Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
1999-04-06
2003-08-19
Darrow, Justin T. (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
C713S156000, C713S157000, C713S168000, C713S169000, C713S175000
Reexamination Certificate
active
06609199
ABSTRACT:
TECHNICAL FIELD
This invention relates to computer-implemented authentication systems. More particularly, the invention relates to authentication of an application, running on an open system, to a portable IC device.
BACKGROUND OF THE INVENTION
Computers are finding more and more uses in a wide variety of fields and locations. The ability to obtain ever-increasing performance at an ever-decreasing price is expanding the fields where computers can be used. These reduced costs make “public” computers more and more plausible. Public computers refer to computers that are set up and generally available for use by the public, such as in a hotel room, in a kiosk at an airport or shopping mall, in a store (e.g., a department or grocery store), etc. Such public computers may be interconnected with other computers, such as other public computers via a local area network (LAN) or other public and/or non-public computers via a wide area network (WAN) such as the Internet, or alternatively may be stand-alone computers.
The public accessibility to such computers, as well as their potential interconnectivity, makes each computer an “open system”. An open system refers to a computer that is accessible to multiple individuals and/or other computers, some of which cannot be trusted with users' private information. Open systems are vulnerable to a wide variety of attacks intended to compromise the integrity of the systems and reveal users' private information. Such attacks can come from other computers via a network (e.g., the Internet), or alternatively from other users of the systems.
Public computers are particularly appealing for use with portable integrated circuit (IC) devices such as smart cards. A smart card is a small card, roughly the size of a typical credit card, that includes a microprocessor, memory, and an input/output (I/O) interface. Smart cards can be programmed to maintain any type of information. Examples of such information include private financial information (such as checking or savings account number, credit card numbers, and personal identification numbers (PINs)), as well as private identification information (such as a social security number or digital signature).
Unfortunately, when public computers are vulnerable to attack, so too are the smart cards that interface with the computers. A public computer could be executing, unbeknownst to the user, a “rogue” application that accesses private information on the smart card and subsequently takes various unauthorized actions. Examples of such unauthorized actions include charging goods or services to a particular account number and signing the smart card owner's signature to the charges, transferring money out of checking or savings accounts, etc. Another type of rogue application executing on the public computer could be an “imposter” of a legitimate program. For example, a public computer may include a banking program that allows users, upon providing the appropriate account numbers from their smart card, to access their current account status or purchase goods and services. A rogue application may pretend to be the banking application in order to receive the account numbers provided by the smart card, at which point various unauthorized actions could be taken by the rogue application.
Similarly, a rogue OS (operating system) might intercept a PIN (Personal Identity Number) or other smart card password entered on the open system's keyboard, or might intercept communications between the smart card and the application operating under the OS's control on the open system.
One solution that protects private information from rogue applications is to include, as part of the portable IC device, a display in order to display the requests being signed by the smart card on behalf of the user, a keyboard in order to allow the user to enter PINs and to accept or reject requests, and its own clock and battery supply to provide defense against various other attempts to obtain the private information. However, this solution provides a rather bulky and expensive “portable” IC device that is too costly to produce on a mass scale.
This invention addresses these disadvantages, providing an improved way to maintain the security of private information on a portable IC device.
SUMMARY OF THE INVENTION
The invention provides for authentication between an open system and a portable IC device that can be coupled to the open system. Private or otherwise sensitive or protected information that is maintained on the portable IC device is unlocked and made available only to an application, executing on the open system, that can prove to the portable IC device that it is trustworthy. The trustworthy application will maintain the security of the private information and will not misuse the information.
According to one aspect of the invention, a secure communication channel between the open system and the portable IC device is established. An application desiring access to the information on the portable IC device then authenticates itself to the portable IC device, proving that it is trustworthy. Once such trustworthiness is proven, the portable IC device authenticates itself to the application. Once such two-way authentication has been completed, trusted communication between the open system and the portable IC device can proceed.
According to one aspect of the invention, the open system uses an “authenticated boot” methodology to authenticate applications executing on the system. In the authenticated boot methodology, certificates of authenticity can be provided by the operating system, the processor, and the computer. The operating system can further provide certificates authenticating particular applications executing on the open system. A chain of such certificates can then be provided to the portable IC device, proving the authenticity of the applications.
According to another aspect of the invention, the open system uses a “curtaining” or “curtained code” methodology to authenticate applications executing on the system. In the curtaining methodology, an application can be executed in a secure manner by the open system, ensuring that no other applications can access the data being used by the secure application unless explicitly authorized. A security manager, responsible for handling secure sections of memory, can provide a certificate that a particular application is executing in a secure section of memory, thereby proving the authenticity of the application.
REFERENCES:
patent: 4827508 (1989-05-01), Shear
patent: 4969189 (1990-11-01), Ohta et al.
patent: 4977594 (1990-12-01), Shear
patent: 5023907 (1991-06-01), Johnson et al.
patent: 5050213 (1991-09-01), Shear
patent: 5140634 (1992-08-01), Guillou et al.
patent: 5276311 (1994-01-01), Hennige
patent: 5410598 (1995-04-01), Shear
patent: 5473690 (1995-12-01), Grimonprez et al.
patent: 5473692 (1995-12-01), Davis
patent: 5544246 (1996-08-01), Mandelbaum et al.
patent: 5654746 (1997-08-01), McMullan, Jr. et al.
patent: 5721781 (1998-02-01), Deo et al.
patent: 5796824 (1998-08-01), Hasebe et al.
patent: 5812662 (1998-09-01), Hsu et al.
patent: 5812980 (1998-09-01), Asai
patent: 5892900 (1999-04-01), Ginter
patent: 5892902 (1999-04-01), Clark
patent: 5910987 (1999-06-01), Ginter et al.
patent: 5915019 (1999-06-01), Ginter et al.
patent: 5917912 (1999-06-01), Ginter et al.
patent: 5920861 (1999-07-01), Hall et al.
patent: 5933498 (1999-08-01), Schneck et al.
patent: 5940504 (1999-08-01), Griswold
patent: 5943422 (1999-08-01), Van Wie et al.
patent: 5949876 (1999-09-01), Ginter et al.
patent: 5953502 (1999-09-01), Helbig, Sr.
patent: 5982891 (1999-11-01), Ginter et al.
patent: 5991876 (1999-11-01), Johnson et al.
patent: 6006332 (1999-12-01), Rabne et al.
patent: 6009274 (1999-12-01), Fletcher et al.
patent: 6009401 (1999-12-01), Horstmann
patent: 6032257 (2000-02-01), Olarig et al.
patent: 6073124 (2000-06-01), Krishnan et al.
patent: 6112181 (2000-08-01), Shear et al.
patent: 6118873 (2000-09-01), Lotspiech et al.
patent: 6138119 (2000-10-01), Hall et al.
patent: 6148402
Darrow Justin T.
Lee & Hayes PLLC
Microsoft Corporation
LandOfFree
Method and apparatus for authenticating an open system... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for authenticating an open system..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for authenticating an open system... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3082278