry; and
      
      providing said encrypted file entry and said entry designation as at least a portion of said confirmation information.
  - 47. The method of claim 46, further comprising the steps of:
    - said user device;
      
      storing said encrypted file entry and said entry designation into a provider historical file maintained within the user device.
  - 48. The method of claim 44, further comprising the steps of:
    - the user device;
      
      generating a second message;
      
      sending said second message to the provider device;
      
      the provider device;
      
      generating a second set of confirmation information in response to said second message;
      
      processing said second set of confirmation information using said FUPUC to derive a second set of processed confirmation information; and
      
      sending said second set of processed confirmation information to the user device.
  - 49. The method of claim 48, further comprising the steps of:
    - the user device;
      
      receiving said second set of confirmation information; and
      
      processing said second set of confirmation information using said FUPRC.

50. A communication system, comprising:
- a user device, comprising;
  
  a user storage for storing a user device file name and a set of identification information;
  
  means for generating a message;
  
  means for retrieving said user device file name and said identification information from said user storage;
  
  means for deriving a first key code;
  
  means for processing said identification information using said first key code to derive a set of processed identification information; and
  
  means for sending said user device file name, said processed identification information, and said message onto a communications link; and
  
  a provider device, comprising;
  
  a provider storage for storing a user file containing a set of recognition parameters corresponding to said user device, including a set of reference information;
  
  means coupled to said communications link for receiving said user device file name, said processed identification information, and said message;
  
  means for accessing said user file using said user device file name as an index;
  
  means for deriving a second key code using said recognition parameters;
  
  means for processing said processed identification information using said second key code to derive a set of de-processed identification information;
  
  means for comparing said de-processed identification information with said reference information stored in said user file; and
  
  means for terminating communication with said user device in response to a determination that said de-processed identification information is inconsistent with said reference information.
- View Dependent Claims (51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62)
- - 51. The communication system of claim 50, wherein said provider device further comprises:
    - means for generating a new user device file name; and
      
      means for sending said new user device file name to said user device; and
      
      wherein said user device further comprises;
      
      means for receiving said new user device file name;
      
      means for generating a new message; and
      
      means for sending at least said new device file name and said new message to said provider device.
  - 52. The communication system of claim 51, wherein said provider device further comprises:
    - means for assigning said new user device file name to said user file;
      
      means for receiving said new device file name and said new message; and
      
      means for accessing said user file, using said new device file name as an index, to retrieve said recognition parameters corresponding to said user device.
  - 53. The communication system of claim 50, wherein said user storage has a provider historical file stored thereon, and wherein said identification information includes an entry from said provider historical file.
  - 54. The communication system of claim 53, wherein said provider device further comprises:
    - means for generating a provider historical file entry designation; and
      
      means for sending said entry designation to said user device; and
      
      wherein said user device further comprises;
      
      means for receiving said entry designation;
      
      means for retrieving an entry from said provider historical file corresponding to said entry designation; and
      
      means for sending said provider historical file entry corresponding to said entry designation to said provider device as identification information in a subsequent transmission.
  - 55. The communication system of claim 50, wherein said identification information includes an encrypted application address (EAA) assigned to said user device, said EAA being stored in said user storage, andwherein said provider device further comprises:
    - means for decrypting said EAA using a secret provider key code as a decryption key to derive an encrypted transaction address (ETA), said ETA representing an address at which other information pertaining to said user device is stored.
  - 56. The communication system of claim 50, wherein said means for generating said message comprises:
    - means for generating a request; and
      
      means for providing an authorization code along with said request; and
      
      wherein said provider device further comprises;
      
      means for comparing said authorization code with a reference authorization code stored in said user file; and
      
      means for causing said provider device to disregard said request in response to a determination that said authorization code is inconsistent with said reference authorization code.
  - 57. The communication system of claim 50, wherein said means for generating said message comprises:
    - means for generating an instruction for said provider device to change a current authorization code; and
      
      means for providing said current authorization code and a new authorization code along with said instruction; and
      
      wherein said provider device further comprises;
      
      means for receiving said instruction;
      
      means for comparing said current authorization code with a reference authorization code stored in said user file; and
      
      means for changing said reference authorization code to said new authorization code in response to a determination that said current authorization code is consistent with said reference authorization code.
  - 58. The communication system of claim 50, wherein said provider device further comprises:
    - means for generating a new recognition parameter; and
      
      means for sending said new recognition parameter to said user device; and
      
      wherein said user device further comprises;
      
      means for receiving said new recognition parameter;
      
      means for generating a new message;
      
      means for deriving a new key code using said new recognition parameter;
      
      means for processing said new message using said new key code to derive a processed new message; and
      
      means for sending said processed new message to said provider device.
  - 59. The communication system of claim 58, wherein said provider device further comprises:
    - means for receiving said processed new message;
      
