Method for the authentication of applications

US 9,531,681 B2
Filed: 08/13/2015
Issued: 12/27/2016
Est. Priority Date: 11/27/2003
Status: Active Grant

First Claim

Patent Images

1. A portable device, comprising:

an electronic module; and

a security module connected to the electronic module,the electronic module being configured to connect by a network to a control server,the portable device being configured to transmit, to the control server, via the network, identification data including at least an identifier of the electronic module and an identifier of the security module,the portable device being configured to receive, from the control server, a protection profile defining resources of the security module that can be used by at least one application,the electronic module being configured to receive, from the control server, the at least one application,the at least one application being at least one of loadable or executable via an application execution environment of the electronic module, the at least one application being configured to use resources stored in the security module;

the portable device being configured to receive, from the control server, a cryptogram, the cryptogram includinga digest of the at least one application, the identification data,the protection profile, andat least one of an identifier of the at least one application or an identifier of security module resources,the security module being configured to perform a verification operation of verifying the at least one application by comparing the digest extracted from the received cryptogram with a digest determined by the security module; and

the security module being configured to perform, based on the received protection profile and the verification, at least one ofreleasing one or more resources of said security module to the at least one application, orblocking the at least one application from accessing one or more resources of said security module,wherein, the portable device is configured such that,when the cryptogram is not received at the portable device,the at least one application requests, once the at least one application is loaded into the electronic module, the cryptogram from the server,the at least one application requesting the cryptogram from the server at the time of an initialization of the at least one application;

the at least one application transmits the received cryptogram to the security module;

the security module performs the verification operation when the cryptogram is accepted; and

the security module transmits a confirmation message to the control server via the at least one application, the confirmation message confirming acceptance or refusal of the cryptogram.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Authentication method of at least one application using resources stored in a security module associated to an equipment connected to a control server via a network. The control server receives via the network, analyzes and verifies identification data comprising at least an identifier of the equipment and an identifier of the security module, generates a cryptogram comprising a digest of the application, the identification data and instructions intended for the security module and transmits the cryptogram, via the network and the equipment, to the security module. The latter verifies the application by comparing the digest extracted from the cryptogram with a calculated digest, wherein, during at least one of initialization and activation of the application, the security module executes the instructions extracted from the cryptogram and either releases or blocks access to certain resources of said security module according to a result of the verification of the application.

31 Citations

13 Claims

1. A portable device, comprising:
- an electronic module; and
  
  a security module connected to the electronic module,the electronic module being configured to connect by a network to a control server,the portable device being configured to transmit, to the control server, via the network, identification data including at least an identifier of the electronic module and an identifier of the security module,the portable device being configured to receive, from the control server, a protection profile defining resources of the security module that can be used by at least one application,the electronic module being configured to receive, from the control server, the at least one application,the at least one application being at least one of loadable or executable via an application execution environment of the electronic module, the at least one application being configured to use resources stored in the security module;
  
  the portable device being configured to receive, from the control server, a cryptogram, the cryptogram includinga digest of the at least one application, the identification data,the protection profile, andat least one of an identifier of the at least one application or an identifier of security module resources,the security module being configured to perform a verification operation of verifying the at least one application by comparing the digest extracted from the received cryptogram with a digest determined by the security module; and
  
  the security module being configured to perform, based on the received protection profile and the verification, at least one ofreleasing one or more resources of said security module to the at least one application, orblocking the at least one application from accessing one or more resources of said security module,wherein, the portable device is configured such that,when the cryptogram is not received at the portable device,the at least one application requests, once the at least one application is loaded into the electronic module, the cryptogram from the server,the at least one application requesting the cryptogram from the server at the time of an initialization of the at least one application;
  
  the at least one application transmits the received cryptogram to the security module;
  
  the security module performs the verification operation when the cryptogram is accepted; and
  
  the security module transmits a confirmation message to the control server via the at least one application, the confirmation message confirming acceptance or refusal of the cryptogram.
- View Dependent Claims (2, 3)
- - 2. The portable device of claim 1, wherein the portable device is configured such that the verification operation is performed by the security module periodically at a rate given by the control server, during at least one of a first initialization of the at least one application, a first use of the at least one application, or each initialization of the at least one application.
  - 3. The portable device of claim 1, wherein the portable device is configured such that the portable device receives the protection profile from the control server in response to at least one of,an updating of a version of a software installed in the electronic module,a downloading of a new application in the electronic module,an updating period of the protection profile,a number of connections of the electronic module to the network, anda technology used by the portable device for accessing the network.

