Methods and systems for providing data objects on a token

US 8,762,350 B2
Filed: 03/13/2012
Issued: 06/24/2014
Est. Priority Date: 06/06/2006
Status: Active Grant

First Claim

Patent Images

1. A system comprising:

an interface operable to communicate with a token device and to provide data objects to the token device in compressed form; and

a processor device coupled to the interface, to;

determine a first data object and a second data object that are associated with the token device, wherein the first data object comprises at least one of a certificate, a public key, a cryptographic token interface, or an identifier, and wherein the second data object comprises at least one of a certificate, a public key, a cryptographic token interface, or an identifier;

aggregate the first data object and the second data object into a group of data objects;

compress the group of data objects into a unit of contiguous data to be written to the token device as a set of blocks;

establish a connection to the token device;

verify the token device;

write the set of blocks to the token device via the interface when the token device has been verified; and

disconnect from the token device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer system, method and/or computer-readable medium provide independent data objects to a token in compressed form. The independent data objects are representative of security information associated with the token. The system includes an interface operable to communicate with a token, and a processor cooperatively operable with the interface. The processor is configured to determine a set of independent data objects that are associated with the token, and to aggregate the set of independent data objects associated with the token into a group. Also, the processor is configured for compressing the group into a unit of contiguous data, and writing the unit of contiguous data to the token via the interface.

Citations

18 Claims

1. A system comprising:
- an interface operable to communicate with a token device and to provide data objects to the token device in compressed form; and
  
  a processor device coupled to the interface, to;
  
  determine a first data object and a second data object that are associated with the token device, wherein the first data object comprises at least one of a certificate, a public key, a cryptographic token interface, or an identifier, and wherein the second data object comprises at least one of a certificate, a public key, a cryptographic token interface, or an identifier;
  
  aggregate the first data object and the second data object into a group of data objects;
  
  compress the group of data objects into a unit of contiguous data to be written to the token device as a set of blocks;
  
  establish a connection to the token device;
  
  verify the token device;
  
  write the set of blocks to the token device via the interface when the token device has been verified; and
  
  disconnect from the token device.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system of claim 1, wherein the writing is performed via a secure connection over the interface.
  - 3. The system of claim 1, wherein the writing of the set of blocks to the token device is performed during one or more of:
    - enrollment of the token device, recovery of data for the token device, or loading of executable instructions on to the token device.
  - 4. The system of claim 1, wherein the processor device is further to associate a version number with the unit of contiguous data to be written to the token device, write the version number to the token device in association with the unit of contiguous data, update the unit of contiguous data when at least one of the group of data objects is changed, and change the version number when the unit of contiguous data for the token device is updated.
  - 5. The system of claim 1, wherein the processor device is further to retrieve the first data object and the second data object from non-contiguous memory before the aggregating.
  - 6. The system of claim 1, wherein the aggregating is in accordance with a data format.

7. A method comprising:
- determining a first data object and a second data object, wherein the first data object comprises at least one of a certificate, a public key, a cryptographic token interface, or an identifier, and wherein the second data object comprises at least one of a certificate, a public key, a cryptographic token interface, or an identifier;
  
  aggregating, by a processor device, the first data object and the second data object into a group of data objects;
  
  compressing the group of data objects into a unit of contiguous data to be written to the token device as a set of blocks;
  
  establishing a connection to the token device;
  
  verifying the token device;
  
  writing the set of blocks to the token device when the token device has been verified; and
  
  disconnecting from the token device.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The method of claim 7, wherein the connection is a secure connection.
  - 9. The method of claim 7, wherein the writing of the set of blocks to the token device is performed during one or more of:
    - enrollment of the token device, recovery of data for the token device, or loading of executable instructions on to the token device.
  - 10. The method of claim 7, further comprising associating a version number with the unit of contiguous data to be written to the token device, and writing the version number to the token device in association with the unit of contiguous data, wherein the version number is changed when the unit of contiguous data for the token device is changed.
  - 11. The method of claim 7, further comprising retrieving the first data object and the second data object from non-contiguous locations in memory before the aggregating.
  - 12. The method of claim 7, wherein the aggregating is in accordance with a data format.

13. A non-transitory machine-accessible medium including instructions that, when executed by a processor device, cause the processor device to perform operations comprising:
- determining, by the processor device, a first data object and a second data object, wherein the first data object comprises at least one of a certificate, a public key, a cryptographic token interface, or an identifier, and wherein the second data object comprises at least one of a certificate, a public key, a cryptographic token interface, or an identifier;
  
  aggregating, by the processor device, the first data object and the second data object into a group of data objects;
  
  compressing, by the processor device, the group of data objects into a unit of contiguous data to be written to the token device as a set of blocks;
  
  establishing a connection to the token device;
  
  verifying the token device;
  
  writing, by the processor device, the set of blocks to the token device when the token device has been verified; and
  
  disconnecting from the token device.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The non-transitory machine-accessible medium of claim 13, wherein the connection is a secure connection.
  - 15. The non-transitory machine-accessible medium of claim 13, wherein the writing of the set of blocks to the token device is performed during one or more of:
    - enrollment of the token device, recovery of data for the token device, or loading of executable instructions on to the token device.
  - 16. The non-transitory machine-accessible medium of claim 13, wherein the operations further comprise:
    - associating a version number with the unit of contiguous data to be written to the token device, and writing the version number to the token device in association with the unit of contiguous data, wherein the version number is changed when the unit of contiguous data for the token device is changed.
  - 17. The non-transitory machine-accessible medium of claim 13, wherein the operations further comprise:
    - retrieving the first data object and the second data object from non-contiguous locations in memory before the aggregating.
  - 18. The non-transitory machine-accessible medium of claim 13, wherein the aggregating is in accordance with a data format.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Red Hat, Inc. (International Business Machines Corporation)
Original Assignee
Red Hat, Inc. (International Business Machines Corporation)
Inventors
Relyea, Robert
Primary Examiner(s)
Uddin, Mohammed R

Application Number

US13/419,274
Publication Number

US 20120174202A1
Time in Patent Office

833 Days
Field of Search

707/693, 707/737, 707/609, 707/999.101, 726/9, 726/20
US Class Current

707/693
CPC Class Codes

H03M 7/30 Compression speech analysis...

Methods and systems for providing data objects on a token

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for providing data objects on a token

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links