Intelligent remote device

US 7,907,935 B2
Filed: 12/22/2003
Issued: 03/15/2011
Est. Priority Date: 12/22/2003
Status: Active Grant

First Claim

Patent Images

1. A method for accessing a security token enabled computer system using an intelligent remote device as a communication interface for a security token, comprising:

establishing a wireless communications connection between at least an intelligent remote device and a security token enabled computer system,executing a remote authentication application installed in the intelligent remote device that triggers an access request to the security token enabled computer system which allows the intelligent remote device to emulate a local security device peripheral connected to the security token enabled computer system,prompting a user to provide a critical security parameter,sending the critical security parameter from the intelligent remote device to said security token operatively coupled to said intelligent remote device,authenticating said critical security parameter by said security token so that the user is authenticated to the security token,upon successful completion of the authentication transaction to the security token, allowing the user access to at least one secure resource associated with the security token enabled computer system, andproviding aural or visual feedback to said user following successful authenticating to at least said security token enabled computer system.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An intelligent remote device equipped with a security token operatively coupled thereto is processing communications with a security token enabled computer system over a wireless private network. The intelligent remote device is adapted to emulate a local security device peripheral connected to the computer system. Multiple computer systems may be authenticated to using the intelligent remote device. Additionally, various secure communications connections mechanisms are described which are intended to augment existing security protocols available using wireless network equipment. Authentication of a user supplied critical security parameter is performed by the security token. The critical security parameter may be provided locally via the intelligent remote device or received from the wireless network and routed to the security token. Aural, visual or vibratory feedback may be provided to the user to signal a successful authentication transaction.

75 Citations

View as Search Results

52 Claims

1. A method for accessing a security token enabled computer system using an intelligent remote device as a communication interface for a security token, comprising:
- establishing a wireless communications connection between at least an intelligent remote device and a security token enabled computer system,executing a remote authentication application installed in the intelligent remote device that triggers an access request to the security token enabled computer system which allows the intelligent remote device to emulate a local security device peripheral connected to the security token enabled computer system,prompting a user to provide a critical security parameter,sending the critical security parameter from the intelligent remote device to said security token operatively coupled to said intelligent remote device,authenticating said critical security parameter by said security token so that the user is authenticated to the security token,upon successful completion of the authentication transaction to the security token, allowing the user access to at least one secure resource associated with the security token enabled computer system, andproviding aural or visual feedback to said user following successful authenticating to at least said security token enabled computer system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method according to claim 1 wherein establishing the wireless communications connection further includes the step of authenticating at least said security token to said security token enabled computer system.
  - 3. The method according to claim 1 wherein said wireless communications connection includes at least one secure communications protocol comprising secure socket layer, transport layer security, private communications technology, interne protocol security or a secure messaging session.
  - 4. The method according to claim 3 wherein said wireless communications connection further includes an APDU communications pipe.
  - 5. The method according to claim 1 wherein said critical security parameter is provided from said security token enabled computer system and sent over said wireless communications connection to said security token.
  - 6. The method according to claim 1 wherein said critical security parameter is provided from said intelligent remote device and sent directly to said security token.
  - 7. The method according to claim 1 wherein said critical security parameter is provided from another computer system and sent to said security token over another wireless connection established between said intelligent remote device and said another computer system.
  - 8. The method according to claim 1 further including the step of sending an access request message from said intelligent remote device to said security token enabled computer system to initiate establishment of said wireless communications connection.
  - 9. The method according to claim 8 wherein said access request message includes at least a first identifier associated with said intelligent remote device, a second identifier associated with said security token or a wireless network address associated with said intelligent remote device.
  - 10. The method according to claim 1 wherein said intelligent remote device includes a personal data assistant, a cellular telephone, a network appliance or a personal security device.
  - 11. The method according to claim 1, wherein the critical security parameter is entered by the user at the intelligent remote device.

