Secure user authentication to computing resource via smart card
First Claim
1. A method of activating a smart card, comprising:
- receiving identifying information for a non-activated smart card that is being used for the first time by a user;
receiving manual authentication information for the user to whom the non-activated smart card has been issued;
authenticating the user and the non-activated smart card using the identifying information and the manual authentication information;
obtaining a public key from the non-activated smart card; and
issuing a digital certificate that is generated using the public key, wherein the non-activated smart cart is activated upon receiving the digital certificate.
2 Assignments
0 Petitions
Accused Products
Abstract
A simplified user authentication to a computer resource utilizing a smart card. When a new user is issued a smart card, he or she is also issued a user name (ID) and password to be used during a first use to activate the smart card. The user then connects the smart card and enters the user ID and password. The user is authenticated using the user ID and password and identifying information from the smart card. The network administration server then requests a public key from the workstation. The workstation instructs the smart card to generates public and private key. The public key is transmitted to the server. A digital certificate is created the smart card is activated. Once the smart card is activated a simplified login procedure can be used wherein connecting the smart card to a workstation initiates a login process not requiring use of a PIN number or other user input.
-
Citations
19 Claims
-
1. A method of activating a smart card, comprising:
-
receiving identifying information for a non-activated smart card that is being used for the first time by a user;
receiving manual authentication information for the user to whom the non-activated smart card has been issued;
authenticating the user and the non-activated smart card using the identifying information and the manual authentication information;
obtaining a public key from the non-activated smart card; and
issuing a digital certificate that is generated using the public key, wherein the non-activated smart cart is activated upon receiving the digital certificate. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
receiving a login request that is initiated when the activated smart card is connected to a workstation;
authenticating the activated smart card using the digital certificate; and
if authenticated, permitting a login to a computer resource.
-
-
7. The method according to claim 6, wherein the activated smart card is removed from the workstation after it is authenticated.
-
8. The method according to claim 6, wherein authenticating the activated smart card further comprises determining that the digital certificate has not been revoked.
-
9. A method of activating a smart card, comprising:
-
sending, to an administration server, identifying information read from a non-activated smart card that has not been previously used by a user to whom the non-activated smart card has been issued;
sending, to the administration server, manual authentication information input by the user;
generating a public key using the non-activated smart card;
sending the public key to the administration server; and
receiving a digital certificate that is generated using the public key, wherein the non-activated smart card is activated upon receipt of the digital certificate. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
connecting the activated smart card to a workstation;
sending a login request to a server that authenticates the digital certificate against a certificate revocation list; and
if authenticated, permitting a login to a computer resource.
-
-
15. The method according to claim 14, wherein the activated smart card is removed from the workstation after the digital certificate is sent.
-
16. The method according to claim 14, wherein the server determines that the digital certificate has not been revoked.
-
17. A method of activating a smart card then using an activated smart card, comprising:
-
on first use of a non-activated smart card by a user to whom the non-activated smart card has been issued;
receiving identifying information for the non-activated smart card;
receiving manual identification information for the user;
authenticating the user and the non-activated smart card using the manual authentication information and the identifying information;
obtaining a public key from the non-activated smart card; and
sending a digital certificate generated using the public key from a certificate authority to the non-activated smart card, wherein the non-activated smart card is activated upon receiving the digital certificate; and
on a subsequent use of the smart card;
receiving a login request that is initiated when the activated smart card is connected to a workstation;
authenticating the digital certificate against a certificate revocation list to determine that the digital certificate has not been revoked; and
if authenticated, permitting a login to a computer resource. - View Dependent Claims (18, 19)
-
Specification