Personal access management system

US 5,689,564 A
Filed: 02/13/1995
Issued: 11/18/1997
Est. Priority Date: 02/13/1995
Status: Expired due to Fees

First Claim

Patent Images

1. In a sending device having a set of parameters stored therein including a device file name which uniquely identifies the sending device to a receiving device and a set of identification information, a method for exchanging information with the receiving device, comprising the steps of:

generating a message;

retrieving said device file name and said set of identification information;

deriving a first key code from said parameters;

encrypting said identification information and said message using said first key code as an encryption key to derive a set of encrypted identification information and an encryptedsending said device file name, said encrypted identification information, and said encrypted message to the receiving device, wherein said device file name is sent to the receiving device in unencrypted form.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A multi-component system for linking a user to a product or service provider includes a user processing device, a storage device, and a provider device. The storage device stores provider-specific application software, user-specific data, and a file management program. The storage device and the processing device are coupled to each other to form a user device which communicates with the provider device. Under direction of the file management program, the processing device carries out a recognition methodology which determines whether the processing device and the storage device are authorized to operate with each other. This aspect of the system makes it possible to render the storage device operable only with a specific user processing device, referred to as the principal processing device. This, in turn, reduces the possibility of fraud since the storage device cannot be used without the principal processing device. Once it is determined that the processing and storage devices am authorized to interact with each other, the processing device executes the provider-specific application software to exchange information with the provider device. Together, the user and provider devices implement unique recognition and comprehension methodologies to ensure that the parties are authorized to communicate with each other and to ensure that the information exchanged cannot be understood by third parties. Overall, the system provides a highly secure mechanism for transferring information from one party to another.

91 Citations

View as Search Results

103 Claims

1. In a sending device having a set of parameters stored therein including a device file name which uniquely identifies the sending device to a receiving device and a set of identification information, a method for exchanging information with the receiving device, comprising the steps of:
- generating a message;
  
  retrieving said device file name and said set of identification information;
  
  deriving a first key code from said parameters;
  
  encrypting said identification information and said message using said first key code as an encryption key to derive a set of encrypted identification information and an encryptedsending said device file name, said encrypted identification information, and said encrypted message to the receiving device, wherein said device file name is sent to the receiving device in unencrypted form.

2. In a sending device having a set of parameters stored therein including a device file name which uniquely identifies the sending device to a receiving device and a set of identification information, a method for exchanging information with the receiving device, comprising the steps of:
- generating a message, said message including a request and an accompanying authorization code required by the receiving device in order to process said request;
  
  retrieving said device file name and said set of identification information;
  
  deriving a first key code from said parameters;
  
  processing said identification information using said first key code to derive a set of processed identification information; and
  
  sending said device file name, said processed identification information, and said message to the receiving device.

3. In a sending device having a set of parameters stored therein including a device file name which uniquely identifies the sending device to a receiving device and a set of identification information, a method for exchanging information with the receiving device, comprising the steps of:
- generating a message, said message including an instruction for the receiving device to change a current authorization code, said instruction being accompanied by said current authorization code and a new authorization code;
  
  retrieving said device file name and said set of identification information;
  
  deriving a first key code from said parameters;
  
  processing said identification information using said first key code to derive a set of processed identification information; and
  
  sending said device file name, said processed identification information, and said message receiving a device.

4. In sending device having a set of parameters stored therein including a device file name which uniquely identifies the sending, device to a receiving device and a set of identification information, a method for exchanging information with the receiving device, comprising the steps of:
- generating a message;
  
  retrieving said device file name and said set of identification information;
  
  deriving a first key code from said parameters;
  
  processing said identification information using said first key code to derive a set of processed identification information;
  
  sending said device file name, said processed identification information, and said message to the receiving device;
  
  receiving a set of processed confirmation information from the receiving device;
  
  deriving a second key code different from said first key code; and
  
  processing said processed confirmation information using said second key code to derive a set of de-processed confirmation information.
- View Dependent Claims (5, 6, 7, 8)
- - 5. The method of claim 4, further comprising the steps of:
    - extracting a de-processed device file name from said de-processed information;
      
      comparing said de-processed device file name with said device file name; and
      
      disregarding said de-processed confirmation information in response to a determination that said de-processed device file name is inconsistent with said device file name.
  - 6. The method of claim 4, wherein said de-processed confirmation information includes a provider historical file entry and an accompanying entry designation, and wherein said method further comprises the step of:
    - storing said provider historical file entry and said entry designation into a provider historical file maintained in the sending device.
  - 7. The method of claim 4, wherein said de-processed information includes a new device file name, and wherein said method further comprises the steps of:
    - generating a second message; and
      
      sending at least said new device file name and said second message to the receiving device.
  - 8. The method of claim 4, wherein said de-processed confirmation information includes a set of new parameters, and wherein said method further comprises the steps of:
    - generating a new message;
      
      deriving a new key code from said new parameters;
      
      processing said new message using said new key code to derive a processed new message; and
      
      sending at least said processed new message to the receiving device.

