Smart card security information configuration and recovery system

US 6,981,152 B2
Filed: 07/30/2001
Issued: 12/27/2005
Est. Priority Date: 07/28/2000
Status: Expired due to Fees

First Claim

Patent Images

1. A process for storing and recovering security information stored on a first transportable memory device that is used to uniquely access a client computer and secure logins into networks and Web sites, comprising the steps of:

providing a secure server;

creating a password and challenge question;

wherein said password is used to access said server if said first transportable memory device is lost and said challenge question is used to confirm the user'"'"'s identity when challenged while accessing said server without a transportable memory device;

retrieving an ID number of said first transportable memory device and other user and system specific information;

storing said first transportable memory device ID and said other user and system specific information on said server;

providing access key creation means on said server for creating a first access key;

storing said first access key on said server;

providing configuration means for configuring said client to boot only if said first transportable memory device is readable by said client or said first access key is entered;

wherein said access key creation means creates a second access key upon request by the user;

replacing said first access key with said second access key on said server; and

wherein said configuration means configures said client to boot if said second access key is entered, thereby replacing said first access key.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A smart card security information configuration and recovery system provides a secure Web site and server that allows smart card users to easily create and obtain smart cards and passwords. The client program accesses the smart card inserted into the client computer and retrieves the smart card'"'"'s ID and other user and system information and sends them to the server which creates an access key. The access key and the smart card ID are stored in the client computer'"'"'s CMOS or non-volatile memory for boot-up access. The client computer will boot only if the proper smart card is installed or the proper access key is entered when the smart card is unavailable. If the user loses his smart card, then he must gain access to his computer through the access key which the server issues after the user logs in. When the user wants to get a new smart card issued, he logs onto the server which is sent the new smart card'"'"'s ID that replaces the previous smart card'"'"'s ID and the server generates a new access key and stores it. The new access key and the smart card'"'"'s ID are stored in the client computer'"'"'s CMOS or non-volatile memory for boot access.

47 Citations

View as Search Results

42 Claims

1. A process for storing and recovering security information stored on a first transportable memory device that is used to uniquely access a client computer and secure logins into networks and Web sites, comprising the steps of:
- providing a secure server;
  
  creating a password and challenge question;
  
  wherein said password is used to access said server if said first transportable memory device is lost and said challenge question is used to confirm the user'"'"'s identity when challenged while accessing said server without a transportable memory device;
  
  retrieving an ID number of said first transportable memory device and other user and system specific information;
  
  storing said first transportable memory device ID and said other user and system specific information on said server;
  
  providing access key creation means on said server for creating a first access key;
  
  storing said first access key on said server;
  
  providing configuration means for configuring said client to boot only if said first transportable memory device is readable by said client or said first access key is entered;
  
  wherein said access key creation means creates a second access key upon request by the user;
  
  replacing said first access key with said second access key on said server; and
  
  wherein said configuration means configures said client to boot if said second access key is entered, thereby replacing said first access key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The process of claim 1, wherein an emergency diskette is created and said client can boot using said diskette instead of said first transportable memory device.
  - 3. The process of claim 1, wherein the user accesses said server through another computer;
    - wherein said server requires the user to log in; and
      
      wherein said server displays a current access key to the user if said log in is correct.
  - 4. The process of claim 1, wherein the user enters a current access key into said client;
    - and wherein said client boots in response to said current access key.
  - 5. The process of claim 1, further comprising the steps of:
    - wherein the user requests that said server issue a second transportable memory device to replace said first transportable memory device;
      
      retrieving the ID number from said second transportable memory device;
      
      replacing said first transportable memory device ID with said second transportable memory device ID on said server; and
      
      wherein said configuration means configures said client to boot if said second transportable memory device is readable, thereby replacing said first transportable memory device.
  - 6. The process of claim 5, wherein said server requires the user to enter the proper user and/or other system specific information to validate said request.
  - 7. The process of claim 5, further comprising the step of:
    - wherein said access key creation means creates a third access key;
      
      replacing said first access key with said third access key on said server; and
      
      wherein said configuration means configures said client to boot if said third access key is entered, thereby replacing said first access key.
  - 8. The process of claim 5, further comprising the step of:
    - providing morphing means for recreating a personal computing environment stored on said first transportable memory device onto said second transportable memory device.
  - 9. The process of claim 8, wherein said morphing means transfers encryption and other rights of said first transportable memory device to said second transportable memory device.
  - 10. The process of claim 1, further comprising the step of:
    - providing automatic login means resident on said client for logging onto networks and/or Web sites, without the user'"'"'s intervention, using the user'"'"'s information stored on said first transportable memory device.