4. A control server for connecting by a network to a portable device which includes electronic module and a security module, the control server comprising:
- a processor,the control sever being configured to,receive, via the network, identification data including at least an identifier of the electronic module and an identifier of the security module;
  
  analyze and verify the identification data;
  
  create a protection profile based on the analysis and verification, such that the protection profile defines resources of the security module that can be used by at least one application and causes the security module to perform, based on the protection profile, at least one ofreleasing one or more resources of said security module to the at least one application, orblocking the at least one application from accessing one or more resources of the security module;
  
  transmit, from the control server to the portable device, the protection profile;
  
  transmit, from the control server to the portable device, the at least one application,generate, at the control server, a cryptogram such that the cryptogram includes a digest of the at least one application, the identification data, the protection profile and at least one of an identifier of the at least one application and an identifier of security module resources;
  
  transmit, to the portable device, the cryptogram; and
  
  receive, from the portable device, an indication of a result of a verification operation that includes comparing the digest included in the transmitted cryptogram and a digest determined by the security module, wherein the control server is further configured such that,when the at least one application and the cryptogram are not transmitted from the control server to the portable device at a same time,the control server receives, from the portable device, a request requesting the control server to send the cryptogram to the portable device,the request being received after the control server transmits the at least one application at a time of an initialization of the at least one application at the portable device; and
  
  the control server receives, at the control server, a confirmation message of acceptance or refusal of the cryptogram from the security module.
- View Dependent Claims (5, 6, 7)
- - 5. The control server of claim 4, wherein the control server is configured such that,the control server transmits, from the control server to the portable device, rate information that causes the security module to perform the verification operation periodically at a rate indicated by the rate information, during at least one of a first initialization of the at least one application, a first use of the at least one application, or each initialization of the at least one application.
  - 6. The control server of claim 4, wherein the control server is configured to create the protection profile based on at least one of,an updating of a version of a software installed in the electronic module,a downloading of a new application in the electronic module,an updating period of the protection profile,a number of connections of the electronic module to the network, ora technology used by the portable device for accessing the network.
  - 7. The control server of claim 4, wherein the control server is configured such that the at least one application transmitted by the control server is at least one of loadable or executable via an application execution environment of the electronic module, and being configured to use resources stored in the security module.

8. A method of operating a portable device, the portable device including electronic module and a security module, the electronic module being connected by a network to a control server, the electronic module being connected to the security module, the method comprising:
- transmitting, from the portable device to the control server, via the network, identification data including at least an identifier of the electronic module and an identifier of the security module;
  
  receiving, at the portable device from the control server, a protection profile defining resources of the security module that can be used by at least one application;
  
  receiving, at the electronic module from the control server, the at least one application,the at least one application being at least one of loadable and executable via an application execution environment of the electronic module, the at least one application being configured to use resources stored in the security module;
  
  receiving, at the portable device from the control server, a cryptogram, the cryptogram including a digest of the at least one application, the identification data, the protection profile and at least one of an identifier of the at least one application and an identifier of security module resources;
  
  performing a verification operation of verifying, by the security module, the at least one application by comparing the digest extracted from the received cryptogram with a digest determined by the security module;
  
  performing, by the security module, based on the received protection profile, at least one ofreleasing one or more resources of said security module to the at least one application, orblocking the at least one application from accessing one or more resources of said security module; and
  
  when the cryptogram is not received at the portable device,requesting by the at least one application, once the at least one application is loaded into the electronic module, the cryptogram from the server,the at least one application requesting the cryptogram from the server at the time of an initialization of the at least one application;
  
