Setting up a security access system

US 7,770,018 B2
Filed: 05/25/2005
Issued: 08/03/2010
Est. Priority Date: 11/18/2004
Status: Active Grant

First Claim

Patent Images

1. A machine-implemented method comprising:

installing on a hardware system one or more instructions, which when implemented cause the hardware system to implement a process including at least,in response to receiving a request for performing a task, sending a passcode from the hardware system to a hardware module for authentication, the passcode having been previously stored on the hardware system, andgenerating the passcode from an access key that was generated from user information;

sending an access key generated from user information, from the hardware module to the hardware system to enable the hardware system to perform the generating of the passcode;

the hardware module storing one or more machine instructions, which when implemented cause the hardware module to at least implement a setup process that only requires input from the user of the hardware module without requiring input from another, and to at least send from the hardware module to the hardware system the request to perform the task at the hardware system;

wherein the access key is not stored on the hardware system after the sending of the passcode.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In an embodiment, a secure module is provided that provides access keys to an unsecured system. In an embodiment, the secure module may generate passcodes and supply the passcodes to the unsecured system. In an embodiment, the access keys are sent to the unsecured system after receiving the passcode from the unsecured system. In an embodiment, after authenticating the passcode, the secure module does not store the passcode in its memory. In an embodiment, the unsecured module requires the access key to execute a set of instructions or another entity. In an embodiment, the unsecured system does not store access keys. In an embodiment, the unsecured system erases the access key once the unsecured system no longer requires the access key. In an embodiment, the unsecured system receives a new passcode to replace the stored passcode after using the stored passcode. Each of these embodiments may be used separately.

84 Citations

View as Search Results

27 Claims

1. A machine-implemented method comprising:
- installing on a hardware system one or more instructions, which when implemented cause the hardware system to implement a process including at least,in response to receiving a request for performing a task, sending a passcode from the hardware system to a hardware module for authentication, the passcode having been previously stored on the hardware system, andgenerating the passcode from an access key that was generated from user information;
  
  sending an access key generated from user information, from the hardware module to the hardware system to enable the hardware system to perform the generating of the passcode;
  
  the hardware module storing one or more machine instructions, which when implemented cause the hardware module to at least implement a setup process that only requires input from the user of the hardware module without requiring input from another, and to at least send from the hardware module to the hardware system the request to perform the task at the hardware system;
  
  wherein the access key is not stored on the hardware system after the sending of the passcode.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, further comprising:
    - storing the access key on the hardware module.
  - 3. The method of claim 2, wherein the access key, that is based on the user information, is the only key stored at the hardware module while the access key is stored.
  - 4. The method of claim 1, further comprising:
    - acquiring user data.
  - 5. The method of claim 4, further comprising:
    - extracting user information from the user data.
  - 6. The method of claim 5, further comprising:
    - storing the user information.
  - 7. The method of claim 6, further comprising:
    - applying a one-way method to the user information, therein generating the access key.
  - 8. The method of claim 1, wherein as a result of implementing the instructions stored on the hardware module, after an initial access key is generated subsequent access keys are only generated from prior access keys of the user of the subsequent access key, which is the user of the prior access keys.
  - 9. The method of claim 1, wherein as a result of implementing the instructions stored on the hardware module after an initial passcode is generated subsequent passcodes are only generated from prior access keys of the user of the subsequent passcodes, which is the user of the prior access keys.

10. A machine-implemented method comprising:
- acquiring user data;
  
  extracting user information from the user data;
  
  storing the user information;
  
  applying a one-way method to the user information, therein generating an access key;
  
  wherein the one-way method includes at least a hash function; and
  
  sending the access key from a module to a system to enable the system to generate a passcode;
  
  wherein the generated passcode is not stored on the module after the sending of the passcode.
- View Dependent Claims (11, 12)
- - 11. A machine readable medium storing one or more machine instructions, which when invoked cause the machine to implement the method of claim 10.
  - 12. A device configured to implement the method of claim 10, the device comprising the module.

13. A machine-implemented method comprising:
- acquiring user data;
  
  extracting user information from the user data;
  
  storing the user information;
  
  applying a one-way method to the user information, therein generating an encryption key;
  
  sending the encryption key to a system to enable the system to generate a passcode based on the encryption key; and
  
  storing the encryption key on a module;
  
  wherein the generated passcode is not stored on the module.
- View Dependent Claims (14, 15)
- - 14. A machine readable medium storing one or more machine instructions, which when invoked cause the machine to implement the method of claim 13.
  - 15. A device configured to implement the method of claim 13, the device comprising the module.