11. A process for storing and recovering security information stored on a first transportable memory device that is used to uniquely access a client computer, comprising the steps of:
- providing a secure server;
  
  retrieving the ID number of said first transportable memory device and other user and system specific information;
  
  storing said first smart card ID and said other user and system specific information on said server;
  
  providing access key creation means on said server for creating a first access key;
  
  storing said first access key on said server;
  
  providing configuration means for configuring said client to boot only if said first transportable memory device is readable by said client or said first access key is entered;
  
  wherein said access key creation means creates a second access key upon request by the user;
  
  replacing said first access key with said second access key on said server; and
  
  wherein said configuration means configures said client to boot if said second access key is entered, thereby replacing said first access key.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 12. The process of claim 11, further comprising the step of:
    - creating a password and challenge question; and
      
      wherein said password is used to access said server if said first transportable memory device is lost and said challenge question is used to confirm the user'"'"'s identity when challenged while accessing said server without a transportable memory device.
  - 13. The process of claim 11, wherein an emergency diskette is created and said client can boot using said diskette instead of said first transportable memory device.
  - 14. The process of claim 12, wherein the user accesses said server through another computer;
    - wherein said server requires the user to log in; and
      
      wherein said server displays a current access key to the user if said log in is correct.
  - 15. The process of claim 11, wherein the user enters a current access key into said client;
    - and wherein said client boots in response to said current access key.
  - 16. The process of claim 11, further comprising the steps of:
    - wherein the user requests that said server issue a second transportable memory device to replace said first transportable memory device;
      
      retrieving the ID number from said second transportable memory device;
      
      replacing said first transportable memory device ID with said second transportable memory device ID on said server; and
      
      wherein said configuration means configures said client to boot if said second transportable memory device is readable, thereby replacing said first transportable memory device.
  - 17. The process of claim 16, wherein said server requires the user to enter the proper user and/or other system specific information to validate said request.
  - 18. The process of claim 16, further comprising the step of:
    - wherein said access key creation means creates a third access key;
      
      replacing said first access key with said third access key on said server; and
      
      wherein said configuration means configures said client to boot if said third access key is entered, thereby replacing said first access key.
  - 19. The process of claim 16, further comprising the step of:
    - providing morphing means for recreating a personal computing environment stored on said first transportable memory device onto said second transportable memory device.
  - 20. The process of claim 19, wherein said morphing means transfers encryption and other rights of said first transportable memory device to said second transportable memory device.
  - 21. The process of claim 11, further comprising the step of:
    - providing automatic login means on said client for logging onto networks and/or Web sites, without the user'"'"'s intervention, using the user'"'"'s information stored on said first transportable memory device.

22. A program storage medium readable by a computer, tangibly embodying a program of instructions executable by the computer to perform method steps for storing and recovering security information stored on a first transportable memory device that is used to uniquely access a client computer, comprising the steps of:
- providing a secure server;
  
  creating a password and challenge question;
  
  wherein said password is used to access said server if said first transportable memory device is lost and said challenge question is used to confirm the user'"'"'s identity when challenged while accessing said server without a transportable memory device;
  
  retrieving the ID number of said first transportable memory device and other user and system specific information;
  
  storing said first transportable memory device ID and said other user and system specific information on said server;
  
  providing access key creation means on said server for creating a first access key;
  
  storing said first access key on said server;
  
  providing configuration means for configuring said client to boot only if said first transportable memory device is readable by said client or said first access key is entered;
  
  wherein said access key creation means creates a second access key upon request by the user;
  
  replacing said first access key with said second access key on said server; and
  
  wherein said configuration means configures said client to boot if said second access key is entered, thereby replacing said first access key.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31)
- - 23. The method of claim 22, wherein an emergency diskette is created and said client can boot using said diskette instead of said first transportable memory device.
  - 24. The method of claim 22, wherein the user accesses said server through another computer;
    - wherein said server requires the user to log in; and
      
      wherein said server displays a current access key to the user if said log in is correct.
  - 25. The method of claim 22, wherein the user enters a access key into said client;
    - and wherein said client boots in response to said current access key.
  - 26. The method of claim 22, further comprising the steps of:
    - wherein the user requests that said server issue a second transportable memory device to replace said first transportable memory device;
      
      retrieving the ID number from said second transportable memory device;
      
      replacing said first transportable memory device ID with said second transportable memory device ID on said server; and
      
