Partitioning the namespace of a contactless smart card

US 8,621,168 B2
Filed: 09/26/2011
Issued: 12/31/2013
Est. Priority Date: 12/17/2010
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for partitioning namespaces of secure elements into at least two storage types by control software applications within secure elements, comprising:

defining, in a control software application, a first access key and a second access key for a plurality of sectors within a secure element namespace of a secure element, each sector comprising at least an access memory block and a plurality of data memory blocks, the access memory block storing an access type for each sector, wherein the first access key controls access to the memory blocks in a sector, and the second access key overrides changes to the first access key;

assigning, by the control software application, a first access type to a first sector, the first access type comprising providing the first and second access key to a first application such that the control software application can reclaim control of the first sector only if the first application cooperates by returning the first access key and second access key to an initialized state;

assigning, by the control software application, a second access type to a second sector, the second access type comprising providing only the first access key to a second application such that the control software application can reclaim control of the second sector using the second access key to return the first access key to an initialized state even if the second application does not cooperate by returning the first access key to an initialized state; and

transmitting, from the control software application, for storage in the access memory block for at least each of the first and second sectors appropriate ones of the first access key and the second access key to provide the selected access type for each respective selected sector, thereby partitioning the namespace of the secure element into at least two storage types.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, methods, computer programs, and devices are disclosed herein for partitioning the namespace of a secure element in contactless smart card devices and for writing application data in the secure element using requests from a software application outside the secure element. The secure element is a component of a contactless smart card incorporated into a contactless smart card device. A control software application resident in the same or a different secure element provides access types and access bits, for each access memory block of the secure element namespace, thereby portioning the namespace into different access types. Further, a software application outside the secure element manages the control software application by passing commands using a secure channel to the secure element, thereby enabling an end-user of the contactless smart card device or a remote computer to control the partitioning and use of software applications within the secure element.

102 Citations

View as Search Results

20 Claims

1. A computer-implemented method for partitioning namespaces of secure elements into at least two storage types by control software applications within secure elements, comprising:
- defining, in a control software application, a first access key and a second access key for a plurality of sectors within a secure element namespace of a secure element, each sector comprising at least an access memory block and a plurality of data memory blocks, the access memory block storing an access type for each sector, wherein the first access key controls access to the memory blocks in a sector, and the second access key overrides changes to the first access key;
  
  assigning, by the control software application, a first access type to a first sector, the first access type comprising providing the first and second access key to a first application such that the control software application can reclaim control of the first sector only if the first application cooperates by returning the first access key and second access key to an initialized state;
  
  assigning, by the control software application, a second access type to a second sector, the second access type comprising providing only the first access key to a second application such that the control software application can reclaim control of the second sector using the second access key to return the first access key to an initialized state even if the second application does not cooperate by returning the first access key to an initialized state; and
  
  transmitting, from the control software application, for storage in the access memory block for at least each of the first and second sectors appropriate ones of the first access key and the second access key to provide the selected access type for each respective selected sector, thereby partitioning the namespace of the secure element into at least two storage types.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method according to claim 1, wherein each sector selected by the control software application comprises three data memory blocks and the access memory block.
  - 3. The method according to claim 1, wherein an external data requesting device is provided access to make changes to a software application or application data within at least one of the first or second sectors in the secure element namespace when the external data requesting device presents to the secure element either the first access key, the second access key, or a combination of the first and the second access key, and wherein the first access key, the second access key, or the combination of the first and the second access key matches a stored access key or a stored combination of access keys for a write access type, the write access type defined in the access memory block of the first or second sector.
  - 4. The method according to claim 1, wherein at least one of the memory blocks of the first or second sector comprises a directory table, the directory table comprising computer-coded application identifiers that point an external data requesting device to a different memory block comprising a requested software application.
  - 5. The method according to claim 4, wherein the external data requesting device is a contactless type card reader terminal configured to use radio frequency waves for communication with the secure element or a contact type card reader terminal device configured to read magnetic or optically coded data from the secure element.
  - 6. The method according to claim 1, further comprising managing, by a remote software application on a remote computer, the control software application in the secure element thereby executing inputs from the remote software application to define the first access key and the second access key;
    - to select the first sector, the second sector, and access types for each of the selected sectors; and
      
      to transmit the appropriate ones of the first access key and the second access key to provide the selected access type for each sector.
  - 7. The method according to claim 6, further comprising a user-interface software application, wherein the remote software application is a trusted service manager computer and the user-interface software application provides an authentication request for each of the defining, the selecting, and the transmitting inputs in the managing step to the trusted service manager computer via a wireless communication channel, and the trusted service manager computer provides, to the control application software, a response comprising authentication for each of the requested inputs.
  - 8. The method according to claim 1, further comprising:
    - storing, in a secure memory, by the control software application, existing data from within at least the second sector, wherein the existing data is an existing software application or existing application data;
      
      reclaiming, by the control software application, control of the second sector from a second application controlling the second sector using the second access key to override a change to the first access key by the second application;
      
      overwriting, by the control software application, the existing data in the second sector; and
      
      writing, by the control software application in the secure element, back to the second sector, the stored existing data from the secure memory.
  - 9. The method according to claim 8, wherein overwriting comprises deleting, by the control software application, the existing data in the second sector.
  - 10. The method according to claim 8, further comprising, prior to the writing step:
    - providing, by the control software application, a third application with the second access type to the second sector;
      
      writing, by the control software application in the secure element, a third software application or third application data type to the second sector; and
      
      reclaiming, by the control software application in the secure element, control of the second sector from the third application of the second sector using the second access key to override a change to the first access key by the third application.