9. In sending device having a set of parameters stored therein including a device file name which uniquely identifies the sending device to a receiving device and a set of identification information, a method for exchanging information with the receiving device, comprising the steps of:
- generating a message;
  
  retrieving said device file name and said set of identification information;
  
  deriving a first key code from said parameters;
  
  processing said identification information using said first key code to derive a set of processed identification information;
  
  generating a new parameter; and
  
  sending said device file name, said processed identification information, said message, and said new parameter to the device.
- View Dependent Claims (10)
- - 10. The method of claim 9, further comprising the steps of:
    - generating a new message;
      
      deriving a new key code using said new parameter;
      
      processing said new message using said new key code to derive a processed new message; and
      
      sending at least said processed new message to the receiving device.

11. In a sending device having a set of parameters stored therein including a device file name which uniquely identifies the sending device to a receiving device, a set of identification information, a current user key code (CUKC), and a current provider key code (CPKC), a method for exchanging information with the receiving device, comprising the steps of:
- generating a message;
  
  generating a future user key code (FUKC);
  
  deriving a current session key code (CSKC) using said CUKC and said CPKC;
  
  encrypting said identification information, said message, and said FUKC using said CSKC as an encryption key to derive a set of encrypted identification information, an encrypted message, and an encrypted FUKC; and
  
  sending said device file name, said encrypted identification information, said encrypted message, and said encrypted FUKC to the receiving device.
- View Dependent Claims (12)
- - 12. The method of claim 11, wherein said device file name is sent to the receiving device in unencrypted form.

13. In a sending device having a set of parameters stored therein including a device file name which uniquely identifies the sending device to a receiving device, a set of identification information, a current user key code (CUKC), and a current provider key code (CPKC), a method for exchanging information with the receiving device, comprising the steps of:
- generating a message, said message including a request and an accompanying authorization code required by the receiving device in order to process said request;
  
  generating a future user key code (FUKC);
  
  deriving a current session key code (CSKC) using said CUKC and said CPKC;
  
  processing said identification information using said CSKC to derive a set of processed identification information; and
  
  sending said device file name, said processed identification information, said message, and said FUKC to the receiving device.

14. In a sending device having a set of parameters stored therein including a device file name which uniquely identifies the sending device to a receiving device, a set of identification information, a current user key code (CUKC), and a current provider key code (CPKC), a method for exchanging information with the receiving device, comprising the steps of:
- generating a message, said message including an instruction for the receiving device to change a current authorization code, said instruction being accompanied by said current authorization code and a new authorization code;
  
  generating a future user key code (FUKC);
  
  deriving a current session key code (CSKC) using said CUKC and said CPKC;
  
  processing said identification information using said CSKC to derive a set of processed identification information; and
  
  sending said device file name, said processed identification information, said message, and said FUKC to the receiving device.

15. In a sending device having a set of parameters stored therein including a device file name which uniquely identifies the sending device to a receiving device, a set of identification information, a current user key code (CUKC), and a current provider key code (CPKC), a method for exchanging information with the receiving device, comprising the steps of:
- generating a message;
  
  generating a future user key code (FUKC);
  
  deriving a current session key code (CSKC) using said CUKC and said CPKC;
  
  processing said identification information using said CSKC to derive a set of processed identification information;
  
  sending said device file name, said processed identification information, said message, and said FUKC to the receiving device;
  
  receiving a set of processed confirmation information from the receiving device;
  
  deriving a second key code using said FUKC and said CPKC; and
  
  processing said processed confirmation information using said second key code to derive a set of de-processed confirmation information.
- View Dependent Claims (16, 17, 18, 19)
- - 16. The method of claim 15, further comprising the steps of:
    - extracting a de-processed device file name from said de-processed information;
      
      comparing said de-processed device file name with said device file name; and
      
      disregarding said de-processed confirmation information in response to a determination that said de-processed device file name is inconsistent with said device file name.
  - 17. The method of claim 15, wherein said de-processed confirmation information includes a provider historical file entry and an accompanying entry designation, and wherein said method further comprises the step of:
    - storing said provider historical file entry and said entry designation into a provider historical file maintained in the sending device.
  - 18. The method of claim 15, wherein said de-processed information includes a new device file name, and wherein said method further comprises the steps of:
    - generating a second message; and
      
      sending at least said new device file name and said second message to the receiving device.
  - 19. The method of claim 15, wherein said de-processed confirmation information includes a future provider key code (FPKC), and wherein said method further comprises the steps of:
    - generating a new message;
      
      deriving a new key code using said FUKC and said FPKC;
      
      processing said new message using said new key code to derive a processed new message; and
      
      sending at least said processed new message to the receiving device.

