Mechanism for facilitating secure storage and retrieval of information on a smart card by an internet service provider using various network computer client devices

US 6,141,752 A
Filed: 05/05/1998
Issued: 10/31/2000
Est. Priority Date: 05/05/1998
Status: Expired due to Term

First Claim

Patent Images

1. A method for a network computer client device (NC) to facilitate secure storage of account information on a smart card by an internet service provider (ISP), the method comprising the steps of:

(a) receiving ISP account information that includes an ISP digital signature portion from the ISP;

(b) performing a cryptographic verification of the ISP account information using an ISP public key contained in a root ISP certificate within the NC; and

(c) writing the ISP account information onto the smart card if the cryptographic verification in step (b) is successful.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A network computer client device (NC) maintains a root internet service provider (ISP) certificate which includes the ISP'"'"'s public key and which is digitally signed by a root authority using the root authority'"'"'s private key. The NC also maintains a root public key. When an ISP desires to write onto the smart card inserted into an NC, it sends ISP account information to be written including a digital signature portion created with the ISP'"'"'s private key to the NC. The NC performs a cryptographic verification of the ISP account information using the ISP'"'"'s public key found in the root ISP certificate. If this verification is successful, the NC writes the ISP account information to the smart card. If this verification fails, the ISP account information is not written to the smart card. When an ISP attempts to read ISP account information from a smart card inserted into an NC, the NC first authenticates the ISP The NC then reads the ISP account information including the digital signature portion from the smart card. The NC performs a cryptographic verification of the ISP account information using the ISP'"'"'s public key found in the root ISP certificate. If this verification is successful, the NC transmits the ISP account information to the ISP. If this verification fails, the ISP account information is not transmitted.

Citations

42 Claims

1. A method for a network computer client device (NC) to facilitate secure storage of account information on a smart card by an internet service provider (ISP), the method comprising the steps of:
- (a) receiving ISP account information that includes an ISP digital signature portion from the ISP;
  
  (b) performing a cryptographic verification of the ISP account information using an ISP public key contained in a root ISP certificate within the NC; and
  
  (c) writing the ISP account information onto the smart card if the cryptographic verification in step (b) is successful.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. A method as in claim 1, wherein step (b) includes the step of retrieving the root ISP certificate from non-volatile memory within the NC.
  - 3. A method as in claim 1, further comprising the step of, before step (a), receiving the root ISP certificate from a relationship server.
  - 4. A method as in claim 1, wherein step (b) includes the step of:
    - (d) performing a cryptographic verification of the root ISP certificate using a root public key within the NC.
  - 5. A method as in claim 1, further comprising the step of prior to step (a),(e) authenticating the ISP.
  - 6. A method as in claim 1, further comprising the steps of:
    - prior to step (a), receiving a write command digitally signed by the ISP; and
      
      before step (c), performing a cryptographic verification of the write command using the ISP public key contained in the root ISP certificate within the NC.
  - 7. A method as in claim 5, wherein step (e) is performed using the Secure Sockets Layer protocol.
  - 8. A method as in claim 4, wherein step (d) includes the step of reading the root public key from a read only memory within the NC.

9. A method for a network computer client device (NC) to facilitate secure retrieval of account information from a smart card by an internet service provider (ISP), the method comprising the steps of:
- (a) authenticating the ISP;
  
  (b) reading account information that includes an ISP digital signature portion from the smart card;
  
  (c) cryptographically verifying the ISP account information using an ISP public key contained in a root ISP certificate within the NC; and
  
  (d) transmitting the ISP account information to the ISP if the cryptographic verification in step (c) is successful.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. A method as in claim 9, wherein step (c) includes the step of retrieving the root ISP certificate from non-volatile memory within the NC.
  - 11. A method as in claim 9, further comprising the step of, before step (a), receiving the root ISP certificate from a relationship server.
  - 12. A method as in claim 9, wherein step (c) includes the step of(e) cryptographically verifying the root ISP certificate using a root public key within the NC.
  - 13. A method as in claim 9, wherein step (a) is performed using Secure Sockets Layer protocols.
  - 14. A method as in claim 12, wherein step (e) includes the step of reading the root public key from a read only memory within the NC.

15. A computer readable storage medium comprising:
- computer readable program code embodied on said computer readable storage medium, said computer readable program code for programming a computer to perform a method for said computer (NC) to facilitate secure storage of account information on a smart card by an internet service provider (ISP), the method comprising the steps of;
  
  (a) receiving ISP account information that includes an ISP digital signature portion from the ISP;
  
  (b) performing a cryptographic verification of the ISP account information using an ISP public key contained in a root ISP certificate within the NC; and
  
  (c) writing the ISP account information onto the smart card if the cryptographic verification in step (b) is successful.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22)
- - 16. A computer readable storage medium comprising computer readable program code as in claim 15, wherein step (b) includes the step of retrieving the root ISP certificate from non-volatile memory within the NC.
  - 17. A computer readable storage medium comprising computer readable program code as in claim 15, further comprising the step of, before step (a), receiving the root ISP certificate from a relationship server.
  - 18. A computer readable storage medium comprising computer readable program code as in claim 15, wherein step (b) includes the step of:
    - (d) performing a cryptographic verification of the root ISP certificate using a root public key within the NC.
  - 19. A computer readable storage medium comprising computer readable program code as in claim 15, further comprising the step of, prior to step (a),(e) authenticating the ISP.
  - 20. A computer readable storage medium comprising computer readable program code as in claim 15, further comprising the steps of:
    - prior to step (a), receiving a write command digitally signed by the ISP; and
      
      before step (c), performing a cryptographic verification of the write command using the ISP public key contained in the root ISP certificate within the NC.
  - 21. A computer readable storage medium comprising computer readable program code as in claim 19, wherein step (e) is performed using the Secure Sockets Layer protocol.
  - 22. A computer readable storage medium comprising computer readable program code as in claim 18, wherein step (d) includes the step of reading the root public key from a read only memory within the NC.

