Personal access management system
First Claim
1. In a sending device having a set of parameters stored therein including a device file name which uniquely identifies the sending device to a receiving device and a set of identification information, a method for exchanging information with the receiving device, comprising the steps of:
- generating a message;
retrieving said device file name and said set of identification information;
deriving a first key code from said parameters;
encrypting said identification information and said message using said first key code as an encryption key to derive a set of encrypted identification information and an encryptedsending said device file name, said encrypted identification information, and said encrypted message to the receiving device, wherein said device file name is sent to the receiving device in unencrypted form.
2 Assignments
0 Petitions
Accused Products
Abstract
A multi-component system for linking a user to a product or service provider includes a user processing device, a storage device, and a provider device. The storage device stores provider-specific application software, user-specific data, and a file management program. The storage device and the processing device are coupled to each other to form a user device which communicates with the provider device. Under direction of the file management program, the processing device carries out a recognition methodology which determines whether the processing device and the storage device are authorized to operate with each other. This aspect of the system makes it possible to render the storage device operable only with a specific user processing device, referred to as the principal processing device. This, in turn, reduces the possibility of fraud since the storage device cannot be used without the principal processing device. Once it is determined that the processing and storage devices am authorized to interact with each other, the processing device executes the provider-specific application software to exchange information with the provider device. Together, the user and provider devices implement unique recognition and comprehension methodologies to ensure that the parties are authorized to communicate with each other and to ensure that the information exchanged cannot be understood by third parties. Overall, the system provides a highly secure mechanism for transferring information from one party to another.
91 Citations
103 Claims
-
1. In a sending device having a set of parameters stored therein including a device file name which uniquely identifies the sending device to a receiving device and a set of identification information, a method for exchanging information with the receiving device, comprising the steps of:
-
generating a message; retrieving said device file name and said set of identification information; deriving a first key code from said parameters; encrypting said identification information and said message using said first key code as an encryption key to derive a set of encrypted identification information and an encrypted sending said device file name, said encrypted identification information, and said encrypted message to the receiving device, wherein said device file name is sent to the receiving device in unencrypted form.
-
-
2. In a sending device having a set of parameters stored therein including a device file name which uniquely identifies the sending device to a receiving device and a set of identification information, a method for exchanging information with the receiving device, comprising the steps of:
-
generating a message, said message including a request and an accompanying authorization code required by the receiving device in order to process said request; retrieving said device file name and said set of identification information; deriving a first key code from said parameters; processing said identification information using said first key code to derive a set of processed identification information; and sending said device file name, said processed identification information, and said message to the receiving device.
-
-
3. In a sending device having a set of parameters stored therein including a device file name which uniquely identifies the sending device to a receiving device and a set of identification information, a method for exchanging information with the receiving device, comprising the steps of:
-
generating a message, said message including an instruction for the receiving device to change a current authorization code, said instruction being accompanied by said current authorization code and a new authorization code; retrieving said device file name and said set of identification information; deriving a first key code from said parameters; processing said identification information using said first key code to derive a set of processed identification information; and sending said device file name, said processed identification information, and said message receiving a device.
-
-
4. In sending device having a set of parameters stored therein including a device file name which uniquely identifies the sending, device to a receiving device and a set of identification information, a method for exchanging information with the receiving device, comprising the steps of:
-
generating a message; retrieving said device file name and said set of identification information;
deriving a first key code from said parameters;processing said identification information using said first key code to derive a set of processed identification information; sending said device file name, said processed identification information, and said message to the receiving device; receiving a set of processed confirmation information from the receiving device; deriving a second key code different from said first key code; and processing said processed confirmation information using said second key code to derive a set of de-processed confirmation information. - View Dependent Claims (5, 6, 7, 8)
-
-
9. In sending device having a set of parameters stored therein including a device file name which uniquely identifies the sending device to a receiving device and a set of identification information, a method for exchanging information with the receiving device, comprising the steps of:
-
generating a message; retrieving said device file name and said set of identification information; deriving a first key code from said parameters; processing said identification information using said first key code to derive a set of processed identification information; generating a new parameter; and sending said device file name, said processed identification information, said message, and said new parameter to the device. - View Dependent Claims (10)
-
-
11. In a sending device having a set of parameters stored therein including a device file name which uniquely identifies the sending device to a receiving device, a set of identification information, a current user key code (CUKC), and a current provider key code (CPKC), a method for exchanging information with the receiving device, comprising the steps of:
-
generating a message; generating a future user key code (FUKC); deriving a current session key code (CSKC) using said CUKC and said CPKC; encrypting said identification information, said message, and said FUKC using said CSKC as an encryption key to derive a set of encrypted identification information, an encrypted message, and an encrypted FUKC; and sending said device file name, said encrypted identification information, said encrypted message, and said encrypted FUKC to the receiving device. - View Dependent Claims (12)
-
-
13. In a sending device having a set of parameters stored therein including a device file name which uniquely identifies the sending device to a receiving device, a set of identification information, a current user key code (CUKC), and a current provider key code (CPKC), a method for exchanging information with the receiving device, comprising the steps of:
-
generating a message, said message including a request and an accompanying authorization code required by the receiving device in order to process said request; generating a future user key code (FUKC); deriving a current session key code (CSKC) using said CUKC and said CPKC; processing said identification information using said CSKC to derive a set of processed identification information; and sending said device file name, said processed identification information, said message, and said FUKC to the receiving device.
