Smartcard formation with authentication keys

US 8,977,844 B2
Filed: 08/31/2006
Issued: 03/10/2015
Est. Priority Date: 08/31/2006
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

detecting a security token device that is un-formatted with respect to an enterprise, wherein the security token device comprises a first cryptographic authentication key and a first answer-to-reset (ATR) code; and

formatting, by a processor, the security token device by;

replacing the first ATR code of the security token device with a second ATR code that is allocated to the enterprise, andreplacing the first cryptographic authentication key of the security token device with a second cryptographic authentication key that is specific to a security requirement of the enterprise.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An embodiment generally relates to a method of managing tokens. The method includes detecting a presence of a token at a client and determining a status of the token. The method also includes formatting the token at the client in response to the status of the token being unformatted.

Citations

20 Claims

1. A method comprising:
- detecting a security token device that is un-formatted with respect to an enterprise, wherein the security token device comprises a first cryptographic authentication key and a first answer-to-reset (ATR) code; and
  
  formatting, by a processor, the security token device by;
  
  replacing the first ATR code of the security token device with a second ATR code that is allocated to the enterprise, andreplacing the first cryptographic authentication key of the security token device with a second cryptographic authentication key that is specific to a security requirement of the enterprise.
- View Dependent Claims (2, 3, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1, further comprising:
    - determining format information for the security token device; and
      
      embedding the format information on the security token device.
  - 3. The method of claim 1, further comprising providing a notification of a completion of the formatting of the security token device.
  - 12. The method of claim 1, wherein formatting the security token device comprises:
    - installing an applet in the security token device.
  - 13. The method of claim 1, wherein formatting the security token device comprises:
    - creating a secure domain for the security token device.
  - 14. The method of claim 1, wherein formatting the security token device comprises:
    - creating a data area in the security token device for embedding format information.
  - 15. The method of claim 1, wherein formatting the security token device comprises:
    - embedding encryption keys associated with the enterprise in the security token device.
  - 16. The method of claim 2, wherein the format information comprises at least one of access lists, group assignments, or shared user lists.
  - 17. The method of claim 1, wherein the security token device is coupled to a client device associated with the enterprise.

4. An apparatus comprising:
- a memory to contain instructions; and
  
  a processor, coupled to the memory, to execute the instructions to;
  
  detect a security token device that is un-formatted with respect to an enterprise, wherein the security token device comprises a first cryptographic authentication key and a first answer-to-reset (ATR) code; and
  
  format the security token device by;
  
  replacing the first ATR code of the security token device with a second ATR code that is allocated to the enterprise, andreplacing the first cryptographic authentication key of the security token device with a cryptographic authentication key that is specific to a second security requirement of the enterprise.
- View Dependent Claims (18)
- - 18. The apparatus of claim 4, wherein the security token device is coupled to a client device associated with the enterprise.

5. A non-transitory computer-readable storage medium comprising computer-executable instructions encoded thereon which, when executed by a processor, perform operations comprising:
- detecting a security token device that is un-formatted with respect to an enterprise, wherein the security token device comprises a first cryptographic authentication key and a first answer-to-reset (ATR) code; and
  
  formatting, by the processor, the security token device by;
  
  replacing the first ATR code of the security token device with a second ATR code that is allocated to the enterprise, andreplacing the first cryptographic authentication key of the security token device with a cryptographic authentication key that is specific to a second security requirement of the enterprise.
- View Dependent Claims (19)
- - 19. The non-transitory computer-readable storage medium of claim 5, wherein the security token device is coupled to a client device associated with the enterprise.

6. A system comprising:
- a server, associated with an enterprise, comprising a processor to;
  
  manage and maintain security token devices, wherein the server is communicatively coupled to a client;
  
  detect a security token device that is un-formatted with respect to the enterprise, wherein the security token device comprises a first cryptographic authentication key and a first answer-to-reset (ATR) code;
  
  receive, from the client, a request to format the security token device; and
  
  in response to receiving the request from the client, cause the client to;
  
  replace the first ATR code of the security token device with a second ATR code that is allocated to the enterprise, andreplace the first cryptographic authentication key of the security token device with a cryptographic authentication key that is specific to a second security requirement of the enterprise.
- View Dependent Claims (7, 8, 20)
- - 7. The system of claim 6, wherein the processor is further to determine format information for the security token device and write the format information on the security token device.
  - 8. The system of claim 6, wherein the processor is further to provide a notification of a completion of the formatting of the security token device.
  - 20. The system of claim 6, wherein the security token device is coupled to a client device associated with the enterprise.

9. An apparatus comprising:
- a processor;
  
  an interface adapted to couple with a security token device; and
  
  a factory module executable by the processor to communicate with the security token device via the interface, wherein the factory module is to;
  
  determine whether the security token device is un-formatted with respect to an enterprise, wherein the security token device comprises a first cryptographic authentication key and a first answer-to-reset (ATR) code, andin response to a determination that the security token device is un-formatted with respect to the enterprise, format the security token device by;
  
  replacing the first ATR code of the security token device with a second ATR code that is allocated to the enterprise, andreplacing the first cryptographic authentication key of the security token device with a cryptographic authentication key that is specific to a second security requirement of the enterprise.
- View Dependent Claims (10, 11)
- - 10. The apparatus of claim 9, wherein the factory module is further to determine format information for the security token device and embed the format information on the security token device.
  - 11. The apparatus of claim 9, wherein the factory module is further to provide a notification of a completion of the formatting of the security token device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Red Hat, Inc. (International Business Machines Corporation)
Original Assignee
Red Hat, Inc. (International Business Machines Corporation)
Inventors
Parkinson, Steven William, Lord, Robert B.
Primary Examiner(s)
Arani, Taghi
Assistant Examiner(s)
Jeudy, Josnel

Application Number

US11/469,480
Publication Number

US 20080059790A1
Time in Patent Office

3,113 Days
Field of Search

713/202, 713168-174, 713182-186, 713/159, 709/229, 709/225, 726 16- 20, 726/9, 726 1- 2, 705 65- 66
US Class Current

713/155
CPC Class Codes

H04L 63/0853 using an additional device,...

Smartcard formation with authentication keys

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Smartcard formation with authentication keys

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links