Method for providing a user with an authenticated remote access to a remote secure device
First Claim
Patent Images
1. A method for providing a user with an authenticated remote access to a remote service device using two-factor authentication of the user, the user having a local accessing device, said remote access being initiated from the local accessing device, the method comprising:
- establishing a mutual authentication between a remote secure device embedded in the remote service device, wherein the remote secure device is a secure element, and a local secure device, wherein the local secure device is a Universal Integrated Circuit Card (UICC), connected to a terminal distinct from the local accessing device so as to authenticate the user of the local accessing device thereby enabling the user access to secure data provided by the remote service device via the local accessing device, by;
establishing a secure communication channel between the local accessing device and the remote secure device so as to provide a one way authentication, said local accessing device authenticating the remote secure device;
using a peer application in the remote secure device and a peer application in the local secure device so as the two peer applications negotiate establishment of a data session between the remote secure device and the local secure device;
further using the peer application in the remote secure device and the peer application in the local secure device to mutually authenticate thereby providing a what-you-have authentication factor;
providing, by the remote secure device, the local secure device with a user interface after the establishment of said data session between the remote secure device and the local secure device;
operating a UICC application on the terminal to which the local secure device is connected to display the user interface from the local secure device onto the terminal;
authenticating the user to the remote secure device using the user interface from the local secure device and displayed on the terminal to which the local secure device is connected thereby providing a what-you-know authentication factor; and
upon authenticating the user and the local secure device, providing the user of the local access device access to the secure data provided by the remote service device.
4 Assignments
0 Petitions
Accused Products
Abstract
The invention relates to a method for providing a user with an authenticated remote access to a remote secure device (2), said remote access being initiated from a local accessing device (1), said remote secure device (2) embedding secure data related to a specific service, characterized in that it comprises establishing a mutual authentication between said remote secure device (2) and a local secure device (3) different from the local accessing device (1) so as the user of the local accessing device (3) is able to access to the secure data of the remote secure device (2).
18 Citations
8 Claims
-
1. A method for providing a user with an authenticated remote access to a remote service device using two-factor authentication of the user, the user having a local accessing device, said remote access being initiated from the local accessing device, the method comprising:
establishing a mutual authentication between a remote secure device embedded in the remote service device, wherein the remote secure device is a secure element, and a local secure device, wherein the local secure device is a Universal Integrated Circuit Card (UICC), connected to a terminal distinct from the local accessing device so as to authenticate the user of the local accessing device thereby enabling the user access to secure data provided by the remote service device via the local accessing device, by; establishing a secure communication channel between the local accessing device and the remote secure device so as to provide a one way authentication, said local accessing device authenticating the remote secure device; using a peer application in the remote secure device and a peer application in the local secure device so as the two peer applications negotiate establishment of a data session between the remote secure device and the local secure device; further using the peer application in the remote secure device and the peer application in the local secure device to mutually authenticate thereby providing a what-you-have authentication factor; providing, by the remote secure device, the local secure device with a user interface after the establishment of said data session between the remote secure device and the local secure device; operating a UICC application on the terminal to which the local secure device is connected to display the user interface from the local secure device onto the terminal; authenticating the user to the remote secure device using the user interface from the local secure device and displayed on the terminal to which the local secure device is connected thereby providing a what-you-know authentication factor; and upon authenticating the user and the local secure device, providing the user of the local access device access to the secure data provided by the remote service device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeThales DIS France SA (Thales SA)
-
Original AssigneeGemalto SA (Thales SA)
-
InventorsGanem, Herve
-
Primary Examiner(s)Zhao, Don
-
Application NumberUS13/990,598Publication NumberTime in Patent Office1,712 DaysField of Search726/3, 726/7US Class Current1/1CPC Class CodesG06F 21/35 communicating wirelesslyG06F 21/43 wireless channelsH04L 2463/082 applying multi-factor authe...H04L 63/0853 using an additional device,...H04L 63/0869 for achieving mutual authen...H04W 12/068 using credential vaults, e....