20. In a sending device having a set of parameters stored therein including a device file name which uniquely identifies the sending device to a receiving device, a set of identification information, a current provider public code (CPPUC), and a current user private code (CUPRC), a method for exchanging information with the receiving device, comprising the steps of:
- generating a message;
  
  generating a future user key code including a future user public code (FUPUC) and a future user private code (FUPRC);
  
  processing said identification information using said CPPUC to derive a set of processed identification information; and
  
  sending said device file name, said processed identification information, said message, and said FUPUC to the receiving device.
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
- - 21. The method of claim 20, wherein said message and said FUPUC are processed using said CPPUC before being sent to the receiving device.
  - 22. The method of claim 21, wherein said identification information, said message, and said FUPUC are encrypted using said CPPUC as an encryption key.
  - 23. The method of claim 22, wherein said device file name is sent to the receiving device in unencrypted form.
  - 24. The method of claim 20, wherein said message includes a request and an accompanying authorization code required by the receiving device in order to process said request.
  - 25. The method of claim 20, wherein said message includes an instruction for the receiving device to change a current authorization code, said instruction being accompanied by said current authorization code and a new authorization code.
  - 26. The method of claim 20, wherein said identification information includes an entry from a provider historical file maintained in the sending device.
  - 27. The method of claim 20, further comprising the steps of:
    - receiving a set of processed confirmation information from the receiving device, andprocessing said processed confirmation information using said CUPRC to derive a set of de-processed confirmation information.
  - 28. The method of claim 27, further comprising the steps of:
    - extracting a de-processed device file name from said de-processed information;
      
      comparing said de-processed device file name with said device file name; and
      
      disregarding said de-processed confirmation information in response to a determination that said de-processed device file name is inconsistent with said device file name.
  - 29. The method of claim 27, wherein said de-processed confirmation information includes a provider historical file entry and an accompanying entry designation, and wherein said method further comprises the step of:
    - storing said provider historical file entry and said entry designation into a provider historical file maintained in the sending device.
  - 30. The method of claim 27, wherein said de-processed information includes a new device file name, and wherein said method further comprises the steps of:
    - generating a second message; and
      
      sending at least said new device file name and said second message to the receiving device.
  - 31. The method of claim 27, wherein said de-processed confirmation information includes a future provider public code (FPPUC), and wherein said method further comprises the steps of:
    - generating a new message;
      
      processing said new message using said FPPUC to derive a processed new message; and
      
      sending at least said processed new message to the receiving device.
  - 32. The method of claim 31, further comprising the steps of:
    - receiving a second set of processed confirmation information from the receiving device; and
      
      processing said second set of processed confirmation information using said FUPRC to derive a second set of de-processed confirmation information.

33. A storage device for operating with a processing device having a communications interface, said storage device comprising:
- a storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to a receiving device and a set of identification information;
  
  means for causing the processing device to generate a message;
  
  means for causing the processing device to derive a first key code from said parameters;
  
  means for causing the processing device to process said identification information using said first key code to derive a set of processed identification information; and
  
  means for causing the processing device to send said device file name, said processed identification information, and said message to the receiving device via the communications interface;
  
  wherein said means for causing the processing device to generate said message comprises;
  
  means for causing the processing device to generate a request; and
  
  means for causing the processing device to provide an authorization code as part of said request, said authorization code being required by the receiving device to process said request.

34. A storage device for operating with a processing device having a communications interface, said storage device comprising:
- a storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to a receiving device and a set of identification information;
  
  means for causing the processing device to generate a message;
  
  means for causing the processing device to derive a first key code from said parameters;
  
  means for causing the processing device to process said identification information using said first key code to derive a set of processed identification information; and
  
  means for causing the processing device to send said device file name, said processed identification information, and said message to the receiving device via the communications interface;
  
  wherein said means for causing the processing device to generate said message comprises;
  
  means for causing the processing device to generate an instruction for the receiving device to change a current authorization code; and
  
  means for causing the processing device to provide said current authorization code and a new authorization code as part of said instruction.

35. A storage device for operating with a processing device having a communications interface, said storage device comprising:
- a storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to a receiving device and a set of identification information;
  
  means for causing the processing device to generate a message;
  
  means for causing the processing device to derive a first key code from said parameters;
  
  means for causing the processing device to process said identification information using said first key code to derive a set of processed identification information;
  
  means for causing the processing device to send said device file name, said processed identification information, and said message to the receiving device via the communications interface;
  
  means for causing the processing device to receive a set of processed confirmation information from the receiving device via the communications interface;
  
  means for causing the processing device to derive a second key code different from said first key code; and
  
  means for causing the processing device to process said processed confirmation information using said second key code to derive a set of de-processed confirmation information.
- View Dependent Claims (36, 37, 38, 39, 40, 41)
- - 36. The storage device of claim 35, further comprising:
    - means for causing the processing device to extract a de-processed device file name from said de-processed information;
      
      means for causing the processing device to compare said de-processed device file name with said device file name; and
      
      means for causing the processing device to disregard said de-processed confirmation information in response to a determination that said de-processed device file name is inconsistent with said device file name.
  - 37. The storage device of claim 35, wherein said de-processed confirmation information includes a provider historical file entry and an accompanying entry designation, wherein said storage device further has a provider historical file maintained thereon, and wherein said storage device further comprises:
    - means for causing the processing device to store said provider historical file entry and said entry designation into said provider historical file.
  - 38. The storage device of claim 35, wherein said de-processed information includes a new device file name, and wherein said storage device further comprises:
    - means for causing the processing device to generate a second message; and
      
      means for causing the processing device to send at least said new device file name and said second message to the receiving device via the communications interface.
  - 39. The storage device of claim 35, wherein said de-processed confirmation information includes a set of new parameters, and wherein said storage device further comprises:
    - means for causing the processing device to generate a new message;
      