  transmitting the received cryptogram from the at least one application to the security module; and
  
  the verification operation being performed by the security module when the cryptogram is received andtransmitting a confirmation message of acceptance or refusal of the cryptogram from the security module to the control server via the at least one application.
- View Dependent Claims (9, 10)
- - 9. The method of claim 8, wherein the verification operation is performed by the security module periodically at a rate given by the control server, during at least one of a first initialization of the at least one application, a first use of the at least one application, or each initialization of the at least one application.
  - 10. The method of claim 8, wherein the receiving a protection profile includes receiving the protection profile at the portable device from the control server in response to at least one of,an updating of a version of a software installed in the electronic module,a downloading of a new application in the electronic module,an updating period of the protection profile,a number of connections of the electronic module to the network, anda technology used by the portable device for accessing the network.

11. A method of operating a control server, the control server being connected by a network to a portable device, the portable device including an electronic module and a security module, the method comprising:
- receiving, at the control server from the portable device, via the network, identification data including at least an identifier of the electronic module and an identifier of the security module;
  
  analyzing and verifying, by the control server, the identification data;
  
  creating, at the control server, a protection profile based on the analysis and verification, such that the protection profile defines resources of the security module that can be used by at least one application and causes the security module to perform, based on the protection profile, at least one ofreleasing one or more resources of said security module to the at least one application, orblocking the at least one application from accessing one or more resources of the security module;
  
  transmitting, from the control server to the portable device, the protection profile;
  
  transmitting, from the control server at the portable device, the at least one application,the at least one application transmitted by the control server being at least one of loadable or executable via an application execution environment of the electronic module, and being configured to use resources stored in the security module;
  
  generating, at the control server, a cryptogram such that the cryptogram includes a digest of the at least one application, the identification data, the protection profile and at least one of an identifier of the at least one application or an identifier of security module resources;
  
  transmitting, from the control server to the portable device, the cryptogram;
  
  receiving, at the control server from the portable device, an indication of a result of a verification operation that includes comparing the digest included in the transmitted cryptogram and a digest determined by the security module; and
  
  when the cryptogram has not been transmitted from the control server to the portable device,receiving, from the portable device, a request requesting the control server to send the cryptogram to the portable device,the request being received after the control server transmits the at least one application at a time of an initialization of the at least one application at the portable device; and
  
  receiving, at the control server, a confirmation message of acceptance or refusal of the cryptogram from the security module.
- View Dependent Claims (12, 13)
- - 12. The method of claim 11, further comprising:
    - transmitting, from the control server to the portable device, rate information that causes the security module to perform the verification operation periodically at a rate indicated by the rate information, during at least one of a first initialization of the at least one application, a first use of the at least one application, or each initialization of the at least one application.
  - 13. The method of claim 11, wherein the creating a protection profile includes creating the protection profile at the control server based on at least one of,an updating of a version of a software installed in the electronic module,a downloading of a new application in the electronic module,an updating period of the protection profile,a number of connections of the electronic module to the network, ora technology used by the portable device for accessing the network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nagravision SA (Kudelski SA)
Original Assignee
Nagravision SA (Kudelski SA)
Inventors
Ksontini, Rached, Cantini, Renato
Primary Examiner(s)
Vaughan, Michael R

Application Number

US14/825,664
Publication Number

US 20150350169A1
Time in Patent Office

502 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/34   involving the use of extern...

G06F 21/51   at application loading time...

G06F 21/554   involving event detection a...

G06F 2221/2107   File encryption

G06F 2221/2153   Using hardware token as a s...

G06F 8/65   Updates security arrangemen...

H04L 63/0428   wherein the data content is...

H04L 63/0823   using certificates cryptogr...

H04L 63/0853   using an additional device,...

H04L 63/10   for controlling access to d...

H04L 63/12   Applying verification of th...

H04L 63/123   received data contents, e.g...

H04W 12/08   Access security

H04W 12/10   Integrity

H04W 12/35   Protecting application or s...

H04W 4/60   Subscription-based services...

Method for the authentication of applications

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

31 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Method for the authentication of applications

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

31 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links