Method of loading data into a portable secure token

US 9,621,527 B2
Filed: 10/28/2011
Issued: 04/11/2017
Est. Priority Date: 11/15/2010
Status: Active Grant

First Claim

Patent Images

1. A method for loading data into a portable secure token, the method comprising:

receiving, by a syndication server and from a remote application server, an indication of first data available for download from the remote application server, said syndication server being distinct from said remote application server;

storing, at the syndication server, a list referencing the first data;

receiving, by the syndication server and from a first administration agent of a first security domain of the portable secure token, a polling request;

determining, by the syndication server and based upon the polling request, that the first data is available for download by the portable secure token from the remote application server; and

sending, from the syndication server and to the first administration agent of the portable secure token, a polling response, wherein the polling response comprises the list referencing the first data,sending the list referencing the first data, from the first administration agent of the first security domain to a second administration agent of a second security domain of the secure portable token, andproviding the first data from the second administration agent to an application of the second security domain of the portable secure token.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention is a method for loading data into a portable secure token comprising a plurality of security domains. A first security domain comprises a first administration agent and a second security domain comprises a second administration agent. A remote application server comprises a first data to be provided to the second administration agent. A syndication server, which is distinct from the remote application server, contains a list which comprises a reference to the first data. The list is sent in response to a polling request that is sent by the first administration agent. This list is comprised in a polling response which is sent by the syndication server.

Citations

14 Claims

1. A method for loading data into a portable secure token, the method comprising:
- receiving, by a syndication server and from a remote application server, an indication of first data available for download from the remote application server, said syndication server being distinct from said remote application server;
  
  storing, at the syndication server, a list referencing the first data;
  
  receiving, by the syndication server and from a first administration agent of a first security domain of the portable secure token, a polling request;
  
  determining, by the syndication server and based upon the polling request, that the first data is available for download by the portable secure token from the remote application server; and
  
  sending, from the syndication server and to the first administration agent of the portable secure token, a polling response, wherein the polling response comprises the list referencing the first data,sending the list referencing the first data, from the first administration agent of the first security domain to a second administration agent of a second security domain of the secure portable token, andproviding the first data from the second administration agent to an application of the second security domain of the portable secure token.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method according to claim 1, wherein said method comprises the steps of:
    - receiving, by the second administration agent, said list,retrieving, from the remote application server and by the second administration agent, said first data referenced by the list.
  - 3. The method according to claim 1, wherein said method further comprises the steps of:
    - receiving, by the syndication server and from one of the remote application server and the secure portable token, feedback indicating that the first data has been loaded into the secure token; and
      
      updating, by the syndication server, the list.
  - 4. The method according to claim 1, wherein said method further comprises the steps of:
    - receiving, from a second remote application server, an indication of second data available for download from the second remote application server; and
      
      storing, at the syndication server, a list referencing the second data,wherein the determining step further comprises determining that the second data is available for download by the portable secure token, andwherein the polling response further comprises the second list.
  - 5. The method according to claim 1, wherein said method further comprises the steps of:
    - retrieving, from the remote application server and by the second administration agent of the second security domain of the portable secure token, said first data referenced by the list.
  - 6. The method according to claim 1, wherein the polling request is formatted according to a first communication protocol, wherein said method further comprises the step of:
    - retrieving, by the portable secure token and from the remote application server, said first data, wherein said first data is retrieved according to a second communication protocol having security features superior to the first communication protocol.
  - 7. The method according to claim 6, wherein said first communication protocol is HyperText Transfer Protocol (HTTP) and said second communication protocol is HyperText Transfer Protocol Secure (HTTPS).

8. A portable secure token configured to communicate with a system comprising a remote application server and a syndication server, said remote application server being distinct from said syndication server, said portable secure token comprising:
- a microprocessor; and
  
  a memory comprising a plurality of security domains, comprising;
  
  a first security domain, the first security domain comprising a first administration agent, said first administration agent being configured to;
  
  (i) send a polling request to the syndication server,(ii) receive a polling response from the syndication server, wherein the polling response comprises a list referencing first data available for retrieval from the remote application server, and(iii) determine that the list references the first data available for retrieval from the remote application server, anda second security domain, the second security domain comprising a second administration agent, said second administration agent being configured to;
  
  (i) receive the list, referencing the first data, included in said polling response from the first administration agent,(ii) retrieve the first data from the remote application server based upon the list referencing first data, and(iii) provide said first data to an application of the second security domain of the portable secure token.
- View Dependent Claims (9, 10, 11, 12)
- - 9. The portable secure token according to claim 8, wherein said first administration agent is configured to send the polling request through a first communication protocol and wherein said second administration agent is configured to load the first data in the secure token through a second communication protocol which has security features superior to the first communication protocol.
  - 10. The portable secure token according to claim 9, wherein said first communication protocol is HyperText Transfer Protocol (HTTP) and said second communication protocol is HyperText Transfer Protocol Secure (HTTPS).
  - 11. The portable secure token of claim 8, wherein the plurality of security domains behave as security domains defined by Global Platform Smart Card Specifications V2.2.
  - 12. The portable secure token of claim 8, wherein the portable secure token is configured to transmit feedback to the syndication server upon retrieval of the first data from the remote application server.

13. A system comprising:
- a portable secure token, said portable secure token comprising a plurality of security domains in which a first security domain comprises a first administration agent, and in which a second security domain comprises a second administration agent;
  
  a remote application server comprising a first data available for download by the portable secure token; and
  
  a syndication server, distinct from the remote application server, configured to;
  
  (i) receive an indication that the first data is available for download,(ii) store a list comprising a reference to the first data available for download,(iii) receive a polling request from the first administration agent,(iv) determine, based upon the polling request, that the first data is available for download by the secure portable token, and(v) send a polling response to the first administration agent comprising the list referencing the first data, in response to the polling request,wherein the first administration agent of the first security domain is configured to;
  
  (i) receive, from the syndication server, the list referencing the first data, and(ii) send the list referencing the first data to the second administration agent of the second security domain of the secure portable token, andwherein the second administration agent of the second security domain is configured to provide said first data to an application of the second security domain of the portable secure token.
- View Dependent Claims (14)
- - 14. The system of claim 13, wherein the syndication server is further configured to receive feedback from one of the remote application server and the portable secure token when the first data is loaded into the portable secure token from the remote application server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Thales DIS France SAS (Thales SA)
Original Assignee
Gemalto SA (Thales SA)
Inventors
Amiel, Patrice, Berard, Xavier, Preulier, Eric, Gallas, Frederic
Primary Examiner(s)
Pwu, Jeffrey
Assistant Examiner(s)
Tran, Baotram

Application Number

US13/885,296
Publication Number

US 20130305339A1
Time in Patent Office

1,992 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/77   in smart cards

G07F 7/1008   Active credit-cards provide...

H04L 63/08   for authentication of entit...

H04L 63/0853   using an additional device,...

H04W 12/086   using security domains

Method of loading data into a portable secure token

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Method of loading data into a portable secure token

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links