Terminal for strong authentication of a user

US 9,094,207 B2
Filed: 03/16/2009
Issued: 07/28/2015
Est. Priority Date: 04/21/2008
Status: Expired due to Fees

First Claim

Patent Images

1. A terminal for authentication of a user comprising:

a reader for reading the user'"'"'s authentication parameters;

an application server, configured to generate for the user a private digital certificate and a public digital certificate and manage storage of data in the terminal;

a receiver for receiving a geolocation signal, the receiver in communication with a database for transmission of encrypted authentication data from the terminal to a network server connected to the terminal by a network, the database having a plurality of symmetrical encryption keys and configured to store encrypted secured data therein, the secured data encrypted by one of the plurality of encryption keys;

a communication interface for communicating with another apparatus; and

a processor coupled to a memory configured to (i) extract date and time information from the geolocation signal received by the receiver, (ii) generate the encrypted authentication data including the authentication parameters, the extracted date and the time, (iii) control real-time transmission, by another of the plurality of symmetrical encryption keys, of the encrypted authentication data via the communication interface to the network server for the authentication of the user; and

(iv) decrypt, by the same of the plurality of symmetrical encryption keys used for transmission of encrypted authentication data, the encrypted authentication data received from the server;

wherein the terminal is configured to erase registered data of users at the end of a terminal utilization session in order to allow the terminal to be used successively by the users without connection between them.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention relates to a terminal (3) for the strong authentication of a user, comprising:—a reader (31, 34) of a user'"'"'s authentication parameters;—a receiver of a geolocation signal (33);—an interface (37) for communication with another apparatus;—and a processor (38), extracting the date and time of the geolocation signal, generating encrypted data comprising authentication parameters read by the reader and the date and time extracted, and ordering the transmission of said encrypted data by way of the communication interface (37).

Citations

12 Claims

1. A terminal for authentication of a user comprising:
- a reader for reading the user'"'"'s authentication parameters;
  
  an application server, configured to generate for the user a private digital certificate and a public digital certificate and manage storage of data in the terminal;
  
  a receiver for receiving a geolocation signal, the receiver in communication with a database for transmission of encrypted authentication data from the terminal to a network server connected to the terminal by a network, the database having a plurality of symmetrical encryption keys and configured to store encrypted secured data therein, the secured data encrypted by one of the plurality of encryption keys;
  
  a communication interface for communicating with another apparatus; and
  
  a processor coupled to a memory configured to (i) extract date and time information from the geolocation signal received by the receiver, (ii) generate the encrypted authentication data including the authentication parameters, the extracted date and the time, (iii) control real-time transmission, by another of the plurality of symmetrical encryption keys, of the encrypted authentication data via the communication interface to the network server for the authentication of the user; and
  
  (iv) decrypt, by the same of the plurality of symmetrical encryption keys used for transmission of encrypted authentication data, the encrypted authentication data received from the server;
  
  wherein the terminal is configured to erase registered data of users at the end of a terminal utilization session in order to allow the terminal to be used successively by the users without connection between them.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The terminal according to claim 1, wherein the processor extracts the position of the terminal from the geolocation signal, and includes the extracted position of the terminal in the encrypted data.
  - 3. The terminal according to claim 1, furthering comprising a non-volatile memory for storing the plurality of symmetrical encryption keys, wherein the processor generates the encrypted data by using the plurality of symmetrical encryption keys.
  - 4. The terminal according to claim 3, further comprising:
    - a storage memory accessible by the communication interface; and
      
      a control interface through which the user can command the end of a session for using the terminal, wherein the processor commands the erasure of the storage memory at the end of each session of use.
  - 5. The terminal according to claim 4, wherein applications for interpreting different file types are stored in the storage memory, and the processor is configured to generate an image of the contents of an interpreted file and to transmit the image via the communication interface.
  - 6. The terminal according to claim 5, wherein the reader of the authentication parameters is a fingerprint reader.
  - 7. The terminal according to claim 6, wherein the reader of the authentication parameters is a retinal reader.
  - 8. The terminal according to claim 7, wherein the reader of the authentication parameters is a keyboard, and the terminal further includes a chip card reader.
  - 9. The terminal according to claim 8, wherein the communication interface is a wireless communication interface.
  - 10. The terminal according to claim 9, wherein the receiver is configured to receive a GPS signal.
  - 11. The terminal according to claim 1, wherein the private digital certificate contains data on the user'"'"'s identity.
  - 12. The terminal according to claim 11, wherein the public digital certificate is linked to the private digital certificate to verify its existence.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Jonathan Jacob Attia
Original Assignee
Jonathan Jacob Attia
Inventors
Attia, Jonathan, Pinot, Bernard
Primary Examiner(s)
Desrosiers, Evans

Application Number

US12/988,899
Publication Number

US 20110040972A1
Time in Patent Office

2,325 Days
Field of Search

713168-174, 713182-186, 713/202, 709/225, 709/229, 726 2- 8
US Class Current

1/1
CPC Class Codes

H04L 2209/601   Broadcast encryption

H04L 2209/80   Wireless network architectu...

H04L 2463/082   applying multi-factor authe...

H04L 63/0435   wherein the sending and rec...

H04L 63/062   for key distribution, e.g. ...

H04L 63/0823   using certificates cryptogr...

H04L 63/0861   using biometrical features,...

H04L 63/0876   based on the identity of th...

H04L 9/321   involving a third party or ...

H04L 9/3231   Biological data, e.g. finge...

H04L 9/3263   involving certificates, e.g...

H04W 12/06   Authentication

H04W 12/61   Time-dependent

H04W 12/63   Location-dependent; Proximi...

Terminal for strong authentication of a user

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Terminal for strong authentication of a user

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links