      means for deriving said new key code using said new recognition parameter; and
      
      means for processing said processed new message using said new key code.
  - 60. The communication system of claim 50, wherein said provider device further comprises:
    - means for generating a set of processed confirmation information; and
      
      means for sending said processed confirmation information to said user device; and
      
      wherein said user device further comprises;
      
      means for receiving said processed confirmation information;
      
      means for deriving a third key code different from said first and second key codes; and
      
      means for processing said processed confirmation information using said third key code to derive a set of de-processed confirmation information.
  - 61. The communication system of claim 60, wherein said user device further comprises:
    - means for extracting a de-processed device file name from said de-processed confirmation information;
      
      means for comparing said de-processed device file name with said user device file name; and
      
      means for causing said user device to disregard said de-processed confirmation information in response to a determination that said de-processed device file name is inconsistent with said user device file name.
  - 62. The communication system of claim 60, wherein said de-processed confirmation information includes a provider historical file entry and a corresponding entry designation, wherein said user storage has a provider historical file stored thereon, and wherein said user device further comprises:
    - means for storing said file entry and said entry designation into said provider historical file.

63. A communication system, comprising:
- a user device, comprising;
  
  a user storage for storing a user device file name, a set of identification information, a current user key code (CUKC), and a current provider key code (CPKC);
  
  means for generating a message;
  
  means for retrieving said user device file name and said set of identification information from said user storage;
  
  means for deriving a current session key code (CSKC) using said CUKC and said CPKC;
  
  means for processing said identification information using said CSKC to derive a set of processed identification information; and
  
  means for sending said user device file name, said processed identification information, and said message onto a communications link; and
  
  a provider device, comprising;
  
  a provider storage for storing a user file containing a set of recognition parameterscorresponding to said user device, including a set of reference information;
  
  means coupled to said communications link for receiving said user device file name, said processed identification information, and said message;
  
  means for accessing said user file using said user device file name as an index;
  
  means for deriving a second key code using said recognition parameters;
  
  means for processing said processed identification information using said second key code to derive a set of de-processed identification information;
  
  means for comparing said de-processed identification information with said reference information stored in said user file; and
  
  means for terminating communication with said user device in response to a determination that said de-processed identification information is inconsistent with said reference information.
- View Dependent Claims (64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76)
- - 64. The communication system of claim 63, wherein said provider device further comprises:
    - means for generating a new user device file name; and
      
      means for sending said new user device file name to said user device; and
      
      wherein said user device further comprises;
      
      means for receiving said new user device file name;
      
      means for generating a new message; and
      
      means for sending at least said new device file name and said new message to said provider device.
  - 65. The communication system of claim 64, wherein said provider device further comprises:
    - means for assigning said new user device file name to said user file;
      
      means for receiving said new device file name and said new message; and
      
      means for accessing said user file, using said new device file name as an index, to retrieve said recognition parameters corresponding to said user device.
  - 66. The communication system of claim 63, wherein said user device has a provider historical file stored thereon, and wherein said identification information includes an entry from said provider historical file.
  - 67. The communication system of claim 66, wherein said provider device further comprises:
    - means for generating a provider historical file entry designation;
      
      means for sending said entry designation to said user device; and
      
      wherein said user device further comprises;
      
      means for receiving said entry designation;
      
      means for retrieving an entry from said provider historical file corresponding to said entry designation; and
      
      means for sending said provider historical file entry corresponding to said entry designation to said provider device as identification information in a subsequent transmission.
  - 68. The communication system of claim 63, wherein said identification information includes an encrypted application address (EAA) assigned to said user device, said EAA being stored in said user storage, andwherein said provider device further comprises:
    - means for decrypting said EAA using a secret provider key code as a decryption key to derive an encrypted transaction address (ETA), said ETA representing an address at which other information pertaining to said user device is stored.
  - 69. The communication system of claim 63, wherein said means for generating said message comprises:
    - means for generating a request; and
      
      means for providing an authorization code along with said request; and
      
      wherein said provider device further comprises;
      
      means for comparing said authorization code with a reference authorization code stored in said user file; and
      
      means for causing said provider device to disregard said request in response to a determination that said authorization code is inconsistent with said reference authorization code.
  - 70. The communication system of claim 63, wherein said means for generating said message comprises:
    - means for generating an instruction for said provider device to change a current authorization code; and
      
      means for providing said current authorization code and a new authorization code along with said instruction; and
      
      wherein said provider device further comprises;
      
      means for receiving said instruction;
      
      means for comparing said current authorization code with a reference authorization code stored in said user file; and
      
      means for changing said reference authorization code to said new authorization code in response to a determination that said current authorization code is consistent with said reference authorization code.
  - 71. The communication system of claim 63, wherein said user device further comprises:
    - means for generating a future user key code (FUKC), said FUKC being sent to said provider device along with said user device file name, said processed identification information, and said message; and
      