      means for causing the processing device to derive a new key code from said new parameters;
      
      means for causing the processing device to process said new message using said new key code to derive a processed new message; and
      
      means for causing the processing device to send at least said processed new message to the receiving device via the communications interface.
  - 40. The storage device of claim 35, further comprising:
    - means for causing the processing device to generate a new parameter; and
      
      means for causing the processing device to send said new parameter to the receiving device via the communications interface, along with said device file name, said processed identification information, and said message.
  - 41. The storage device of claim 40, further comprising:
    - means for causing the processing device to generate a new message;
      
      means for causing the processing device to derive a new key code using said new parameter;
      
      means for causing the processing device to process said new message using said new key code to derive a processed new message; and
      
      means for causing the processing device to send at least said processed new message to the receiving device via the communications interface.

42. A storage device for operating with a processing device having a communications interface, said storage device comprising:
- a storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to a receiving device, a set of identification information, a current user key code (CUKC), and a current provider key code (CPKC);
  
  means for causing the processing device to generate a message;
  
  means for causing the processing device to generate a future user key code (FUKC);
  
  means for causing the processing device to derive a current session key code (CSKC) using said CUKC and said CPKC;
  
  means for causing the processing device to process said identification information using said CSKC to derive a set of processed identification information; and
  
  means for causing the processing device to send said device file name, said processed identification information, said message, and said FUKC to the receiving device via the communications interface.
- View Dependent Claims (43, 44, 45, 46, 47, 48, 49, 50, 51, 52)
- - 43. The storage device of claim 42, further comprising:
    - means for causing the processing device to process said message and said FUKC using said CSKC prior to sending said message and said FUKC to the receiving device.
  - 44. The storage device of claim 43, wherein said means for causing the processing device to process said identification information, said message, and said FUKC comprises:
    - means for causing the processing device to encrypt said identification information, said message, and said FUKC using said CSKC code as an encryption key.
  - 45. The storage device of claim 42, wherein said means for causing the processing device to generate said message comprises:
    - means for causing the processing device to generate a request; and
      
      means for causing the processing device to provide an authorization code as part of said request, said authorization code being required by the receiving device to process said request.
  - 46. The storage device of claim 42, wherein said means for causing the processing device to generate said message comprises:
    - means for causing the processing device to generate an instruction for the receiving device to change a current authorization code; and
      
      means for causing the processing device to provide said current authorization code and a new authorization code as part of said instruction.
  - 47. The storage device of claim 42, wherein said storage device further has a provider historical file maintained thereon, and wherein said identification information includes an entry from said provider historical file.
  - 48. The storage device of claim 42, further comprising:
    - means for causing the processing device to receive a set of processed confirmation information from the receiving device via the communications interface;
      
      means for causing the processing device to derive a second key code using said FUKC and said CPKC; and
      
      means for causing the processing device to process said processed confirmation information using said second key code to derive a set of de-processed confirmation information.
  - 49. The storage device of claim 48, further comprising:
    - means for causing the processing device to extract a de-processed device file name from said de-processed information;
      
      means for causing the processing device to compare said de-processed device file name with said device file name; and
      
      means for causing the processing device to disregard said de-processed confirmation information in response to a determination that said de-processed device file name is inconsistent with said device file name.
  - 50. The storage device of claim 48, wherein said de-processed confirmation information includes a provider historical file entry and an accompanying entry designation, wherein said storage device further has a provider historical file maintained thereon, and wherein said storage device further comprises:
    - means for causing the processing device to store said provider historical file entry and said entry designation into said provider historical file.
  - 51. The storage device of claim 48, wherein said de-processed information includes a new device file name, and wherein said storage device further comprises:
    - means for causing the processing device to generate a second message; and
      
      means for causing the processing device to send at least said new device file name and said second message to the receiving device via the communications interface.
  - 52. The storage device of claim 48, wherein said de-processed confirmation information includes a future provider key code (FPKC), and wherein said storage device further comprises:
    - means for causing the processing device to generate a new message;
      
      means for causing the processing device to derive a new key code using said FUKC and said FPKC;
      
      means for causing the processing device to process said new message using said new key code to derive a processed new message; and
      
      means for causing the processing device to send at least said processed new message to the receiving device via the communications interface.

53. A storage device for operating with a processing device having a communications interface, said storage device comprising:
- a storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to a receiving device, a set of identification information, a current provider public code (CPPUC), and a current user private code (CUPRC);
  
  means for causing the processing device to generate a message;
  
  means for causing the processing device to generate a future user key code including a future user public code (FUPUC) and a future user private code (FUPRC);
  
  means for causing the processing device to process said identification information using said CPPUC to derive a set of processed identification information; and
  
  means for causing the processing device to send said device file name, said processed identification information, said message, and said FUPUC to the receiving device via the communications interface.
- View Dependent Claims (54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64)
- - 54. The storage device of claim 53, further comprising:
    - means for causing the processing device to process said message and said FUPUC using said CPPUC prior to sending said message and said FUPUC to the receiving device.
  - 55. The storage device of claim 54, wherein said means for causing the processing device to process said identification information, said message, and said FUPUC comprises:
    - means for causing the processing device to encrypt said identification information, said message, and said FUPUC using said CPPUC code as an encryption key.
  - 56. The storage device of claim 53, wherein said means for causing the processing device to generate said message comprises:
    - means for causing the processing device to generate a request; and
      