23. A computer readable storage medium comprising:
- computer readable program code embodied on said computer readable storage medium, said computer readable program code for programming a computer to perform a method for said computer (NC) to facilitate secure retrieval of account information from a smart card by an internet service provider (ISP), the method comprising the steps of;
  
  (a) authenticating the ISP;
  
  (b) reading account information that includes an ISP digital signature portion from the smart card;
  
  (c) cryptographically verifying the ISP account information using an ISP public key contained in a root ISP certificate within the NC; and
  
  (d) transmitting the ISP account information to the ISP if the cryptographic verification in step (c) is successful.
- View Dependent Claims (24, 25, 26, 27, 28)
- - 24. A computer readable storage medium comprising computer readable program code as in claim 23, wherein step (c) includes the step of retrieving the root ISP certificate from non-volatile memory within the NC.
  - 25. A computer readable storage medium comprising computer readable program code as in claim 23, further comprising the step of, before step (a), receiving the root ISP certificate from a relationship server.
  - 26. A computer readable storage medium comprising computer readable program code as in claim 23, wherein step (c) includes the step of:
    - (e) cryptographically verifying the root ISP certificate using a root public key within the NC.
  - 27. A computer readable storage medium comprising computer readable program code as in claim 23, wherein step (a) is performed using Secure Sockets Layer protocols.
  - 28. A computer readable storage medium comprising computer readable program code as in claim 26, wherein step (e) includes the step of reading the root public key from a read only memory within the NC.

29. An apparatus for facilitating secure storage of account information on a smart card by an internet service provider (ISP) through a network computer client device (NC), the apparatus comprising:
- (a) means for receiving ISP account information that includes an ISP digital signature portion from the ISP;
  
  (b) means for performing a cryptographic verification of the ISP account information using an ISP public key contained in a root ISP certificate within the NC; and
  
  (c) means for writing the ISP account information onto the smart card responsive to means (b).
- View Dependent Claims (30, 31, 32, 33, 34, 35, 36)
- - 30. An apparatus as in claim 29, wherein means (b) includes means for retrieving the root ISP certificate from non-volatile memory within the NC.
  - 31. An apparatus as in claim 29, further comprising:
    - means for receiving the root ISP certificate from a relationship server.
  - 32. An apparatus as in claim 29, wherein means (b) includes:
    - (d) means for performing a cryptographic verification of the root ISP certificate using a root public key within the NC.
  - 33. An apparatus as in claim 29, further comprising:
    - (e) means for authenticating the ISP.
  - 34. An apparatus as in claim 29, further comprising:
    - means for receiving a write command digitally signed by the ISP; and
      
      means for performing a cryptographic verification of the write command using the ISP public key contained in the root ISP certificate within the NC.
  - 35. An apparatus as in claim 33, wherein means (e) includes means for performing the Secure Sockets Layer protocol.
  - 36. An apparatus as in claim 33, wherein means (d) includes means for reading the root public key from a read only memory within the NC.

37. An apparatus to facilitate secure retrieval of account information from a smart card by an internet service provider (ISP) by a network computer client device (NC), the method comprising the steps of;
- (a) means for authenticating the ISP;
  
  (b) means for reading account information that includes an ISP digital signature portion from the smart card;
  
  (c) means for cryptographically verifying the ISP account information using an ISP public key contained in a root ISP certificate within the NC; and
  
  (d) means for transmitting the ISP account information to the ISP responsive to means (c).
- View Dependent Claims (38, 39, 40, 41, 42)
- - 38. An apparatus as in claim 37, wherein means (c) includes means for retrieving the root ISP certificate from non-volatile memory within the NC.
  - 39. An apparatus as in claim 37, further comprising:
    - means for receiving the root ISP certificate from a relationship server.
  - 40. An apparatus as in claim 37, wherein means (c) includes:
    - (e) means for cryptographically verifying the root ISP certificate using a root public key within the NC.
  - 41. An apparatus as in claim 37, wherein means (a) includes means for performing the Secure Sockets Layer protocols.
  - 42. An apparatus as in claim 40, wherein means (e) includes the step of reading the root public key from a read only memory within the NC.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Comcast Cable Communications Management LLC (Comcast Corporation)
Original Assignee
Liberate Technologies
Inventors
Zmuda, James E., Dancs, Frank B.
Primary Examiner(s)
Peeso, Thomas R.

Application Number

US09/073,269
Time in Patent Office

910 Days
Field of Search

380/255, 380/264, 380/277, 380/281, 380/282, 713/161, 713/175, 713/176, 713/201, 713/172
US Class Current

713/172
CPC Class Codes

G06F 21/34   involving the use of extern...

G06Q 20/3552   Downloading or loading of p...

G07F 7/1008   Active credit-cards provide...

H04L 63/0823   using certificates cryptogr...

H04L 63/0853   using an additional device,...

H04L 63/126   the source of the received ...

Mechanism for facilitating secure storage and retrieval of information on a smart card by an internet service provider using various network computer client devices

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

42 Claims

Specification

Solutions

Use Cases

Quick Links

Mechanism for facilitating secure storage and retrieval of information on a smart card by an internet service provider using various network computer client devices

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

42 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links