System, device, and method for providing secure electronic commerce transactions

US 7,404,202 B2
Filed: 01/16/2002
Issued: 07/22/2008
Est. Priority Date: 11/21/2001
Status: Expired due to Term

First Claim

Patent Images

1. A system to uniquely identify a security computing device coupled to a computer, the computer coupled to a server over a computer network, the system comprising:

the security computing device being separate from the computer and adapted for connection by a user to the computer with an input/output (I/O) connector, the security computing device including a processor and a secure memory, the security computing device storing a serial number associated with the security computing device and a user key associated with the serial number that is unique to the security computing device in the secure memory;

a server coupled to a user information database, the user information database storing a plurality of registered serial numbers and a plurality of user keys, each user key being associated with one of the plurality of registered serial numbers;

wherein, when the computer attempts to log onto the server over the computer network, the server;

requests a serial number from the security computing device, the security computing device under the control of the processor to transmit the serial number from the secure memory;

verifies whether the serial number received from the security computing device is stored as one of the plurality of registered serial numbers in the user information database;

if the serial number is stored within the user information database, the server obtains the associated user key and computes a challenge and computes an expected response based on the associated user key, the server sends the challenge to the security computing device over the computer network, wherein the security computing device under the control of the processor computes a response based upon a user key stored in the secure memory of the security computing device; and

if the server receives the response back from the security computing device in response to the challenge that matches the expected response, the server allows the computer to log onto the server and bused upon a request from the computer for an asset, the server to encrypt the asset with an asset key and to encrypt the asset key with the user key of the security computing device and to send the encrypted asset and asset key to the computer.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed is a security device coupled to a computing device, which is, in turn, coupled to a server through a computer network. The security device stores a serial number associated with the security device and a user key associated with the serial number. When the computing device attempts to log onto the server over the computer network, the server requests a serial number from the security device. If the serial number is stored within a user information database, the server obtains an associated user key and computes a challenge. Further, the server computes an expected response for the security device based on the associated user key. The server then sends the challenge to the security device over the computer network. If the server receives a response back from the security device that matches the expected response, the server will allow the computing device to log onto the server.

82 Citations

View as Search Results

14 Claims

1. A system to uniquely identify a security computing device coupled to a computer, the computer coupled to a server over a computer network, the system comprising:
- the security computing device being separate from the computer and adapted for connection by a user to the computer with an input/output (I/O) connector, the security computing device including a processor and a secure memory, the security computing device storing a serial number associated with the security computing device and a user key associated with the serial number that is unique to the security computing device in the secure memory;
  
  a server coupled to a user information database, the user information database storing a plurality of registered serial numbers and a plurality of user keys, each user key being associated with one of the plurality of registered serial numbers;
  
  wherein, when the computer attempts to log onto the server over the computer network, the server;
  
  requests a serial number from the security computing device, the security computing device under the control of the processor to transmit the serial number from the secure memory;
  
  verifies whether the serial number received from the security computing device is stored as one of the plurality of registered serial numbers in the user information database;
  
  if the serial number is stored within the user information database, the server obtains the associated user key and computes a challenge and computes an expected response based on the associated user key, the server sends the challenge to the security computing device over the computer network, wherein the security computing device under the control of the processor computes a response based upon a user key stored in the secure memory of the security computing device; and
  
  if the server receives the response back from the security computing device in response to the challenge that matches the expected response, the server allows the computer to log onto the server and bused upon a request from the computer for an asset, the server to encrypt the asset with an asset key and to encrypt the asset key with the user key of the security computing device and to send the encrypted asset and asset key to the computer.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system of claim 1, wherein the expected response computed at the server and the response computed at the security computing device, are both based on a one-way hashing function of the user key and the challenge.
  - 3. The system of claim 1, wherein the computer stores the encrypted asset.
  - 4. The system of claim 3, wherein the computer stores the encrypted asset key.
  - 5. The system of claim 4, wherein encrypting the asset key with the user key further comprises encrypting a rental flag identifying whether the associated asset is to be rented or purchased.
  - 6. The system of claim 4, wherein the security computing device decrypts the asset key that is encrypted with the user key using the user key stored by the security computing device.
  - 7. The system of claim 6, wherein the security computing device transmits the decrypted asset key to the computer such that the computer uses the decrypted asset key to decrypt the asset.

8. A method to uniquely identify a security computing device, the security computing device coupled to a computer, the computer coupled to a server over a computer network, the method comprising:
- storing a serial number associated with the security computing device and a user key associated with the serial number that is unique to the security computing device in a secure memory of the security computing device;
  
  storing a plurality of registered serial numbers and a plurality of user keys at the server, each user key being associated with one of the plurality of registered serial numbers;
  
  requesting a serial number from the security computing device when the computer attempts to log onto the server over the computer network, the security computing device being separate from the computer and being adapted for connection by a user to the computer with an input/output (I/O) connector, the security computing device operating under the control of a processor to transmit the serial number from the secure memory;
  
  verifying whether the serial number received from the security computing device is stored as one of the plurality of registered serial numbers at the server;
  
  if the serial number is stored at the server,obtaining the associated user key from the server;
  
  computing a challenge;
  
  computing an expected response based on the associated user key;
  
  sending the challenge to the security computing device over the computer network, wherein the security computing device under the control of the processor computes a response based upon a user key stored in the secure memory of the security computing device; and
  
  if the server receives a response back from the security computing device in response to the challenge that matches the expected response, allowing the computer to log onto the server and based upon a request from the computer for an asset, the server to encrypt the asset with an asset key and to encrypt the asset key with the user key of the security computing device and to send the encrypted asset and asset key to the computer.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8, wherein the expected response is computed at the server and the response is computed at the security computing device, both the response and the expected response being based on a one-way hashing function of the user key and the challenge.
  - 10. The method of claim 8, further comprising computer storing the encrypted asset.
  - 11. The method of claim 10, further comprising the computer storing the encrypted asset key.
  - 12. The method of claim 11, wherein encrypting the asset key with the user key further comprises encrypting a rental flag identifying whether the associated asset is to be rented or purchased.
  - 13. The method of claim 11, wherein the security computing device decrypts the asset key that is encrypted with the user key using the user key stared by the security device.
  - 14. The method of claim 13, wherein the security computing device transmits the decrypted asset key to the computer such that the computer uses the decrypted asset key to decrypt the asset.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Yamaha Guitar Group, Inc. (Yamaha Corporation)
Original Assignee
Line 6, Inc. (Yamaha Corporation)
Inventors
Brinkman, John, Randall, Charles Corris, Longawa, John, Hamilton, Dave, Rampley, Rob, Ryle, Marcus
Primary Examiner(s)
Zand; Kambiz
Assistant Examiner(s)
Lipman; Jacob

Application Number

US10/050,648
Publication Number

US 20030097571A1
Time in Patent Office

2,379 Days
Field of Search

726 5- 7, 726/9, 713/168
US Class Current

726/5
CPC Class Codes

G06Q 20/00   Payment architectures, sche...

G06Q 20/12   specially adapted for elect...

G06Q 20/388   using mutual authentication...

G06Q 20/4014   Identity check for transact...

System, device, and method for providing secure electronic commerce transactions

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

82 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

System, device, and method for providing secure electronic commerce transactions

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

82 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links