      means for causing the processing device to provide an authorization code as part of said request, said authorization code being required by the receiving device to process said request.
  - 57. The storage device of claim 53, wherein said means for causing the processing device to generate said message comprises:
    - means for causing the processing device to generate an instruction for the receiving device to change a current authorization code; and
      
      means for causing the processing device to provide said current authorization code and a new authorization code as part of said instruction.
  - 58. The storage device of claim 53, wherein said storage device further has a provider historical file maintained thereon, and wherein said identification information includes an entry from said provider historical file.
  - 59. The storage device of claim 53, further comprising:
    - means for causing the processing device to receive a set of processed confirmation information from the receiving device via the communications interface; and
      
      means for causing the processing device to process said processed confirmation information using said CUPRC to derive a set of de-processed confirmation information.
  - 60. The storage device of claim 59, further comprising:
    - means for causing the processing device to extract a de-processed device file name from said de-processed information;
      
      means for causing the processing device to compare said de-processed device file name with said device file name; and
      
      means for causing the processing device to disregard said de-processed confirmation information in response to a determination that said de-processed device file name is inconsistent with said device file name.
  - 61. The storage device of claim 59, wherein said de-processed confirmation information includes a provider historical file entry and an accompanying entry designation, wherein said storage device further has a provider historical file maintained thereon, and wherein said storage device further comprises:
    - means for causing the processing device to store said provider historical file entry and said entry designation into said provider historical file.
  - 62. The storage device of claim 59, wherein said de-processed information includes a new device file name, and wherein said storage device further comprises:
    - means for causing the processing device to generate a second message; and
      
      means for causing the processing device to send at least said new device file name and said second message to the receiving device via the communications interface.
  - 63. The storage device of claim 59, wherein said de-processed confirmation information includes a future provider public code (FPPUC), and wherein said storage device further comprises:
    - means for causing the processing device to generate a new message;
      
      means for causing the processing device to process said new message using said FPPUC to derive a processed new message; and
      
      means for causing the processing device to send at least said processed new message to the receiving device via the communications interface.
  - 64. The storage device of claim 63, further comprising:
    - means for causing the processing device to receive a second set of processed confirmation information from the receiving device; and
      
      means for causing the processing device to process said second set of processed confirmation information using said FUPRC to derive a second set of de-processed confirmation information.

65. A communication device, comprising:
- a communications interface for forming a communications link with a receiving device;
  
  a processor coupled to said communications interface; and
  
  a storage device coupled to said processor, said storage device comprising;
  
  a storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to the receiving device and a set of identification information;
  
  means for causing said processor to generate a message;
  
  means for causing said processor to derive a first key code;
  
  means for causing said processor to process said identification information using said first key code to derive a set of processed identification information; and
  
  means for causing said processor to send said device file name, said processed identification information, and said message to the receiving device via said communications interface;
  
  wherein said means for causing said processor to generate said message comprises;
  
  means for causing said processor to generate a request; and
  
  means for causing said processor to provide an authorization code as part of said request, said authorization code being required by the receiving device to process said request.

66. A communication device, comprising:
- a communications interface for forming a communications link with a receiving device;
  
  a processor coupled to said communications interface; and
  
  a storage device coupled to said processor, said storage device comprising;
  
  a storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to the receiving device and a set of identification information;
  
  means for causing said processor to generate a message;
  
  means for causing said processor to derive a first key code;
  
  means for causing said processor to process said identification information using said first key code to derive a set of processed identification information;
  
  means for causing said processor to send said device file name, said processed identification information, and said message to the receiving device via said communications interface;
  
  means for causing said processor to generate an instruction for the receiving device to change a current authorization code; and
  
  means for causing said processor to provide said current authorization code and a new authorization code as part of said instruction.

67. A communication device, comprising:
- a communications interface for forming a communications link with a receiving device;
  
  a processor coupled to said communications interface; and
  
  a storage device coupled to said processor, said storage device comprising;
  
  a storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to the receiving device and a set of identification information;
  
  means for causing said processor to generate a message;
  
  means for causing said processor to derive a first key code;
  
  means for causing said processor to process said identification information using said first key code to derive a set of processed identification information;
  
  means for causing said processor to send said device file name, said processed identification information, and said message to the receiving device via said communications interface;
  
  means for causing said processor to receive a set of processed confirmation information from the receiving device via said communications interface;
  
  means for causing said processor to derive a second key code different from said first key code; and
  
  means for causing said processor to process said processed confirmation information using said second key code to derive a set of de-processed confirmation information.
- View Dependent Claims (68, 69, 70, 71)
- - 68. The communication device of claim 67, wherein said storage device further comprises:
    - means for causing said processor to extract a de-processed device file name from said de-processed information;
      
      means for causing said processor to compare said de-processed device file name with said device file name; and
      
