Token Registration

US 9,038,154 B2
Filed: 08/31/2006
Issued: 05/19/2015
Est. Priority Date: 08/31/2006
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

detecting, by a security client, a presence of a token;

in response to a detection of the presence of the token, determining whether the token is associated with a user;

in response to a determination that the token is not associated with the user, retrieving, from the token, a reference to an XML formatted configuration file, the configuration file comprising an enrollment network address;

in response to an execution of the configuration file, retrieving, via a network, an enrollment form from a site referenced by the enrollment network address;

receiving, in relation to the enrollment form, enrollment data of the user;

transmitting to the site an enrollment request comprising the enrollment data of the user;

receiving, by a processor, binding data that is generated in response to the enrollment request and in view of the enrollment data of the user; and

binding the token to the user by storing the binding data on the token.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An embodiment relates generally to a method of binding a token to a user. The method includes receiving a token embedded with an address and inserting the token into a computer. The method also includes connecting to the address stored on the token and binding a user to the token based on information from the address.

211 Citations

18 Claims

1. A method comprising:
- detecting, by a security client, a presence of a token;
  
  in response to a detection of the presence of the token, determining whether the token is associated with a user;
  
  in response to a determination that the token is not associated with the user, retrieving, from the token, a reference to an XML formatted configuration file, the configuration file comprising an enrollment network address;
  
  in response to an execution of the configuration file, retrieving, via a network, an enrollment form from a site referenced by the enrollment network address;
  
  receiving, in relation to the enrollment form, enrollment data of the user;
  
  transmitting to the site an enrollment request comprising the enrollment data of the user;
  
  receiving, by a processor, binding data that is generated in response to the enrollment request and in view of the enrollment data of the user; and
  
  binding the token to the user by storing the binding data on the token.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, further comprising:
    - retrieving information from the site; and
      
      displaying the information to obtain the enrollment data from the user.
  - 3. The method of claim 1, further comprising:
    - receiving a key; and
      
      retrieving a certificate, the certificate secured by the key.
  - 4. The method of claim 3, further comprising embedding the certificate on the token.

5. A non-transitory computer-readable medium comprising instructions, which, when executed by a processor, cause the processor to:
- detect, by a security client, a presence of a token;
  
  in response to a detection of the presence of the token, determining, by the processor, whether the token is associated with a user;
  
  in response to a determination that the token is not associated with the user, retrieve, from the token, a reference to an XML formatted configuration file, the configuration file comprising an enrollment network address;
  
  in response to an execution of the configuration file, retrieve an enrollment form via a network from a site referenced by the enrollment network address;
  
  receive, in relation to the enrollment form, enrollment data of the user;
  
  transmit, to the site, an enrollment request comprising the enrollment data of the user;
  
  receive binding data that is generated in response to the enrollment request and in view of the enrollment data of the user; and
  
  bind the token to the user by storing the binding data on the token.

6. A system comprising:
- a memory; and
  
  a processor, operatively coupled to the memory, to;
  
  detect a presence of a token,determine, in response to a detection of the presence of the token, whether the token is associated with a user,in response to a determination that the token is not associated with the user, retrieve, from the token, a reference to an XML formatted configuration file, the configuration file comprising an enrollment network address;
  
  in response to an execution of the configuration file, retrieve an enrollment form via a network from a site referenced by the enrollment network address;
  
  receive, in relation to the enrollment form, enrollment data of the user,transmit to the site an enrollment request comprising the enrollment data of the user,receive, from a certificate server, binding data that is generated in response to the enrollment request and in view of the enrollment data of the user, andbind the token to the user that provided the enrollment data by storing the binding data on the token.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13)
- - 7. The system of claim 6, wherein the processor is to receive information from the site and display the information to obtain the enrollment data from the user.
  - 8. The system of claim 6, wherein the certificate server is to provide a secure site for the network address.
  - 9. The system of claim 6, wherein the processor is to form a secure channel to the site referenced by the network address.
  - 10. The system of claim 6, wherein the processor is to retrieve information from the network address to render the retrieved information.
  - 11. The system of claim 6, wherein the processor is to request key generation for the token.
  - 12. The system of claim 11, wherein the processor is to request a certificate to be generated that is secured by a generated key.
  - 13. The system of claim 12, wherein the processor is to embed the certificate in the token.

14. A method comprising:
- embedding a plurality of tokens with a configuration file;
  
  distributing the plurality of tokens to a set of users;
  
  detecting, by a security client a presence of at least one token of the plurality of tokens; and
  
  in response to detecting the presence of the at least one token, executing, by a processor, instructions that direct the security client to;
  
  determine whether the token is assigned to a user from the set of users,in response to a determination that the token is not assigned to the user, retrieve, from the token, a reference to an XML formatted configuration file, the configuration file comprising an enrollment network address,in response to an execution of the configuration file, retrieve an enrollment form via a network from a site referenced by the enrollment network address,receive, in relation to the enrollment form, input from the user of enrollment data,transmit to the site an enrollment request comprising the enrollment data of the user,receive binding data for the token that is generated in response to the enrollment request and in view of the enrollment data of the user, andbind the token to a corresponding user by storing the binding data on the token.
- View Dependent Claims (15, 16, 17)
- - 15. The method of claim 14, wherein the instructions further direct the security client to retrieve information from the site and display the information to obtain the enrollment data from the user.
  - 16. The method of claim 14, wherein the instructions further direct the security client to receive a key and retrieve a certificate secured by the key.
  - 17. The method of claim 14, wherein the instructions further direct the security client to retrieve at least one of a name of a card issue, a location of servers, or configuration information.

18. A non-transitory computer-readable medium comprisinginstructions, which, when executed by a processor, cause the processor to:
- embed a plurality of tokens with a configuration file;
  
  distribute the plurality of tokens to a set of users;
  
  detect, by a security client, a presence of at least one token of the plurality of tokens; and
  
  in response to a detection of the presence of the at least one token, execute instructions that direct the security client to;
  
  determine whether the token is assigned to a user from the set of users,in response to a determination that the token is not assigned to the user, retrieve, from the token, a reference to an XML formatted configuration file, the configuration file comprising an enrollment network address,in response to an execution of the configuration file, retrieve an enrollment form via a network from a site referenced by the enrollment network address,receive, in relation to the enrollment form, input from the user of enrollment data,transmit to the site an enrollment request comprising the enrollment data of the user,receive binding data for the token that is generated in response to the enrollment request, and in view of the enrollment data of the user, andbind the token to a corresponding user by storing the binding data on the token.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Red Hat, Inc. (International Business Machines Corporation)
Original Assignee
Red Hat, Inc. (International Business Machines Corporation)
Inventors
Lord, Robert B., Relyea, Robert, Kwan, Nang Kon
Primary Examiner(s)
Lagor, Alexander

Application Number

US11/469,479
Publication Number

US 20080059793A1
Time in Patent Office

3,183 Days
Field of Search

726/20
US Class Current

726/9
CPC Class Codes

G06F 21/34   involving the use of extern...

G06Q 20/34   using cards, e.g. integrate...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0823   using certificates cryptogr...

H04L 63/0853   using an additional device,...

Token Registration

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

211 Citations

18 Claims

Specification

Use Cases

Quick Links

Others

Token Registration

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

211 Citations

18 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others