Virtual smart card system and method
First Claim
Patent Images
1. A public key authentication system for use in a computer system having a plurality of users, the system comprising:
- an authentication server;
a directory service connected to the authentication server, wherein the directory service includes a plurality of public keys, wherein each public key is associated with a unique user identifier; and
a host system, wherein the host system includes a public key authentication client and an interface to a smart-card-enabled application, wherein the public key authentication client is connected to the authentication server;
wherein the public key authentication client receives a challenge issued by the authentication server in response to a user request by the host system, signs the challenge with a digital signature representing a user and sends the digital signature of the challenge back to the authentication server; and
wherein the authentication server receives the digital signature of the challenge and verifies the digital signature with the user'"'"'s public key retrieved from the directory service.
9 Assignments
0 Petitions
Accused Products
Abstract
A public key authentication system and method for use in a computer system having a plurality of users. The system includes a virtual smart card server, storage connected to the virtual smart card server, and a virtual smart card agent connected to the virtual smart card server. The storage includes a plurality of virtual smart cards, wherein each virtual smart card is associated with a user and wherein each smart card includes a private key. The virtual smart card agent authenticates the user and accesses the authenticated user'"'"'s virtual smart card to obtain the user'"'"'s private key.
-
Citations
9 Claims
-
1. A public key authentication system for use in a computer system having a plurality of users, the system comprising:
-
an authentication server; a directory service connected to the authentication server, wherein the directory service includes a plurality of public keys, wherein each public key is associated with a unique user identifier; and a host system, wherein the host system includes a public key authentication client and an interface to a smart-card-enabled application, wherein the public key authentication client is connected to the authentication server; wherein the public key authentication client receives a challenge issued by the authentication server in response to a user request by the host system, signs the challenge with a digital signature representing a user and sends the digital signature of the challenge back to the authentication server; and wherein the authentication server receives the digital signature of the challenge and verifies the digital signature with the user'"'"'s public key retrieved from the directory service. - View Dependent Claims (2, 3)
-
-
4. A public key authentication method, comprising:
-
providing a plurality of public keys through a directory service, wherein providing includes associating each public key with a unique user; receiving a user request from a host system; sending a challenge to the host system in response to the user request; receiving a digital signature of the challenge from the host system; and verifying the received digital signature with a public key associated with the user, wherein verifying includes retrieving the public key associated with the user from the directory service. - View Dependent Claims (5, 6)
-
-
7. A computer-readable medium including instructions that, when executed by a computer, cause the computer to perform:
-
providing a plurality of public keys through a directory service, wherein providing includes associating each public key with a unique user; receiving a user request from a host system; sending a challenge to the host system in response to the user request; receiving a digital signature of the challenge from the host system; and verifying the received digital signature with a public key associated with the user, wherein verifying includes retrieving the public key associated with the user from the directory service. - View Dependent Claims (8, 9)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeSafeNet Data Security (Israel) Ltd. (Thales SA)
-
Original AssigneeAladdin Knowledge Systems (Thales SA)
-
InventorsLevenberg, Richard, Smith, Lawrence
-
Primary Examiner(s)Revak; Christopher A
-
Application NumberUS11/425,536Publication NumberTime in Patent Office958 DaysField of SearchNoneUS Class Current713/176CPC Class CodesG06F 21/335 for accessing specific reso...G06F 21/34 involving the use of extern...G06F 2211/008 Public Key, Asymmetric Key,...G06F 2221/2103 Challenge-responseG06Q 20/351 Virtual cardsH04L 63/0442 wherein the sending and rec...H04L 63/0838 using one-time-passwordsH04L 63/126 the source of the received ...
