Portable secure element
First Claim
1. A computer-implemented method for transferring control of a secure memory, comprising:
- creating, by a computer, a master key between a first secure services provider and a second secure services provider, wherein the master key facilitates a transfer of control of a secure memory from the first secure services provider to the second secure services provider;
receiving, by the computer, a request to transfer control of the secure memory from the first secure services provider to the second secure services provider;
initiating, by the computer, a secure communication channel with the secure memory, wherein, the secure communication channel is established using an access key known by the first secure services provider that is resident on the secure memory;
communicating, by the computer, an instruction to delete the access key from the secure memory;
creating, by the computer, a temporary key;
communicating, by the computer, the temporary key to the secure memory;
encrypting, by the computer, the temporary key using the master key established between the first secure services provider and the second secure services provider; and
communicating, by the computer, the encrypted temporary key to the second secure services provider for the second secure services provider to access the secure element.
2 Assignments
0 Petitions
Accused Products
Abstract
Transferring control of a secure element between TSMs comprises a zone master key established between the TSMs that facilitates encryption of a temporary key. The TSMs create the zone master key prior to initiation of transfer of control. Once transfer of control is initiated, the first TSM establishes a communication channel and deletes its key from the secure element. The first TSM creates a temporary key that is encrypted with the zone master key established between the first TSM and the second TSM. The encrypted temporary key is communicated to the second TSM with a device identifier. The second TSM decrypts the temporary key using the zone master key and identifies the user device using the device identifier. The new TSM establishes a communication channel and deletes the temporary key from the secure element. The new TSM then inputs and saves its key into the secure element.
175 Citations
30 Claims
-
1. A computer-implemented method for transferring control of a secure memory, comprising:
-
creating, by a computer, a master key between a first secure services provider and a second secure services provider, wherein the master key facilitates a transfer of control of a secure memory from the first secure services provider to the second secure services provider; receiving, by the computer, a request to transfer control of the secure memory from the first secure services provider to the second secure services provider; initiating, by the computer, a secure communication channel with the secure memory, wherein, the secure communication channel is established using an access key known by the first secure services provider that is resident on the secure memory; communicating, by the computer, an instruction to delete the access key from the secure memory; creating, by the computer, a temporary key; communicating, by the computer, the temporary key to the secure memory; encrypting, by the computer, the temporary key using the master key established between the first secure services provider and the second secure services provider; and communicating, by the computer, the encrypted temporary key to the second secure services provider for the second secure services provider to access the secure element. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer-implemented method for transferring control of a secure memory, comprising:
-
creating, by a computer, a first master key between a first secure services provider and a mediator secure services provider, wherein the first master key facilitates a transfer of control of a secure memory from the first secure services provider to the mediator secures vies provider; creating, by a computer, a second master key between the mediator secure services provider and a second secure services provider, wherein the second master key facilitates a transfer of control of the secure memory from the mediator secure services provider to the second secure services provider; receiving, by the computer, a first temporary key from the first secure services provider to transfer control of the secure element from the first secure services provider to the mediator secure services provider, wherein the first temporary key is encrypted by the first master key established between the first secure services provider and the mediator secure services provider, and wherein the first temporary key has been saved on the secure memory; decrypting, by the computer, the first temporary key using the first master key established between the first secure services provider and the mediator secure services provider; initiating, by the computer, a secure communication channel with the secure memory, wherein the secure communication channel is established using the first temporary key decrypted by the mediator secure services provider; communicating, by the computer, an instruction to delete the first temporary key from the secure memory; creating, by the computer, a second temporary key; communicating, by the computer, the second temporary key to the secure memory; encrypting, by the computer, the second temporary key using the second master key established between the mediator secure services provider and the second secure services provider; and communicating, by the computer, the encrypted second temporary key to the second secure services provider for the second secure services provider to access the secure memory. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A computer program product, comprising:
a non-transitory computer-readable medium having computer-readable program code embodied therein for transferring control of a secure memory, the computer-readable program code comprising; computer-readable program code for receiving a first temporary key from a first secure services provider to transfer control of a secure memory from the first secure services provider to a mediator secure services provider; computer-readable program code for initiating a secure communication channel with the secure memory, wherein the secure communication channel is established using the first temporary key and wherein the first temporary key is resident on the secure memory; computer-readable program code for creating a second temporary key, wherein the second temporary key is inputted and saved on the secure memory; and computer-readable program code for communicating the second temporary key to the second secure services provider. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
27. A system for transferring control of a secure memory, the system comprising:
-
a storage device; and a processor configured to execute computer-executable instructions store the storage device to transfer control of a secure memory, the computer-executable instructions comprising; instructions for receiving a first temporary key from a first secure services provider to transfer control of a secure memory from the first secure services provider to a mediator secure services provider; instructions for initiating a secure communication channel with the secure memory, wherein the secure communication channel is established using the first temporary key; instructions for communicating an instruction to delete the first temporary key from the secure memory; instructions for creating a second temporary key; instructions for communicating the second temporary key to the secure memory; and instructions for communicating the second temporary key to the second secure services provider for the second secure services provider to access the secure memory. - View Dependent Claims (28, 29, 30)
-
Specification