      means for causing said processor to disregard said de-processed confirmation information in response to a determination that said de-processed device file name is inconsistent with said device file name.
  - 69. The communication device of claim 67, wherein said de-processed confirmation information includes a provider historical file entry and an accompanying entry designation, wherein said storage device further has a provider historical file maintained thereon, and wherein said storage device further comprises:
    - means for causing said processor to store said provider historical file entry and said entry designation into said provider historical file.
  - 70. The communication device of claim 67, wherein said de-processed information includes a new device file name, and wherein said storage device further comprises:
    - means for causing said processor to generate a second message; and
      
      means for causing said processor to send at least said new device file name and said second message to the receiving device via said communications interface.
  - 71. The communication device of claim 67, wherein said de-processed confirmation information includes a set of new parameters, and wherein said storage device further comprises:
    - means for causing said processor to generate a new message;
      
      means for causing said processor to derive a new key code from said new parameters;
      
      means for causing said processor to process said new message using said new key code to derive a processed new message; and
      
      means for causing said processor to send at least said processed new message to the receiving device via said communications interface.

72. A communication device, comprising:
- a communications interface for forming a communications link with a receiving device;
  
  a processor coupled to said communications interface; and
  
  a storage device coupled to said processor, said storage device comprising;
  
  a storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to the receiving, device and a set of identification information;
  
  means for causing said processor to generate a message;
  
  means for causing said processor to derive a first key code;
  
  means for causing said processor to process said identification information using said first key code to derive a set of processed identification information;
  
  means for causing said processor to generate a new parameter; and
  
  means for causing said processor to send aid device file name, said processed identification information, said message, and said new parameter to the receiving device via said communications interface.
- View Dependent Claims (73)
- - 73. The communication device of claim 72, further comprising:
    - means for causing said processor to generate a new message;
      
      means for causing said processor to derive a new key code using said new parameter;
      
      means for causing said processor to process said new message using said new key code to derive a processed new message; and
      
      means for causing said processor to send at least said processed new message to the receiving device via said communications interface.

74. A communication device, comprising:
- a communications interface for forming a communications link with a receiving device;
  
  a processor coupled to said communications interface; and
  
  a storage device coupled to said processor, said storage device comprising;
  
  a storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to the receiving device, a set of identification information, a current user key code (CUKC), and a current provider key code (CPKC);
  
  means for causing said processor to generate a message;
  
  means for causing said processor to generate a future user key code (FUKC);
  
  means for causing said processor to derive a current session key code (CSKC) using said CUKC and said CPKC;
  
  means for causing said processor to process said identification information using said CSKC to derive a set of processed identification information; and
  
  means for causing said processor to send said device file name, said processed identification information, said message, and said FUKC to the receiving device via said communications interface.
- View Dependent Claims (75, 76, 77, 78, 79, 80, 81, 82, 83, 84)
- - 75. The communication device of claim 74, wherein said storage device further comprises:
    - means for causing said processor to process said message and said FUKC using said CSKC prior to sending said message and said FUKC to the receiving device.
  - 76. The communication device of claim 75, wherein said means for causing said processor to process said identification information, said message, and said FUKC comprises:
    - means for causing said processor to encrypt said identification information, said message, and said FUKC using said CSKC code as an encryption key.
  - 77. The communication device of claim 74, wherein said means for causing said processor to generate said message comprises:
    - means for causing said processor to generate a request; and
      
      means for causing said processor to provide an authorization code as part of said request, said authorization code being required by the receiving device to process said request.
  - 78. The communication device of claim 74, wherein said means for causing said processor to generate said message comprises:
    - means for causing said processor to generate an instruction for the receiving device to change a current authorization code; and
      
      means for causing said processor to provide said current authorization code and a new authorization code as part of said instruction.
  - 79. The communication device of claim 74, wherein said storage device further has a provider historical file maintained thereon, and wherein said identification information includes an entry from said provider historical file.
  - 80. The communication device of claim 74, wherein said storage device further comprises:
    - means for causing said processor to receive a set of processed confirmation information from the receiving device via said communications interface;
      
      means for causing said processor to derive a second key code using said FUKC and said CPKC; and
      
      means for causing said processor to process said processed confirmation information using said second key code to derive a set of de-processed confirmation information.
  - 81. The communication device of claim 80, wherein said storage device further comprises:
    - means for causing said processor to extract a de-processed device file name from said de-processed information;
      
      means for causing said processor to compare said de-processed device file name with said device file name; and
      
      means for causing said processor to disregard said de-processed confirmation information in response to a determination that said de-processed device file name is inconsistent with said device file name.
  - 82. The communication device of claim 80, wherein said de-processed confirmation information includes a provider historical file entry and an accompanying entry designation, wherein said storage device further has a provider historical file maintained thereon, and wherein said storage device further comprises:
    - means for causing said processor to store said provider historical file entry and said entry designation into said provider historical file.
  - 83. The communication device of claim 80, wherein said de-processed information includes a new device file name, and wherein said storage device further comprises:
    - means for causing said processor to generate a second message; and
      
      means for causing said processor to send at least said new device file name and said second message to the receiving device via said communications interface.
  - 84. The communication device of claim 80, wherein said de-processed confirmation information includes a future provider key code (FPKC), and wherein said storage device further comprises:
    - means for causing said processor to generate a new message;
      
      means for causing said processor to derive a new key code using said FUKC and said FPKC;
      
      means for causing said processor to process said new message using said new key code to derive a processed new message; and
      
      means for causing said processor to send at least said processed new message to the receiving device via said communications interface.