      wherein said provider device further comprises;
      
      means for receiving said FUKC;
      
      means for generating a future provider key code (FPKC); and
      
      means for sending said FPKC to said user device; and
      
      wherein said user device further comprises;
      
      means for receiving said FPKC;
      
      means for generating a new message;
      
      means for deriving a new key code using said FUKC and said FPKC;
      
      means for processing said new message using said new key code to derive a processed new message; and
      
      means for sending said processed new message to said provider device.
  - 72. The communication system of claim 71, wherein said provider device further comprises:
    - means for receiving said processed new message;
      
      means for deriving said new key code using said FUKC and said FPKC; and
      
      means for processing said processed new message using said new key code.
  - 73. The communication system of claim 63, wherein said user file has said CPKC stored therein,wherein said user device further comprises:
    - means for generating a future user key code (FUKC), said FUKC being sent to said provider device along with said user device file name, said processedidentification information, and said message; and
      
      wherein said provider device further comprises;
      
      means for receiving said FUKC;
      
      means for generating a set of confirmation information;
      
      means for deriving a third key code using said CPKC and said FUKC;
      
      means for processing said confirmation information using said third key code to derive a set of processed confirmation information; and
      
      means for sending said processed confirmation information to said user device; and
      
      wherein said user device further comprises;
      
      means for receiving said processed confirmation information;
      
      means for deriving said third key code using said CPKC and said FUKC; and
      
      means for processing said processed confirmation information using said third key code to derive a set of de-processed confirmation information.
  - 74. The communication system of claim 73, wherein said user device further comprises:
    - means for extracting a de-processed device file name from said de-processed confirmation information;
      
      means for comparing said de-processed device file name with said user device file name; and
      
      means for causing said user device to disregard said de-processed confirmation information in response to a determination that said de-processed device file name is inconsistent with said user device file name.
  - 75. The communication system of claim 73, wherein said means for generating said confirmation information comprises:
    - means for generating a provider historical file entry and a corresponding entry designation;
      
      means for encrypting said provider historical file entry using a secret provider key code as an encryption key to derive an encrypted file entry; and
      
      means for providing said encrypted file entry and said entry designation as at least a portion of said confirmation information.
  - 76. The communication system of claim 75, wherein said user storage has a provider historical file stored thereon, andwherein said user device further comprises:
    - means for storing said encrypted file entry and said entry designation into said provider historical file in said user storage.

77. A communication system, comprising:
- a user device, comprising;
  
  a user storage for storing a user device file name, a set of identification information, and a current provider public code (CPPUC);
  
  means for generating a message;
  
  means for retrieving said user device file name and said identification information from said user storage;
  
  means for processing said identification information using said CPPUC to derive a set of processed identification information; and
  
  means for sending said user device file name, said processed identification information, and said message to said provider device; and
  
  a provider device, comprising;
  
  a provider storage for storing a user file containing a set of recognition parameters corresponding to said user device, including a current provider private code (CPPRC) and a set of reference information;
  
  means for receiving said user device file name, said processed identification information, and said message;
  
  means for accessing said user file using said user device file name as an index;
  
  means for retrieving said CPPRC from said user file;
  
  means for processing said processed identification information using said CPPRC to derive a set of de-processed identification information;
  
  means for comparing said de-processed identification information with said set of reference information stored in said user file; and
  
  means for terminating communication with said user device in response to a determination that said de-processed identification information is inconsistent with said reference information.
- View Dependent Claims (78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92)
- - 78. The communication system of claim 77, wherein said provider device further comprises:
    - means for generating a new user device file name; and
      
      means for sending said new user device file name to said user device; and
      
      wherein said user device further comprises;
      
      means for receiving said new user device file name;
      
      means for generating a new message; and
      
      means for sending at least said new device file name and said new message to said provider device.
  - 79. The communication system of claim 78, wherein said provider device further comprises:
    - means for assigning said new user device file name to said user file;
      
      means for receiving said new device file name and said new message; and
      
      means for accessing said user file, using said new device file name as an index, to retrieve said recognition parameters corresponding to said user device.
  - 80. The communication system of claim 77, wherein said user storage has a provider historical file stored thereon, and wherein said identification information includes an entry from said provider historical file.
  - 81. The communication system of claim 80, wherein said provider device further comprises:
    - means for generating a provider historical file entry designation; and
      
      means for sending said entry designation to said user device; and
      
      wherein said user device further comprises;
      
      means for receiving said entry designation;
      
      means for retrieving an entry from said provider historical file corresponding to said entry designation; and
      