12. A system for accessing a security token enabled computer system using an intelligent remote device as a communications interface for a security token, comprising:
- an intelligent remote device that;
  
  communicates with at least a security token enabled computer system over at least a wireless communications connection,operatively couples a security token to said intelligent remote device,receives a critical security parameter provided by a user,sends the critical security parameter to the security token, andsaid intelligent remote device being equipped to trigger an access request to the security token enabled computer system and to emulate a security token peripheral device locally connected to said security token enabled computer system,said security token;
  
  receives the critical security parameter associated with said user from the intelligent remote device, andauthenticates said critical security parameter; and
  
  said security token enabled computer;
  
  utilizes said intelligent remote device as said security token peripheral device, andallows said user access to at least one secure resource following successful authentication of said critical security parameter, wherein said intelligent remote device or said security token enabled computer system provides aural or visual feedback to said user upon successful completion of said two-factor authentication transaction.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 13. The system according to claim 12 wherein said computer system sends an access request message to said security token enabled computer system.
  - 14. The system according to claim 13 wherein said access request message includes at least a first identifier associated with said intelligent remote device, a second identifier associated with said security token or a wireless network address associated with said intelligent remote device.
  - 15. The system according to claim 12 wherein said at least a wireless communications connection includes at least one secure communications protocol comprising secure socket layer, transport layer security, private communications technology, interne protocol security or a secure messaging session.
  - 16. The system according to claim 12 wherein said security token enabled computer system provides said critical security parameter to said security token over said wireless communications connection.
  - 17. The system according to claim 16 wherein said critical security parameter is provided from said security token enabled computer system and sent over said wireless communications connection to said security token.
  - 18. The system according to claim 12 wherein said critical security parameter is provided from said intelligent remote device and sent directly to said security token.
  - 19. The system according to claim 12 wherein said critical security parameter is provided from another computer system and sent to said security token over another wireless connection established between said intelligent remote device and said another computer system.
  - 20. The system according to claim 12 wherein said intelligent remote device includes a personal data assistant, a cellular telephone, a network appliance or a personal security device.
  - 21. The system according to claim 12, wherein the critical security parameter is entered by the user at the intelligent remote device.

22. A method for accessing a security token enabled computer system using an intelligent remote device as a communication interface for a security token, comprising:
- establishing a wireless communications connection between at least an intelligent remote device and a security token enabled computer system,executing a remote authentication application installed in the intelligent remote device that triggers an access request to the security token enabled computer system which allows the intelligent remote device to emulate a local security device peripheral connected to the security token enabled computer system,prompting a user to provide a critical security parameter,sending the critical security parameter from the intelligent remote device to said security token operatively coupled to said intelligent remote device,authenticating said critical security parameter by said security token so that the user is authenticated to the security token,upon successful completion of the authentication transaction to the security token, allowing the user access to at least one secure resource associated with the security token enabled computer system, wherein the critical security parameter is entered by the user at the security token enabled computer system and is received at the intelligent remote device.

23. A method method for accessing a security token enabled computer system using an intelligent remote device as a communications interface for a security token, the intelligent remote device being equipped to emulate a local security device peripheral connected to the security token enabled computer system, the method comprising:
- establishing a secure communications connection between a security token and a security token enabled computer system via an intelligent remote device,authenticating at least said security token to said security token enabled computer system,executing a remote authentication application installed in the intelligent remote device that triggers an access request to the security token enabled computer system which allows the intelligent remote device to emulate a local security device peripheral connected to the security token enabled computer system,prompting a user to provide a critical security parameter,sending the critical security parameter from the intelligent remote device to said security token operatively coupled to said intelligent remote device,authenticating said critical security parameter by said security token so that the user is authenticated to the security token, andupon successful completion of the authentication transaction to the security token, allowing the user access to at least one secure resource associated with the security token enabled computer system, wherein the critical security parameter is entered by the user at the security token enabled computer system and is received at the intelligent remote device.
- View Dependent Claims (24, 25, 26, 27)
- - 24. The method according to claim 23 wherein said secure communications connection comprises an optical wireless connection, a radio frequency wireless connection, an electrical connection or a combination thereof.
  - 25. The method according to claim 23 wherein said secure communications connection includes at least one secure communication protocol comprising secure socket layer, transport layer security, private communications technology, interne protocol security or a secure messaging session.
  - 26. The method according to claim 23 wherein said secure communications connection may be initiated from either said intelligent remote device or said security token enabled computer system.
  - 27. The method according to claim 23, wherein the critical security parameter is entered by the user at the intelligent remote device.