16. A machine-implemented method comprising:
- installing one or more instructions that require an access key on a hardware system;
  
  installing one or more instructions on the hardware system, which when implemented cause the hardware system to implement a method including at leastsending a passcode, generated from an access key that is generated from user information, from the hardware system to a hardware module in response to a request to perform a task;
  
  receiving an access key generated from user information at the hardware system upon verification of the passcode; and
  
  using the access key to execute the instructions installed on the hardware system;
  
  wherein the hardware system does not store the access key.
- View Dependent Claims (17, 18, 19)
- - 17. The method of claim 16, further comprising:
    - generating the passcode at the hardware system based on the access key.
  - 18. The method of claim 17, further comprising:
    - storing the passcode on the hardware system.
  - 19. The method of claim 16, wherein the one or more instructions requiring the access key are one or more encryption instructions.

20. A machine-implemented method comprising:
- installing on a hardware system one or more machine instructions, which when implemented cause the hardware system to at least perform a requested task using an access key;
  
  wherein the hardware system does not store the access key;
  
  the hardware module implementing a setup process that only requires input form a user of the hardware module for which the access key and passcode are generated, the process including at leastacquiring user data;
  
  extracting user information from the user data;
  
  storing the user information;
  
  applying a one-way method to the user information, therein generating an access key;
  
  wherein the one way method includes at least a hash function;
  
  the hardware module storing one or more instructions, which when implemented cause the hardware module to implement a method including at least sending the request to perform the task to the hardware system;
  
  in response to sending the request, receiving from the hardware system a passcode for authentication that was previously stored at the hardware system;
  
  wherein the passcode was generated from the access key;
  
  comparing the passcode that was received with a passcode generated on the hardware module; and
  
  sending the access key from the hardware module to the hardware system upon verification of the passcode that was received.

21. A machine-implemented method comprising:
- acquiring user data;
  
  extracting user information from the user data at a hardware module having at least one processor and a storage area;
  
  storing the user information in the storage area;
  
  the at least one processor applying a one-way method to the user information, therein generating the access key;
  
  wherein the one-way method includes at least a hash function; and
  
  sending an access key from the hardware module to a hardware system to enable the hardware system to generate a passcode;
  
  wherein the generated passcode is not stored on the hardware module after the sending of the passcode.
- View Dependent Claims (22, 23)
- - 22. A machine readable medium storing one or more machine instructions, which when invoked cause the machine to implement the method of claim 21.
  - 23. A device configured to implement the method of claim 21, the device comprising the hardware module.

24. A machine-implemented method comprising:
- acquiring user data at a hardware module having a processor system having at least one processor;
  
  extracting user information from the user data at the hardware module;
  
  storing the user information at the hardware module;
  
  the processor system of the hardware module applying a one-way method to the user information, therein generating the access key;
  
  the hardware module sending the encryption to s hardware system to enable the hardware system to generate a passcode based on the encryption key; and
  
  storing the encryption key on the hardware module;
  
  wherein the generated passcode is not stored on the hardware module.
- View Dependent Claims (25, 26)
- - 25. A machine readable medium storing one or more machine instructions, which when invoked cause the machine to implement the method of claim 24.
  - 26. A device configured to implement the method of claim 24, the device comprising the hardware module.

27. A machine-implemented method comprising:
- installing on a hardware system one or more instructions, which when implemented cause the hardware system to implement a process including at least,in response to receiving a request for performing a task, sending a passcode from the hardware system to a hardware module for authentication, the passcode having been previously stored on the hardware system, andgenerating the passcode from an access key that was generated from user information;
  
  receiving an access key generated from user information, at the hardware system from the hardware module to enable the hardware system to perform the generating of the passcode;
  
  the hardware module storing one or more machine instructions, which when implemented cause the hardware module to at least implement a setup process that only requires input from the user of the hardware module without requiring input from another, and to at least send from the hardware module to the hardware system the request to perform the task at the hardware system;
  
  wherein the access key is not stored on the hardware system after the sending of the passcode.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Biogy, Inc.
Original Assignee
Biogy, Inc.
Inventors
Fiske, Michael
Primary Examiner(s)
Parthasarathy; Pramila

Application Number

US11/136,851
Publication Number

US 20060107040A1
Time in Patent Office

1,896 Days
Field of Search

None
US Class Current

713/182
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/46   by designing passwords or c...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 9/0866   involving user or device id...

H04L 9/0897   involving additional device...

Setting up a security access system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

84 Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Setting up a security access system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

84 Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links