85. A communication device, comprising:
- a communications interface for forming a communications link with a receiving device;
  
  a processor coupled to said communications interface; and
  
  a storage device coupled to said processor, said storage device comprising;
  
  a storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to the receiving device, a set of identification information, a current provider public code (CPPUC), and a current user private code (CUPRC), said storage devicemeans for causing said processor to generate a message;
  
  means for causing said processor to generate a future user key code including a future user public code (FUPUC) and a future user private code (FUPRC);
  
  means for causing said processor to process said identification information using said CPPUC to derive a set of processed identification information; and
  
  means for causing said processor to send said device file name, said processed identification information, said message, and said FUPUC to the receiving device via said communications interface.
- View Dependent Claims (86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96)
- - 86. The communication device of claim 85, wherein said storage device further comprises:
    - means for causing said processor to process said message and said FUPUC using said CPPUC prior to sending said message and said FUPUC to the receiving device.
  - 87. The communication device of claim 86, wherein said means for causing said processor to process said identification information, said message, and said FUPUC comprises:
    - means for causing said processor to encrypt said identification information, said message, and said FUPUC using said CPPUC code as an encryption key.
  - 88. The communication device of claim 85, wherein said means for causing said processor to generate said message comprises:
    - means for causing said processor to generate a request; and
      
      means for causing said processor to provide an authorization code as part of said request, said authorization code being required by the receiving device to process said request.
  - 89. The communication device of claim 85, wherein said means for causing said processor to generate said message comprises:
    - means for causing said processor to generate an instruction for the receiving device to change a current authorization code; and
      
      means for causing said processor to provide said current authorization code and a new authorization code as part of said instruction.
  - 90. The communication device of claim 85, wherein said storage device further has a provider historical file maintained thereon, and wherein said identification information includes an entry from said provider historical file.
  - 91. The communication device of claim 85, wherein said storage device further comprises:
    - means for causing said processor to receive a set of processed confirmation information from the receiving device via said communications interface; and
      
      means for causing said processor to process said processed confirmation information using said CUPRC to derive a set of de-processed confirmation information.
  - 92. The communication device of claim 91, wherein said storage device further comprises:
    - means for causing said processor to extract a de-processed device file name from said de-processed information;
      
      means for causing said processor to compare said de-processed device file name with said device file name; and
      
      means for causing said processor to disregard said de-processed confirmation information in response to a determination that said de-processed device file name is inconsistent with said device file name.
  - 93. The communication device of claim 91, wherein said de-processed confirmation information includes a provider historical file entry and an accompanying entry designation, wherein said storage device further has a provider historical file maintained thereon, and wherein said storage device further comprises:
    - means for causing said processor to store said provider historical file entry and said entry designation into said provider historical file.
  - 94. The communication device of claim 91, wherein said de-processed information includes a new device file name, and wherein said storage device further comprises:
    - means for causing said processor to generate a second message; and
      
      means for causing said processor to send at least said new device file name and said second message to the receiving device via said communications interface.
  - 95. The communication device of claim 91, wherein said de-processed confirmation information includes a future provider public code (FPPUC), and wherein said storage device further comprises:
    - means for causing said processor to generate a new message;
      
      means for causing said processor to process said new message using said FPPUC to derive a processed new message; and
      
      means for causing said processor to send at least said processed new message to the receiving device via said communications interface.
  - 96. The communication device of claim 95, wherein said storage device further comprises:
    - means for causing said processor to receive a second set of processed confirmation information from the receiving device; and
      
      means for causing said processor to process said second set of processed confirmation information using said FUPRC to derive a second set of de-processed confirmation information.

97. A communication device, comprising:
- a communications interface for forming a communications link with a receiving device and a sending device;
  
  a processor coupled to said communications interface; and
  
  a storage device coupled to said processor, said storage device comprising;
  
  a first storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to the receiving device and a set of identification information;
  
  a second storage unit for storing an emulation device file having a set of emulation parameters stored therein including a set of emulation reference information;
  
  means for causing said processor to generate a message;
  
  means for causing said processor to derive a key code;
  
  means for causing said processor to process said identification information using said key code to derive a set of processed identification information; and
  
  means for causing said processor to send said device file name, said processed identification information, and said message to the receiving device via said communications interface;
  
  said storage device further comprising an emulation module, comprising;
  
  means for causing said processor to receive, via said communications interface, an emulation device file name, a set of processed emulation identification information, and an emulation message from the sending device;
  
  means for causing said processor to access said emulation device file using said emulation device file name as a reference;
  
  means for causing said processor to derive an emulation key code using said emulation parameters;
  
  means for causing said processor to process said processed emulation identification information using said emulation key code to derive a set of de-processed emulation identification information;
  
  means for causing said processor to compare said de-processed emulation identification information with said emulation reference information; and
  
  means for causing said processor to terminate communication with the sending device in response to a determination that said de-processed emulation identification information is inconsistent with said emulation reference information.
- View Dependent Claims (98)
- - 98. The communication device of claim 97, wherein said emulation module further comprises:
    - means for causing said processor to generate a set of new emulation parameters;
      
      means for causing said processor to store said new emulation parameters into said emulation device file; and
      
      means for causing said processor to send at least a portion of said new emulation parameters to the sending device via said communications interface.