28. A system for accessing a security token enabled computer system using an intelligent remote device as a communications interface for a security token, comprising:
- an intelligent remote device that;
  
  communicates with at least a security token enabled computer system over at least a wireless communications connection,operatively couples a security token to said intelligent remote device,receives a critical security parameter provided by a user,sends the critical security parameter to the security token, andsaid intelligent remote device being equipped to trigger an access request to the security token enabled computer system and to emulate a security token peripheral device locally connected to said security token enabled computer system,said security token;
  
  receives the critical security parameter associated with said user from the intelligent remote device, andauthenticates said critical security parameter; and
  
  said security token enabled computer;
  
  utilizes said intelligent remote device as said security token peripheral device, andallows said user access to at least one secure resource following successful authentication of said critical security parameter, wherein the critical security parameter is entered by the user at the security token enabled computer system and is received at the intelligent remote device.

29. A system system for accessing a security token enabled computer system using an intelligent remote device as a communications interface for a security token, comprising:
- an intelligent remote device in processing communications with at least a security token enabled computer system over a communications connection, said intelligent remote device including;
  
  a device processor,a device memory coupled to said device processor,a security token interface coupled to said device processor, andat least one remote device application operatively stored in at least a portion of said device memory, said at least one remote device application having logical instructions executable by said device processor to;
  
  exchange information with said at least a secure token enabled computer system and said security token,receive a critical security parameter provided by a user;
  
  send the critical security parameter to the security token;
  
  trigger an access request to the security token enabled computer system; and
  
  emulate a security token peripheral device locally connected to said security token enabled computer system;
  
  said security token operatively coupled to said intelligent remote device via said security token interface, said security token including;
  
  a token processor,a token memory coupled to said token processor,at least one token application operatively stored in at least another portion of said token memory, said at least one token application having logical instructions executable by said token processor to;
  
  receive said critical security parameter provided by said user from the intelligent remote device, andauthenticate said received critical security parameter; and
  
  , said security token enabled computer system including;
  
  a computer processor,a computer memory coupled to said computer processor, andat least one computer application operatively stored in at least a portion of said computer memory, said at least one computer application having logical instructions executable by said computer processor to;
  
  exchange information with at least said intelligent remote device security token enabled computer system over said communications connection,receive said critical security parameter provided by said user,utilize said intelligent remote device as said locally connected security token peripheral device, andallow access to at least one secure resource following a successful authentication of said critical security parameter, wherein the critical security parameter is entered by the user at the security token enabled computer system and is received at the intelligent remote device.
- View Dependent Claims (30, 31, 32, 33, 34, 35, 36, 37, 38)
- - 30. The system according to claim 29 wherein said critical security parameter may be provided to said security token via at least said intelligent remote device or said security token enabled computer system.
  - 31. The system according to claim 29 wherein said at least one device application further includes logical instructions executable by said device processor to send an access request message to said security token enabled computer system to invoke establishment of said communications connection between at least said intelligent remote device and said security token enabled computer system.
  - 32. The system according to claim 29 wherein said communications connection includes at least one secure communications protocol comprising secure socket layer, transport layer security, private communications technology, interne protocol security or a secure messaging station.
  - 33. The system according to claim 29 wherein said security token enabled computer system and said intelligent remote device exchanges information over said communications connection via an APDU communications pipe.
  - 34. The set of application interface programs according to claim 29 wherein said first interface converts said information into said native protocol.
  - 35. The set of application interface programs according to claim 29 wherein said first interface extracts said information from communications packets already in said native protocol.
  - 36. The set of application interface programs according to claim 29 wherein said critical security parameter is received from a local user interface.
  - 37. The set of application interface programs according to claim 29 wherein said critical security parameter is received from a remote user interface.
  - 38. The system according to claim 29, wherein the critical security parameter is entered by the user at the intelligent remote device.

