Methods and systems for assigning roles on a token
First Claim
Patent Images
1. A method comprising:
- receiving, by a client computing machine, a token comprising a first applet, a first symmetric key set associated with the first applet and a card identification number of the token;
authenticating, by the client computing machine, with the first applet on the token using the first symmetric key set to establish access to the first applet;
generating, by the client computing machine, a second symmetric key set based on a private cryptographic key and the card identification number of the token in response to authenticating with the first applet;
associating, by the client computing machine, the second symmetric key set with the first applet; and
severing, by the client computing machine, the association between the first symmetric key set with the first applet.
1 Assignment
0 Petitions
Accused Products
Abstract
An embodiment relates generally to a method of assigning roles to a token. The method includes determining a first role for a first participant on a token and providing exclusive access to a first section of the token for the first participant base on the first role. The method also includes determining a second role for a second participant on the token and providing exclusive access to a second section of the token for the second participant based on the second role.
-
Citations
14 Claims
-
1. A method comprising:
-
receiving, by a client computing machine, a token comprising a first applet, a first symmetric key set associated with the first applet and a card identification number of the token; authenticating, by the client computing machine, with the first applet on the token using the first symmetric key set to establish access to the first applet; generating, by the client computing machine, a second symmetric key set based on a private cryptographic key and the card identification number of the token in response to authenticating with the first applet; associating, by the client computing machine, the second symmetric key set with the first applet; and severing, by the client computing machine, the association between the first symmetric key set with the first applet. - View Dependent Claims (2, 3, 4)
-
-
5. A system comprising:
-
an interface to receive a token comprising a first applet, a first symmetric key set that is associated with the first applet and a card identification number of the token; a processor coupled to the interface and configured to authenticate with the first applet on the token using the first symmetric key set to establish access to the first applet; generate a second symmetric key set based on a private cryptographic key and the card identification number of the token in response to authenticating with the first applet; associate the second symmetric key set with the first applet; and severe the association between the first symmetric key set with the first applet. - View Dependent Claims (6, 7)
-
-
8. A method comprising:
-
storing, by a token, a first applet, a first symmetric key set associated with the first applet, and a card identification number of the token; authenticating a client computing machine by the first applet on the token based on the first symmetric key set; receiving, by the token, a second symmetric key set from the client computing machine in response to authenticating the client computing machine, wherein the second symmetric key is based on a private cryptographic key and the card identification number of the token; associating, by the token, the second symmetric key set with the first applet; and executing, by the token, a command to sever the association between the first symmetric key set with the first applet. - View Dependent Claims (9, 10, 11)
-
-
12. A non-transitory computer readable storage medium including instructions that, when executed by a processing system, cause the processing system to perform a method comprising:
-
receiving a token comprising a first applet, a first symmetric key set that is associated with the first applet and a card identification number of the token; generating, by the processing system, a second symmetric key set based on a private cryptographic key and the card identification number of the token in response to authenticating with the first applet; associating the second symmetric key set with the first applet; and severing the association between the first symmetric key set with the first applet. - View Dependent Claims (13, 14)
-
Specification