      means for sending said provider historical file entry corresponding to said entry designation to said provider device as identification information in a subsequent transmission.
  - 82. The communication system of claim 77, wherein said identification information includes an encrypted application address (EAA) assigned to said user device, said EAA being stored in said user storage, andwherein said provider device further comprises:
    - means for decrypting said EAA using a secret provider key code as a decryption key to derive an encrypted transaction address (ETA), said ETA representing an address at which other information pertaining to said user device is stored.
  - 83. The communication system of claim 77, wherein said means for generating said message comprises:
    - means for generating a request; and
      
      means for providing an authorization code along with said request; and
      
      wherein said provider device further comprises;
      
      means for comparing said authorization code with a reference authorization code stored in said user file; and
      
      means for causing said provider device to disregard said request in response to a determination that said authorization code is inconsistent with said reference authorization code.
  - 84. The communication system of claim 77, wherein said means for generating said message comprises:
    - means for generating an instruction for said provider device to change a current authorization code; and
      
      means for providing said current authorization code and a new authorization code along with said instruction; and
      
      wherein said provider device further comprises;
      
      means for receiving said instruction;
      
      means for comparing said current authorization code with a reference authorization code stored in said user file; and
      
      means for changing said reference authorization code to said new authorization code in response to a determination that said current authorization code is consistent with said reference authorization code.
  - 85. The communication system of claim 77, wherein said provider device further comprises:
    - means for generating a future provider key code comprising a future provider public code (FPPUC) and a future provider private code (FPPRC);
      
      means for sending said FPPUC to said user device; and
      
      wherein said user device further comprises;
      
      means for receiving said FPPUC;
      
      means for generating a new message;
      
      means for processing said new message using said FPPUC to derive a processed new message; and
      
      means for sending said processed new message to said provider device.
  - 86. The communication system of claim 85, wherein said provider device further comprises:
    - means for receiving said processed new message; and
      
      means for processing said processed new message using said FPPRC.
  - 87. The communication system of claim 77, wherein said user file has a current user public code (CUPUC) stored therein,wherein said user device further comprises:
    - means for generating a future user key code comprising a future user public code (FUPUC) and a future user private code (FUPRC), said FUPUC being sent to said provider device along with said user device file name, said processed identification information, and said message; and
      
      wherein said provider device further comprises;
      
      means for receiving said FUPUC;
      
      means for generating a set of confirmation information;
      
      means for retrieving said CUPUC from said user file;
      
      means for processing said confirmation information using said CUPUC to derive a set of processed confirmation information; and
      
      means for sending said processed confirmation information to said user device; and
      
      wherein said user device further comprises;
      
      means for receiving said processed confirmation information;
      
      means for retrieving a current user private code (CUPRC) stored in said user device; and
      
      means for processing said processed confirmation information using said CUPRC to derive a set of de-processed confirmation information.
  - 88. The communication system of claim 87, wherein said user device further comprises:
    - means for extracting a de-processed device file name from said de-processed confirmation information;
      
      means for comparing said de-processed device file name with said user device file name; and
      
      means for causing said user device to disregard said de-processed confirmation information in response to a determination that said de-processed device file name is inconsistent with said user device file name.
  - 89. The communication system of claim 87, wherein said means for generating said confirmation information comprises:
    - means for generating a provider historical file entry and a corresponding entry designation;
      
      means for encrypting said provider historical file entry using a secret provider key code as an encryption key to derive an encrypted file entry; and
      
      means for providing said encrypted file entry and said entry designation as at least a portion of said confirmation information.
  - 90. The communication system of claim 89, wherein said user storage has a provider historical file stored thereon, andwherein said user device further comprises:
    - means for storing said encrypted file entry and said entry designation into said provider historical file.
  - 91. The communication system of claim 87, wherein said user device further comprises:
    - means for generating a second message; and
      
      means for sending said second message to said provider device; and
      
      wherein said provider device further comprises;
      
      means for generating a second set of confirmation information in response to said second message;
      
      means for processing said second set of confirmation information using said FUPUC to derive a second set of processed confirmation information; and
      
      means for sending said second set of processed confirmation information to said user device.
  - 92. The communication system of claim 91, wherein said user device further comprises:
    - means for receiving said second set of confirmation information; and
      
      means for processing said second set of confirmation information using said FUPRC.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Quantum Digital Solutions Incorporated
Original Assignee
ETA Technologies Corp.
Inventors
Johnson, William C., Marx, Donald L.
Primary Examiner(s)
Barron, Jr., Gilberto

Application Number

US08/388,210
Time in Patent Office

785 Days
Field of Search

380/4, 380/23, 380/25, 364/246.6, 364/246.8, 364/246.9, 364/969, 364/969.2, 364/969.4, 364/969.3
US Class Current

705/64
CPC Class Codes

G06Q 20/382   insuring higher security of...

G06Q 20/3821   Electronic credentials

G06Q 30/06   Buying, selling or leasing ...

Personal access management system

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

92 Claims

Specification

Solutions

Use Cases

Quick Links

Personal access management system

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

92 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links