-
-
14. In a sending device having a set of parameters stored therein including a device file name which uniquely identifies the sending device to a receiving device, a set of identification information, a current user key code (CUKC), and a current provider key code (CPKC), a method for exchanging information with the receiving device, comprising the steps of:
-
generating a message, said message including an instruction for the receiving device to change a current authorization code, said instruction being accompanied by said current authorization code and a new authorization code; generating a future user key code (FUKC); deriving a current session key code (CSKC) using said CUKC and said CPKC; processing said identification information using said CSKC to derive a set of processed identification information; and sending said device file name, said processed identification information, said message, and said FUKC to the receiving device.
-
-
15. In a sending device having a set of parameters stored therein including a device file name which uniquely identifies the sending device to a receiving device, a set of identification information, a current user key code (CUKC), and a current provider key code (CPKC), a method for exchanging information with the receiving device, comprising the steps of:
-
generating a message; generating a future user key code (FUKC); deriving a current session key code (CSKC) using said CUKC and said CPKC; processing said identification information using said CSKC to derive a set of processed identification information; sending said device file name, said processed identification information, said message, and said FUKC to the receiving device; receiving a set of processed confirmation information from the receiving device; deriving a second key code using said FUKC and said CPKC; and processing said processed confirmation information using said second key code to derive a set of de-processed confirmation information. - View Dependent Claims (16, 17, 18, 19)
-
-
20. In a sending device having a set of parameters stored therein including a device file name which uniquely identifies the sending device to a receiving device, a set of identification information, a current provider public code (CPPUC), and a current user private code (CUPRC), a method for exchanging information with the receiving device, comprising the steps of:
-
generating a message; generating a future user key code including a future user public code (FUPUC) and a future user private code (FUPRC); processing said identification information using said CPPUC to derive a set of processed identification information; and sending said device file name, said processed identification information, said message, and said FUPUC to the receiving device. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
-
-
33. A storage device for operating with a processing device having a communications interface, said storage device comprising:
-
a storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to a receiving device and a set of identification information; means for causing the processing device to generate a message; means for causing the processing device to derive a first key code from said parameters; means for causing the processing device to process said identification information using said first key code to derive a set of processed identification information; and means for causing the processing device to send said device file name, said processed identification information, and said message to the receiving device via the communications interface; wherein said means for causing the processing device to generate said message comprises; means for causing the processing device to generate a request; and means for causing the processing device to provide an authorization code as part of said request, said authorization code being required by the receiving device to process said request.
-
-
34. A storage device for operating with a processing device having a communications interface, said storage device comprising:
-
a storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to a receiving device and a set of identification information; means for causing the processing device to generate a message; means for causing the processing device to derive a first key code from said parameters; means for causing the processing device to process said identification information using said first key code to derive a set of processed identification information; and means for causing the processing device to send said device file name, said processed identification information, and said message to the receiving device via the communications interface; wherein said means for causing the processing device to generate said message comprises; means for causing the processing device to generate an instruction for the receiving device to change a current authorization code; and means for causing the processing device to provide said current authorization code and a new authorization code as part of said instruction.
