Method and system for facilitating data access and management on a secure token
First Claim
Patent Images
1. A system for facilitating data management on a secure token, comprising:
- a client having a plurality of applications residing thereon;
a secure token having a storage architecture, wherein the storage architecture includes;
a directory and one or more attributes associated with the directory, wherein each attribute of the one or more attributes associated with the directory determines a level of access to the directory for one application of the plurality of applications,an application identifier associating the directory with a second application selected from the plurality of applications;
one or more cell groups under the directory, each cell group having one or more associated attributes, wherein each attribute of the one or more attributes associated with the cell group determines a level of access to that cell group for one application of the plurality of applications, andone or more cells under each cell group, each cell having one or more associated attributes, wherein each attribute of the one or more attributes associated with the cell determines a level of access to that cell for one application of the plurality of applications,wherein the one or more associated attributes for a first cell group of the one or more cell groups permits access to the first cell group and the one or more associated attributes for the first cell group by the first application and a second application of the plurality of applications, and the one or more attributes associated with the directory deny access to the first cell group to a third application of the plurality of applications; and
wherein the one or more attributes associated with a first cell of the first cell group further control operations on contents of the cell by the plurality of applications such that the one or more attributes associated with the first cell permit a first set of operations on the contents of that cell and the one or more attributes associated with the first cell by the first application and permit a second set of operations on the contents of that cell and the one or more attributes associated with the first cell by the second application, wherein the first set of operations is different from the second set of operations;
an issuer computer, wherein the issuer computer comprises a set of environments, a set of initial states for the one or more associated attributes for the cell group and the one or more attributes associated with the cell that set a status of the storage architecture on the secure token; and
a Value Added Serve Provider computer, wherein the value add service provider comprises control data parameters that are provided to both the issuer and the client to set the one or more associated attributes for the cell group and the one or more attributes associated with the cell.
0 Assignments
0 Petitions
Accused Products
Abstract
A system for facilitating data access and management on a smart card is provided. According to one exemplary aspect of the system, a storage architecture is provided in the smart card which allows data stored thereon to be shared by multiple parties. Access to data stored on the smart card is controlled by various access methods depending on the actions to be taken with respect to the data to be accessed.
105 Citations
17 Claims
-
1. A system for facilitating data management on a secure token, comprising:
-
a client having a plurality of applications residing thereon; a secure token having a storage architecture, wherein the storage architecture includes; a directory and one or more attributes associated with the directory, wherein each attribute of the one or more attributes associated with the directory determines a level of access to the directory for one application of the plurality of applications, an application identifier associating the directory with a second application selected from the plurality of applications; one or more cell groups under the directory, each cell group having one or more associated attributes, wherein each attribute of the one or more attributes associated with the cell group determines a level of access to that cell group for one application of the plurality of applications, and one or more cells under each cell group, each cell having one or more associated attributes, wherein each attribute of the one or more attributes associated with the cell determines a level of access to that cell for one application of the plurality of applications, wherein the one or more associated attributes for a first cell group of the one or more cell groups permits access to the first cell group and the one or more associated attributes for the first cell group by the first application and a second application of the plurality of applications, and the one or more attributes associated with the directory deny access to the first cell group to a third application of the plurality of applications; and wherein the one or more attributes associated with a first cell of the first cell group further control operations on contents of the cell by the plurality of applications such that the one or more attributes associated with the first cell permit a first set of operations on the contents of that cell and the one or more attributes associated with the first cell by the first application and permit a second set of operations on the contents of that cell and the one or more attributes associated with the first cell by the second application, wherein the first set of operations is different from the second set of operations; an issuer computer, wherein the issuer computer comprises a set of environments, a set of initial states for the one or more associated attributes for the cell group and the one or more attributes associated with the cell that set a status of the storage architecture on the secure token; and a Value Added Serve Provider computer, wherein the value add service provider comprises control data parameters that are provided to both the issuer and the client to set the one or more associated attributes for the cell group and the one or more attributes associated with the cell. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A secure token comprising:
-
a directory and one or more attributes associated with the directory, wherein each attribute of the one or more attributes associated with the directory determines a level of access to the directory for one application of the plurality of applications, an application identifier associating the directory with a corresponding application selected from the plurality of applications; one or more cell groups under the directory, each cell group having one or more associated attributes, wherein each attribute of the one or more attributes associated with the cell group determines a level of access to that cell group for one application of the plurality of applications, and one or more cells under each cell group, each cell having one or more associated attributes, wherein each attribute of the one or more attributes associated with the cell determines a level of access to that cell for one application of the plurality of applications; wherein the one or more associated attributes for a first cell group of the one or more cell groups permits access to the first cell group and the one or more associated attributes for the first cell group by the first application and a second application of the plurality of applications, and the one or more attributes associated with the directory deny access to the first cell group to a third application of the plurality of applications; wherein the one or more attributes associated with a first cell of the first cell group further control operations on contents of the cell and the one or more attributes associated with the first cell by the plurality of applications such that the one or more attributes associated with the first cell permit a first set of operations on the contents of that cell and the one or more attributes associated with the first cell by the first application and permit a second set of operations on the contents of that cell and the one or more attributes associated with the first cell by the second application, wherein the first set of operations is different from the second set of operations; an issuer computer, wherein the issuer computer comprises a set of environments, a set of initial states for the one or more associated attributes for the cell group and the one or more attributes associated with the cell that set a status of the storage architecture on the secure token; and a Value Added Serve Provider computer, wherein the value add service provider comprises control data parameters that are provided to both the issuer and the client to set the one or more associated attributes for the cell group and the one or more attributes associated with the cell. - View Dependent Claims (13, 14)
-
-
15. A method for facilitating data management on a secure token, comprising:
-
providing a directory and one or more attributes associated with the directory, wherein each attribute of the one or more attributes associated with the directory determines a level of access to the directory for one application of the plurality of applications, providing one or more cell groups under the directory, each cell group having one or more associated attributes, wherein each attribute of the one or more attributes associated with the cell group determines a level of access to that cell group for one application of the plurality of applications, and one or more cells under each cell group, each cell having one or more associated attributes, wherein each attribute of the one or more attributes associated with the cell determines a level of access to that cell for one application of the plurality of applications; wherein an application identifier associates the directory with a corresponding application selected from the plurality of applications; wherein the one or more associated attributes for a first cell group of the one or more cell groups permits access to the first cell group and the one or more associated attributes for the first cell group by the first application and a second application of the plurality of applications, and the one or more attributes associated with the directory deny access to the first cell group to a third application of the plurality of applications; wherein the one or more attributes associated with a first cell of the first cell group further control operations on contents of the cell and the one or more attributes associated with the first cell by the plurality of applications such that the one or more attributes associated with the first cell permit a first set of operations on the contents of that cell and the one or more attributes associated with the first cell by the first application and permit a second set of operations on the contents of that cell and the one or more attributes associated with the first cell by the second application, wherein the first set of operations is different from the second set of operations; providing an issuer computer, wherein the issuer computer comprises a set of environments, a set of initial states for the one or more associated attributes for the cell group and the one or more attributes associated with the cell that set a status of the storage architecture on the secure token; and providing a Value Added Serve Provider computer, wherein the value add service provider comprises control data parameters that are provided to both the issuer and the client to set the one or more associated attributes for the cell group and the one or more attributes associated with the cell. - View Dependent Claims (16, 17)
-
Specification