      wherein said configuration means configures said client to boot if said second transportable memory device is readable, thereby replacing said first transportable memory device.
  - 27. The method of claim 26, wherein said server requires the user to enter the proper user and/or other system specific information to validate said request.
  - 28. The method of claim 26, further comprising the step of:
    - wherein said access key creation means creates a third access key;
      
      replacing said first access key with said third access key on said server; and
      
      wherein said configuration means configures said client to boot if said third access key is entered, thereby replacing said first access key.
  - 29. The method of claim 26, further comprising the step of:
    - providing morphing means for recreating a personal computing environment stored on said first transportable memory device onto said second transportable memory device.
  - 30. The method of claim 29, wherein said morphing means transfers encryption and other rights of said first transportable memory device to said second transportable memory device.
  - 31. The method of claim 22, further comprising the step of:
    - providing automatic login means resident on said client for logging onto networks and/or Web sites, without the user'"'"'s intervention, using the user'"'"'s information stored on said first transportable memory device.

32. A program storage medium readable by a computer, tangibly embodying a program of instructions executable by the computer to perform method steps for storing and recovering security information stored on a first transportable memory device that is used to uniquely access a client computer, comprising the steps of:
- providing a secure server;
  
  retrieving the ID number of said first transportable memory device and other user and system specific information;
  
  storing said first transportable memory device ID and said other user and system specific information on said server;
  
  providing access key creation means on said server for creating a first access key;
  
  storing said first access key on said server;
  
  providing configuration means for configuring said client to boot only if said first transportable memory device is readable by said client or said first access key is entered;
  
  wherein said access key creation means creates a second access key upon request by the user;
  
  replacing said first access key with said second access key on said server; and
  
  wherein said configuration means configures said client to boot if said second access key is entered, thereby replacing said first access key.
- View Dependent Claims (33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
- - 33. The method of claim 32, further comprising the step of:
    - creating a password and challenge question; and
      
      wherein said password is used to access said server if said first transportable memory device is lost and said challenge question is used to confirm the user'"'"'s identity when challenged while accessing said server without a transportable memory device.
  - 34. The method of claim 32, wherein an emergency diskette is created and said client can boot using said diskette instead of said first transportable memory device.
  - 35. The method of claim 33, wherein the user accesses said server through another computer;
    - wherein said server requires the user to log in; and
      
      wherein said server displays a current access key to the user if said log in is correct.
  - 36. The method of claim 32, wherein the user enters a current access key into said client;
    - and wherein said client boots in response to said current access key.
  - 37. The method of claim 32, further comprising the steps of:
    - wherein the user requests that said server issue a second transportable memory device to replace said first transportable memory device;
      
      retrieving the ID number from said second transportable memory device;
      
      replacing said first transportable memory device ID with said second transportable memory device ID on said server; and
      
      wherein said configuration means configures said client to boot if said second transportable memory device is readable, thereby replacing said first transportable memory device.
  - 38. The method of claim 37, wherein said server requires the user to enter the proper user and/or other system specific information to validate said request.
  - 39. The method of claim 37, further comprising the step of:
    - wherein said access key creation means creates a third access key;
      
      replacing said first access key with said third access key on said server; and
      
      wherein said configuration means configures said client to boot if said third access key is entered, thereby replacing said first access key.
  - 40. The method of claim 37, further comprising the step of:
    - providing morphing means for recreating a personal computing environment stored on said first transportable memory device onto said second transportable memory device.
  - 41. The method of claim 40, wherein said morphing means transfers encryption and other rights of said first transportable memory device to said second transportable memory device.
  - 42. The method of claim 32, further comprising the step of:
    - providing automatic login means resident on said client for logging onto networks and/or Web sites, without the user'"'"'s intervention, using the user'"'"'s information stored on said first transportable memory device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
O2 Micro International Limited (O2 Micro Incorporated)
Original Assignee
360 Degree Web Incorporated
Inventors
Li, Miao, Kuo, Chih Jen, Du, Sterling D.
Primary Examiner(s)
Smithers, Matthew
Assistant Examiner(s)
NGUYEN, MINH DIEU T

Application Number

US09/919,076
Publication Number

US 20020029348A1
Time in Patent Office

1,611 Days
Field of Search

713/182, 713/185, 713 1- 2, 713/100, 713/168, 713/172, 713/193
US Class Current

713/193
CPC Class Codes

G06F 21/31 User authentication

G06F 21/34 involving the use of extern...

Smart card security information configuration and recovery system

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

47 Citations

42 Claims

Specification

Solutions

Use Cases

Quick Links

Smart card security information configuration and recovery system

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

47 Citations

42 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links