RFID transponder information security methods systems and devices
First Claim
Patent Images
1. A method in a transceiver comprising:
- reading an identifier of a transponder from the transponder;
transmitting to a datastore the identifier as a query to access data associated with the transponder;
receiving as a response to the query, the data;
reading encrypted information from the transponder;
transmitting to an authentication authority a request to access the encrypted information;
wherein the request comprises authentication credentials for authenticating the transceiver and wherein the request further comprises the data.
8 Assignments
0 Petitions
Accused Products
Abstract
Methods, systems and devices for providing RFID system security are provided that involve cryptographically encrypting data on a transponder and managing the release of the decryption information, decryption keys, or the data itself to a transceiver having a transaction with the transponder.
46 Citations
45 Claims
-
1. A method in a transceiver comprising:
-
reading an identifier of a transponder from the transponder; transmitting to a datastore the identifier as a query to access data associated with the transponder; receiving as a response to the query, the data; reading encrypted information from the transponder; transmitting to an authentication authority a request to access the encrypted information; wherein the request comprises authentication credentials for authenticating the transceiver and wherein the request further comprises the data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39)
-
-
40. A method in a transceiver comprising:
-
reading encrypted information from a transponder; transmitting a request to access the encrypted information; wherein the request comprises authentication credentials for authenticating the transceiver; wherein the transceiver is of a specific domain of a multi-domain system, and wherein the authentication credentials for authenticating the transceiver are further for authorizing the transceiver to access data of a domain other than the specific domain, the method further comprising; receiving as a response to the request, decryption information for use in decrypting a portion of the encrypted information corresponding to the domain of the transceiver, to recover a portion of the information corresponding to the domain, and policy rule information specifying which if any domain the transceiver is authorized access to other than the specific domain. - View Dependent Claims (41)
-
-
42. A method in a transceiver comprising:
-
reading encrypted information from a transponder; transmitting a request to access the encrypted information; wherein the request comprises authentication credentials for authenticating the transceiver; further comprising; to access a particular capability/function, the transceiver employing a passcode needed to unlock this capability/function; wherein to obtain the passcode to unlock a capability/function, the transceiver requests the passcode from an RFID infrastructure, and the transceiver receives the passcode from the RFID infrastructure if a set of one or more defined rules are satisfied.
-
-
43. A method in an authenticating authority comprising:
-
receiving a request from a transceiver for access to encrypted information of a transponder, the request comprising authentication credentials; authenticating the transceiver with use of the authentication credentials; wherein the authenticating authority is of a specific domain of a multi-domain system, and wherein the authentication credentials for authenticating the transceiver are further for authorizing the transceiver to access data of the specific domain, the method further comprising; transmitting to the transceiver as a response to the request, decryption information for use in decrypting a portion of the encrypted information corresponding to the specific domain, to recover a portion of the information corresponding to the specific domain the method further comprising; if the transceiver is of the same domain as the authenticating authority; transmitting to the transceiver further in response to the request, policy rule information specifying which if any domain the transceiver is authorized access to other than the specific domain.
-
-
44. A transceiver configured to:
-
read an identifier of a transponder from the transponder; transmit to a datastore the identifier as a query to access data associated with the transponder; receive as a response to the query, the data; read encrypted information from the transponder; transmit to an authentication authority a request to access the encrypted information; wherein the request comprises authentication credentials for authenticating the transceiver and wherein the request further comprises the data.
-
-
45. A computer readable medium having computer readable instructions stored thereon for execution by one or more computers for reading and accessing encrypted information from a transponder, said computer readable instructions comprising:
-
computer readable instructions for reading an identifier of a transponder from the transponder; computer readable instructions for transmitting to a datastore the identifier as a query to access data associated with the transponder; computer readable instructions for receiving as a response to the query, the data; computer readable instructions for reading encrypted information from the transponder; computer readable instructions for transmitting to an authentication authority a request to access the encrypted information; wherein the request comprises authentication credentials for authenticating the transceiver and wherein the request further comprises the data.
-
Specification