Remote administration of smart cards for secure access systems
First Claim
1. A secure access method for use with a communication network which communicates information between an information resource controller and a remote unit comprising a smart card, the method comprising:
- identifying, at the remote unit, a command to upload data;
employing, in response to said command, a hash function at the remote unit to encode contents of at least a portion of a memory at the remote unit and thereby to produce a hashed result;
transmitting the hashed result to the information resource controller;
comparing, at the information resource controller, the hashed result with a trusted hashed result maintained at the information resource controller thereby to provide a comparison result;
if the comparing produces an unfavorable result, performing at least one of;
revoking the remote unit by the information resource controller; and
cancelling authorizations to the remote unit; and
determining that the at least a portion of the memory at the remote unit has integrity based, at least in part, on the comparison result.
8 Assignments
0 Petitions
Accused Products
Abstract
A secure access method for use with a communication network which communicates information between an information resource controller and a remote unit comprising a smart card, the method including: identifying, at the remote unit, a command to upload data; employing, in response to said command, a hash function at the remote unit to encode contents of at least a portion of a memory at the remote unit and thereby to produce a hashed result; transmitting the hashed result to the information resource controller; comparing, at the information resource controller, the hashed result with a trusted hashed result maintained at the information resource controller thereby to provide a comparison result; if the comparing produces an unfavorable result, performing at least one of: revoking the remote unit by the information resource controller; and cancelling authorizations to the remote unit; and determining that the at least a portion of the memory at the remote unit has integrity based, at least in part, on the comparison result.
-
Citations
4 Claims
-
1. A secure access method for use with a communication network which communicates information between an information resource controller and a remote unit comprising a smart card, the method comprising:
-
identifying, at the remote unit, a command to upload data; employing, in response to said command, a hash function at the remote unit to encode contents of at least a portion of a memory at the remote unit and thereby to produce a hashed result; transmitting the hashed result to the information resource controller; comparing, at the information resource controller, the hashed result with a trusted hashed result maintained at the information resource controller thereby to provide a comparison result; if the comparing produces an unfavorable result, performing at least one of; revoking the remote unit by the information resource controller; and cancelling authorizations to the remote unit; and determining that the at least a portion of the memory at the remote unit has integrity based, at least in part, on the comparison result.
-
-
2. A system for providing secure access in a communication network comprising:
-
an information resource controller; and a remote unit comprising a smart card, wherein the information resource controller and the remote unit are operative to communicate information through the communication network, and the remote unit is operative to; identify a command to upload data; in response to the command, perform a hash function on at least a portion of a memory at the remote unit, thereby producing a hashed result; and transmit the hashed result to the information resource controller, and the information resource controller is operative to; compare the hashed result with a trusted hash result maintained at the information resource controller; wherein, if the comparison is favorable, determine that the at least a portion of the memory has integrity, and if the comparison is unfavorable perform at least one of; revoke the remote unit; and cancel authorizations to the remote unit.
-
-
3. A secure access method for use with a communication network which communicates information between an information resource controller and a remote unit comprising a smart card, the method comprising:
-
identifying, at the remote unit, a command to upload data; employing, in response to said command, a hash function at the remote unit to encode contents of at least a portion of a memory at the remote unit and thereby to produce a hashed result; transmitting the hashed result to the information resource controller; comparing, at the information resource controller, the hashed result with a trusted hashed result maintained at the information resource controller thereby to provide a comparison result; and determining that the at least a portion of the memory at the remote unit has integrity based, at least in part, on the comparison result; and transmitting repairing information to the remote unit to correct the contents of said at least a portion of the memory at the remote unit if the comparison result is unfavorable, wherein if, after using the repairing information at the remote unit, the hashed result still does not match the trusted hash result, performing at least one of the following; revoking the smart card; cancelling all authorizations to the smart card; and generating a message indicating that the smart card has been revoked.
-
-
4. A system for providing secure access in a communication network comprising:
-
an information resource controller; and a remote unit comprising a smart card, wherein the information resource controller and the remote unit are operative to communicate information through the communication network, and the remote unit is operative to; identify a command to upload data; in response to the command, perform a hash function on at least a portion of a memory at the remote unit, thereby producing a hashed result; and transmit the hashed result to the information resource controller, and the information resource controller is operative to; compare the hashed result with a trusted hash result maintained at the information resource controller; and if the comparison is favorable, determine that the at least a portion of the memory has integrity, and if the comparison is unfavorable, transmit repair information to the remote unit to correct the contents of the at least a portion of the memory at the remote unit, wherein if, after using the repair information at the remote unit, the hashed result still does not match the trusted hash result, perform at least one of the following; revoke the smart card; cancel all authorizations to the smart card; and generate a message indicating that the smart card has been revoked.
-
Specification