Smart token system for secure electronic transactions and identification
First Claim
Patent Images
1. A method of obtaining access to computer or network resources using a smart token, comprising:
- a. opening an application domain of a smart token used for access to a computer or a network;
b. encrypting a password read from the application domain, so as to obtain an electronic password;
c. sending a logon identification and the encrypted password to the computer or network for which access is desired; and
d. verifying and validating as to whether the logon identification and the encrypted password are such that the access to the computer or network is permitted,wherein the step of sending a logon identification to the computer or network for which access is desired comprises;
a. sending a user public key certificate stored on the smart token together with a user identification and a user random number to the computer or network;
b. receiving from the computer or network the identity of the computer or network, a public key certificate of a target resource, a signed copy of the user random number and a second random number generated by the computer or network;
c. verifying the signed copy of the user random number; and
d. signing the second random number using the public key of the computer or network obtained from a certificate and returning the second random number with signature to the computer or network.
8 Assignments
0 Petitions
Accused Products
Abstract
Smart token technology, using a smart card, PCMCIA card or any other medium containing storage or processing capability is used to facilitate a variety of secure business transactions, including those which might occur over an unsecured network such as the Internet. Application programs can obtain a variety of smart token services using a common application programming interface. Applications of the smart token technology to electronic cash, banking, credit, computer and network access, software distribution, medical handling and issuance of credentials are presented.
741 Citations
4 Claims
-
1. A method of obtaining access to computer or network resources using a smart token, comprising:
-
a. opening an application domain of a smart token used for access to a computer or a network; b. encrypting a password read from the application domain, so as to obtain an electronic password; c. sending a logon identification and the encrypted password to the computer or network for which access is desired; and d. verifying and validating as to whether the logon identification and the encrypted password are such that the access to the computer or network is permitted, wherein the step of sending a logon identification to the computer or network for which access is desired comprises; a. sending a user public key certificate stored on the smart token together with a user identification and a user random number to the computer or network; b. receiving from the computer or network the identity of the computer or network, a public key certificate of a target resource, a signed copy of the user random number and a second random number generated by the computer or network; c. verifying the signed copy of the user random number; and d. signing the second random number using the public key of the computer or network obtained from a certificate and returning the second random number with signature to the computer or network.
-
-
2. A method of preventing use of software modified without authorization and unauthorized access to software without possession of a smart token, the method performed by software manufacture, author or owner, comprising:
-
a. generating a pair of digital signature keys for each authorized user; b. personalizing a smart token for each authorized user of the software and storing the digital signature keys on said smart token; c. including a start-up routine within the software; d. producing a hash value for the software and encrypting the hash value to create an encrypted hash value using a user'"'"'s public key to thereby create a digital seal; and e. appending the digital seal to the software before distribution; such that when the software is loaded and executed, the start-up routine calculates a hash value to create a calculated hash value from the loaded software, compares the calculated hash value with a hash value decrypted from the digital seal using a private key on the smart token, and when they are identical, permitting execution of the software. - View Dependent Claims (3)
-
-
4. A method of displaying a copyright notice on software or a digital document, comprising:
-
a. applying a digital signature of a manufacturer, author or owner to the software or to the digital document at the time it is prepared for distribution; b. permitting execution of the software or access to the the digital document only after successful verification of the digital signature of the manufacturer, author or owner using a public key of the manufacturer, the author, or the owner of the software, respectively; and c. not permitting access to the public key without display of a copyright notice.
-
Specification