39. A set of application program interfaces embodied on a computer readable medium for execution by a processor included in an intelligent remote device and a security token enabled computer system which allows the intelligent remote device to trigger an access request to the security token enabled computer system and to emulate a security token peripheral device locally connected to the security token enabled computer system, comprising:
- a first interface that exchanges information between a security token and a remote security token enabled computer system in a protocol native to said security token; and
  
  ,a second interface, being an interface of the intelligent remote device, that receives and routes the critical security parameter to said security token, wherein the critical security parameter is authenticated with the security token, wherein the critical security parameter is entered by the user at the first interface and is received by the second interface.
- View Dependent Claims (40, 41, 42, 43)
- - 40. The set of application interface programs according to claim 39 wherein said first interface converts said information into said native protocol.
  - 41. The set of application interface programs according to claim 39 wherein said first interface extracts said information from communications packets already in said native protocol.
  - 42. The set of application interface programs according to claim 39 wherein said critical security parameter is received from a local user interface.
  - 43. The set of application interface programs according to claim 39 wherein said critical security parameter is received from a remote user interface.

44. A set of application program interfaces embodied on a computer readable medium for execution by a processor included in an intelligent remote device and a security token enabled computer system which allows the intelligent remote device to trigger an access request to the security token enabled computer system and to emulate a security token peripheral device locally connected to the security token enabled computer system, comprising:
- a first interface that exchanges information between a security token and a remote security token enabled computer system in a protocol native to said security token; and
  
  ,a second interface, being an interface of the intelligent remote device, that receives and routes the critical security parameter to said security token, wherein the critical security parameter is authenticated with the security token, wherein the critical security parameter is entered by the user at the second interface.
- View Dependent Claims (45, 46, 47, 48)
- - 45. The set of application interface programs according to claim 44 wherein said first interface converts said information into said native protocol.
  - 46. The set of application interface programs according to claim 44 wherein said first interface extracts said information from communications packets already in said native protocol.
  - 47. The set of application interface programs according to claim 44 wherein said critical security parameter is received from a local user interface.
  - 48. The set of application interface programs according to claim 44 wherein said critical security parameter is received from a remote user interface.

49. A computer program product embodied in a tangible form readable by a plurality of processors in processing communications, wherein said computer program product includes executable instructions stored thereon for causing one or more of said plurality of processors to:
- establish a secure communications connection between a security token and a security token enabled computer system via an intelligent remote device, wherein the intelligent remote device emulates a local security device peripheral connected to the security token computer system,authenticate at least said security token to said security token enabled computer system,execute a remote authentication application installed in the intelligent remote device that triggers an access request to the security token enabled computer system which allows the intelligent remote device to emulate a local security device peripheral connected to the security token enabled computer system,prompt a user to provide a critical security parameter,send the critical security parameter from the intelligent remote device to said security token operatively coupled to said intelligent remote device,authenticate said critical security parameter by said security token so that the user is authenticated to the security token, andupon successful completion of the authentication transaction to the security token, allow the user access to at least one secure resource associated with the security token enabled computer system, wherein the critical security parameter is entered by the user at the security token enabled computer system and is received at the intelligent remote device.
- View Dependent Claims (50, 51, 52)
- - 50. The computer program product according to claim 49 wherein said tangible form includes magnetic media, optical media or logical media.
  - 51. The computer program product according to claim 49 wherein said executable instructions are stored in a code format including byte code, compiled, interpreted, compliable or interpretable.
  - 52. The computer program product according to claim 49, wherein the critical security parameter is entered by the user at the intelligent remote device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Assa Abloy AB
Original Assignee
Activcard Ireland, Limited
Inventors
Le Saint, Eric F., Fedronic, Dominique Louis Joseph
Primary Examiner(s)
Nguyen, Tu X

Application Number

US10/740,497
Publication Number

US 20050136964A1
Time in Patent Office

2,640 Days
Field of Search

455/410, 455/411, 713150-152
US Class Current

455/411
CPC Class Codes

G06F 21/31   User authentication

G06F 21/34   involving the use of extern...

H04L 63/0853   using an additional device,...

H04L 63/166   at the transport layer

H04W 12/069   using certificates or pre-s...

H04W 12/08   Access security

Intelligent remote device

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

75 Citations

52 Claims

Specification

Solutions

Use Cases

Quick Links

Intelligent remote device

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

75 Citations

52 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links