11. A system, comprising:
- a secure element; and
  
  a processor communicatively coupled to the secure element, wherein the processor executes application code instructions that are stored in the secure element and that cause the system to;
  
  define at least a first access key and a second access key for a plurality of sectors within a secure element namespace, each sector comprising at least an access memory block and a plurality of data memory blocks, the access memory block storing an access type for each sector, wherein the first access key controls access to the memory blocks in a sector, and the second access key overrides changes to the first access key;
  
  provide the first access key and the second access key to a first application such that the system can reclaim control of the first sector only if the first application cooperates by returning the first access key and second access key to an initialized state;
  
  provide only the first access key to a second application such that the system can reclaim control of the second sector even if the second application does not cooperate by returning the first access key to an initialized state; and
  
  reclaim control of the second sector from the second application using the second access key to change the first access back to an initialized state.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The system according to claim 11, wherein each sector comprises three data memory blocks and one access memory block.
  - 13. The system according to claim 11, wherein at least one of the memory blocks of the first or second sectors comprises a directory table, the directory table comprising computer-coded application identifiers that point external data requesting devices to a different memory block comprising a requested software application.
  - 14. The system according to claim 11, wherein the external data requesting device is a contactless type card reader terminal configured to use radio frequency waves for communication with the secure element or a contact type card reader terminal device configured to read magnetic or optically coded data from the secure element.
  - 15. The system according to claim 11, wherein an external data requesting device is provided access to make changes to the software application or application data within at least one of the first and second sectors in the secure element when the external data requesting device presents to the secure element either the first access key, a second access key, or the combination of the first and the second access keys, and wherein the first access key, the second access key, or the combination of the first and the second access keys matches a stored access key or a stored combination of access keys for a write access type, the write access type defined in the access memory block of the first and second sector.
  - 16. The system according to claim 11, further comprising:
    - a remote software application on a remote computer that manages the control software application in the secure element, to define the first access type, the second access type, a first access key, and a second access key, to select the first sector, the second sector and access types for each of the selected sectors, and to transmit appropriate ones of the first access key and the second access key to provide the selected access type for each respective selected sectors.
  - 17. The system according to claim 16, further comprising a user-interface software application, wherein the remote software application is a trusted service manager computer and the user-interface software application provides an authentication request for each defining, selecting, and transmitting input to the trusted service manager computer via a wireless communication channel, and wherein the trusted service manager computer provides, to the control software application, a response comprising authentication for each requested input.
  - 18. The system according to claim 11, further comprising:
    - application code instructions that are stored in the secure element and cause the system to,store existing data from within at least the second sector, wherein the existing data is an existing software application or an existing application data;
      
      overwrite the existing data in the second sector; and
      
      write back to the second sector, the stored existing data from the secure memory.
  - 19. The system according to claim 18, wherein overwriting comprises deleting, by the control software application, the existing data in the second sector.
  - 20. The system according to claim 18, further comprising, application code instructions that are stored in the secure element and cause the system to:
    - provide, a third application with the first access key to the second sector;
      
      write a third software application or third application data type to the second sector; and
      
      reclaim control of the second sector from the third application by overriding a change to the first access key by the third application using the second access key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
Google Inc. (Alphabet Inc.)
Inventors
von Behren, Rob, Wall, Jonathan, Paya, Ismail Cem, Meyn, Hauke, Muehlberg, Alexej
Primary Examiner(s)
Bragdon, Reginald
Assistant Examiner(s)
Bansal, Gurtej

Application Number

US13/244,781
Publication Number

US 20120159105A1
Time in Patent Office

827 Days
Field of Search

711/152, 711/153, 711/163, 711/164, 711/173
US Class Current

711/164
CPC Class Codes

G06F 21/62   Protecting access to data v...

G06Q 20/3552   Downloading or loading of p...

G06Q 20/3563   Software being resident on ...

G06Q 20/35765   Access rights to memory zones

G07F 7/1008   Active credit-cards provide...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 9/08   Key distribution or managem...

H04L 9/0897   involving additional device...

H04W 12/35   Protecting application or s...

H04W 4/80   Services using short range ...

Partitioning the namespace of a contactless smart card

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

102 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Partitioning the namespace of a contactless smart card

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

102 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others