-
-
35. A storage device for operating with a processing device having a communications interface, said storage device comprising:
-
a storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to a receiving device and a set of identification information; means for causing the processing device to generate a message; means for causing the processing device to derive a first key code from said parameters; means for causing the processing device to process said identification information using said first key code to derive a set of processed identification information; means for causing the processing device to send said device file name, said processed identification information, and said message to the receiving device via the communications interface; means for causing the processing device to receive a set of processed confirmation information from the receiving device via the communications interface; means for causing the processing device to derive a second key code different from said first key code; and means for causing the processing device to process said processed confirmation information using said second key code to derive a set of de-processed confirmation information. - View Dependent Claims (36, 37, 38, 39, 40, 41)
-
-
42. A storage device for operating with a processing device having a communications interface, said storage device comprising:
-
a storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to a receiving device, a set of identification information, a current user key code (CUKC), and a current provider key code (CPKC); means for causing the processing device to generate a message; means for causing the processing device to generate a future user key code (FUKC); means for causing the processing device to derive a current session key code (CSKC) using said CUKC and said CPKC; means for causing the processing device to process said identification information using said CSKC to derive a set of processed identification information; and means for causing the processing device to send said device file name, said processed identification information, said message, and said FUKC to the receiving device via the communications interface. - View Dependent Claims (43, 44, 45, 46, 47, 48, 49, 50, 51, 52)
-
-
53. A storage device for operating with a processing device having a communications interface, said storage device comprising:
-
a storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to a receiving device, a set of identification information, a current provider public code (CPPUC), and a current user private code (CUPRC); means for causing the processing device to generate a message; means for causing the processing device to generate a future user key code including a future user public code (FUPUC) and a future user private code (FUPRC); means for causing the processing device to process said identification information using said CPPUC to derive a set of processed identification information; and means for causing the processing device to send said device file name, said processed identification information, said message, and said FUPUC to the receiving device via the communications interface. - View Dependent Claims (54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64)
-
-
65. A communication device, comprising:
-
a communications interface for forming a communications link with a receiving device; a processor coupled to said communications interface; and a storage device coupled to said processor, said storage device comprising; a storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to the receiving device and a set of identification information; means for causing said processor to generate a message; means for causing said processor to derive a first key code; means for causing said processor to process said identification information using said first key code to derive a set of processed identification information; and means for causing said processor to send said device file name, said processed identification information, and said message to the receiving device via said communications interface; wherein said means for causing said processor to generate said message comprises; means for causing said processor to generate a request; and means for causing said processor to provide an authorization code as part of said request, said authorization code being required by the receiving device to process said request.
-
-
66. A communication device, comprising:
-
a communications interface for forming a communications link with a receiving device; a processor coupled to said communications interface; and a storage device coupled to said processor, said storage device comprising; a storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to the receiving device and a set of identification information; means for causing said processor to generate a message; means for causing said processor to derive a first key code; means for causing said processor to process said identification information using said first key code to derive a set of processed identification information; means for causing said processor to send said device file name, said processed identification information, and said message to the receiving device via said communications interface; means for causing said processor to generate an instruction for the receiving device to change a current authorization code; and means for causing said processor to provide said current authorization code and a new authorization code as part of said instruction.
-
-
67. A communication device, comprising:
-
a communications interface for forming a communications link with a receiving device; a processor coupled to said communications interface; and a storage device coupled to said processor, said storage device comprising; a storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to the receiving device and a set of identification information; means for causing said processor to generate a message; means for causing said processor to derive a first key code; means for causing said processor to process said identification information using said first key code to derive a set of processed identification information; means for causing said processor to send said device file name, said processed identification information, and said message to the receiving device via said communications interface; means for causing said processor to receive a set of processed confirmation information from the receiving device via said communications interface; means for causing said processor to derive a second key code different from said first key code; and means for causing said processor to process said processed confirmation information using said second key code to derive a set of de-processed confirmation information. - View Dependent Claims (68, 69, 70, 71)
-
-
72. A communication device, comprising:
-
a communications interface for forming a communications link with a receiving device; a processor coupled to said communications interface; and a storage device coupled to said processor, said storage device comprising; a storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to the receiving, device and a set of identification information; means for causing said processor to generate a message; means for causing said processor to derive a first key code; means for causing said processor to process said identification information using said first key code to derive a set of processed identification information; means for causing said processor to generate a new parameter; and means for causing said processor to send aid device file name, said processed identification information, said message, and said new parameter to the receiving device via said communications interface. - View Dependent Claims (73)
-
-
74. A communication device, comprising:
-
a communications interface for forming a communications link with a receiving device; a processor coupled to said communications interface; and a storage device coupled to said processor, said storage device comprising; a storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to the receiving device, a set of identification information, a current user key code (CUKC), and a current provider key code (CPKC); means for causing said processor to generate a message; means for causing said processor to generate a future user key code (FUKC); means for causing said processor to derive a current session key code (CSKC) using said CUKC and said CPKC; means for causing said processor to process said identification information using said CSKC to derive a set of processed identification information; and means for causing said processor to send said device file name, said processed identification information, said message, and said FUKC to the receiving device via said communications interface. - View Dependent Claims (75, 76, 77, 78, 79, 80, 81, 82, 83, 84)