99. A communication device, comprising:
- a communications interface for forming a communications link with a receiving device and a sending device;
  
  a processor coupled to said communications interface; and
  
  a storage device coupled to said processor, said storage device comprising;
  
  a first storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to the receiving device, a set of identification information, a current user key code (CUKC), and a current provider key code (CPKC);
  
  a second storage unit for storing an emulation device file having a set of emulation parameters stored therein including a set of emulation reference information;
  
  means for causing said processor to generate a message;
  
  means for causing said processor to generate a future user key code (FUKC);
  
  means for causing said processor to derive a current session key code (CSKC) using said CUKC and said CPKC;
  
  means or causing said processor to process said identification information using said CSKC to derive a set of processed identification information; and
  
  means for causing said processor to send said device file name, said processed identification information, said message, and said FUKC to the receiving device via said communications interface;
  
  said storage device further comprising an emulation module, comprising;
  
  means for causing said processor to receive, via said communications interface, an emulation device file name, a set of processed emulation identification information, and an emulation message from the sending device;
  
  means for causing said processor to access said emulation device file using said emulation device file name as a reference;
  
  means for causing said processor to derive an emulation key code using said emulation parameters;
  
  means for causing said processor to process said processed emulation identification information using said emulation key code to derive a set of de-processed emulation identification information;
  
  means for causing said processor to compare said de-processed emulation identification information with said emulation reference information; and
  
  means for causing said processor to terminate communication with the sending device in response to a determination that said de-processed emulation identification information is inconsistent with said emulation reference information.
- View Dependent Claims (100)
- - 100. The communication device of claim 99, wherein said emulation module further comprises:
    - means for causing said processor to generate a set of new emulation parameters;
      
      means for causing said processor to store said new emulation parameters into said emulation device file; and
      
      means for causing said processor to send at least a portion of said new emulation parameters to the sending device via said communications interface.

101. A communication device, comprising:
- a communications interface for forming a communications link with a receiving device and a sending device;
  
  a processor coupled to said communications interface; and
  
  a storage device coupled to said processor, said storage device comprising;
  
  a first storage unit for storing a set of parameters including a device file name which uniquely identifies said storage device to the receiving device, a set of identification information, a current provider public code (CPPUC), and a current user private code (CUPRC);
  
  a second storage unit for storing an emulation device file having a set of emulation parameters stored therein including a set of emulation reference information;
  
  means for causing said processor to generate a message;
  
  means for causing said processor to generate a future user key code including a future user public code (FUPUC) and a future user private code (FUPRC);
  
  means for causing said processor to process said identification information using said CPPUC to derive a set of processed identification information; and
  
  means for causing said processor to send said device file name, said processed identification information, said message, and said FUPUC to the receiving device via said communications interface;
  
  said storage device further comprising an emulation module, comprising;
  
  means for causing said processor to receive, via said communications interface, an emulation device file name, a set of processed emulation identification information, and an emulation message from the sending device;
  
  means for causing said processor to access said emulation device file using said emulation device file name as a reference;
  
  means for causing said processor to derive an emulation key code using said emulation parameters;
  
  means for causing said processor to process said processed emulation identification information using said emulation key code to derive a set of de-processed emulation identification information;
  
  means for causing said processor to compare said de-processed emulation identification information with said emulation reference information; and
  
  means for causing said processor to terminate communication with the sending device in response to a determination that said de-processed emulation identification information is inconsistent with said emulation reference information.
- View Dependent Claims (102)
- - 102. The communication device of claim 101, wherein said emulation module further comprises:
    - means for causing said processor to generate a set of new emulation parameters;
      
      means for causing said processor to store said new emulation parameters into said emulation device file; and
      
      means for causing said processor to send at least a portion of said new emulation parameters to the sending device via said communications interface.

103. In a sending device having a set of parameters stored therein including a device file name which uniquely identifies the sending device to a receiving device and a set of identification information,said identification information including an encrypted application address (EAA) assigned to the sending device, a method for exchanging information with the receiving device, comprising the steps of:
- generating a message;
  
  retrieving said device file name and said set of identification information;
  
  deriving a first key code from said parameters;
  
  processing said identification information using said first key code to derive a set of processed identification information; and
  
  sending said device file name, said processed identification information, and said message to the receiving device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cyphercomm Incorporated
Original Assignee
ETA Technologies Corp.
Inventors
Marx, Donald L., Johnson, William Cedric
Primary Examiner(s)
Barron, Jr., Gilberto

Application Number

US08/388,220
Time in Patent Office

1,009 Days
Field of Search

380/4, 380/23, 380/25
US Class Current

713/165
CPC Class Codes

G06F 21/34 involving the use of extern...

Personal access management system

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

91 Citations

103 Claims

Specification

Solutions

Use Cases

Quick Links

Personal access management system

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

91 Citations

103 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links