-
-
85. A communication device, comprising:
-
a communications interface for forming a communications link with a receiving device; a processor coupled to said communications interface; and a storage device coupled to said processor, said storage device comprising; a storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to the receiving device, a set of identification information, a current provider public code (CPPUC), and a current user private code (CUPRC), said storage device means for causing said processor to generate a message; means for causing said processor to generate a future user key code including a future user public code (FUPUC) and a future user private code (FUPRC); means for causing said processor to process said identification information using said CPPUC to derive a set of processed identification information; and means for causing said processor to send said device file name, said processed identification information, said message, and said FUPUC to the receiving device via said communications interface. - View Dependent Claims (86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96)
-
-
97. A communication device, comprising:
-
a communications interface for forming a communications link with a receiving device and a sending device; a processor coupled to said communications interface; and a storage device coupled to said processor, said storage device comprising; a first storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to the receiving device and a set of identification information; a second storage unit for storing an emulation device file having a set of emulation parameters stored therein including a set of emulation reference information; means for causing said processor to generate a message; means for causing said processor to derive a key code; means for causing said processor to process said identification information using said key code to derive a set of processed identification information; and means for causing said processor to send said device file name, said processed identification information, and said message to the receiving device via said communications interface; said storage device further comprising an emulation module, comprising; means for causing said processor to receive, via said communications interface, an emulation device file name, a set of processed emulation identification information, and an emulation message from the sending device; means for causing said processor to access said emulation device file using said emulation device file name as a reference; means for causing said processor to derive an emulation key code using said emulation parameters; means for causing said processor to process said processed emulation identification information using said emulation key code to derive a set of de-processed emulation identification information; means for causing said processor to compare said de-processed emulation identification information with said emulation reference information; and means for causing said processor to terminate communication with the sending device in response to a determination that said de-processed emulation identification information is inconsistent with said emulation reference information. - View Dependent Claims (98)
-
-
99. A communication device, comprising:
-
a communications interface for forming a communications link with a receiving device and a sending device; a processor coupled to said communications interface; and a storage device coupled to said processor, said storage device comprising; a first storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to the receiving device, a set of identification information, a current user key code (CUKC), and a current provider key code (CPKC); a second storage unit for storing an emulation device file having a set of emulation parameters stored therein including a set of emulation reference information; means for causing said processor to generate a message; means for causing said processor to generate a future user key code (FUKC); means for causing said processor to derive a current session key code (CSKC) using said CUKC and said CPKC; means or causing said processor to process said identification information using said CSKC to derive a set of processed identification information; and means for causing said processor to send said device file name, said processed identification information, said message, and said FUKC to the receiving device via said communications interface; said storage device further comprising an emulation module, comprising; means for causing said processor to receive, via said communications interface, an emulation device file name, a set of processed emulation identification information, and an emulation message from the sending device; means for causing said processor to access said emulation device file using said emulation device file name as a reference; means for causing said processor to derive an emulation key code using said emulation parameters; means for causing said processor to process said processed emulation identification information using said emulation key code to derive a set of de-processed emulation identification information; means for causing said processor to compare said de-processed emulation identification information with said emulation reference information; and means for causing said processor to terminate communication with the sending device in response to a determination that said de-processed emulation identification information is inconsistent with said emulation reference information. - View Dependent Claims (100)
-
-
101. A communication device, comprising:
-
a communications interface for forming a communications link with a receiving device and a sending device; a processor coupled to said communications interface; and a storage device coupled to said processor, said storage device comprising; a first storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to the receiving device, a set of identification information, a current provider public code (CPPUC), and a current user private code (CUPRC); a second storage unit for storing an emulation device file having a set of emulation parameters stored therein including a set of emulation reference information; means for causing said processor to generate a message; means for causing said processor to generate a future user key code including a future user public code (FUPUC) and a future user private code (FUPRC); means for causing said processor to process said identification information using said CPPUC to derive a set of processed identification information; and means for causing said processor to send said device file name, said processed identification information, said message, and said FUPUC to the receiving device via said communications interface; said storage device further comprising an emulation module, comprising; means for causing said processor to receive, via said communications interface, an emulation device file name, a set of processed emulation identification information, and an emulation message from the sending device; means for causing said processor to access said emulation device file using said emulation device file name as a reference; means for causing said processor to derive an emulation key code using said emulation parameters; means for causing said processor to process said processed emulation identification information using said emulation key code to derive a set of de-processed emulation identification information; means for causing said processor to compare said de-processed emulation identification information with said emulation reference information; and means for causing said processor to terminate communication with the sending device in response to a determination that said de-processed emulation identification information is inconsistent with said emulation reference information. - View Dependent Claims (102)
-
-
103. In a sending device having a set of parameters stored therein including a device file name which uniquely identifies the sending device to a receiving device and a set of identification information,said identification information including an encrypted application address (EAA) assigned to the sending device, a method for exchanging information with the receiving device, comprising the steps of:
-
generating a message; retrieving said device file name and said set of identification information; deriving a first key code from said parameters; processing said identification information using said first key code to derive a set of processed identification information; and sending said device file name, said processed identification information, and said message to the receiving device.
-
Specification