SYSTEM AND METHOD FOR PROVIDING SECURITY IN BROWSER-BASED ACCESS TO SMART CARDS
    1.
    发明申请
    SYSTEM AND METHOD FOR PROVIDING SECURITY IN BROWSER-BASED ACCESS TO SMART CARDS 有权
    基于浏览器的智能卡访问安全的系统和方法

    公开(公告)号:US20110320818A1

    公开(公告)日:2011-12-29

    申请号:US13255106

    申请日:2010-03-05

    IPC分类号: H04L9/32

    摘要: A method of operating a host computer having a web-browser with the capability of executing at least one web-browser add-on to provide a web application access to a smart card to protect the smart card from security threats associated with being connected to the Internet. Prior to establishing a connection between a web application executing in the web browser, verifying that the web application has been authorized to connect to a smart care using the web-browser add-on to provide a web application access to a smart card.

    摘要翻译: 一种操作具有网络浏览器的主计算机的方法,所述主机具有执行至少一个网络浏览器附件的能力,以提供对智能卡的web应用访问,以保护智能卡免受与连接到智能卡相关联的安全威胁 互联网。 在建立在web浏览器中执行的web应用程序之间的连接之后,验证Web应用程序是否被授权使用web浏览器附件来连接到智能护理以提供web应用程序访问智能卡。

    System and method for providing security in browser-based access to smart cards
    4.
    发明授权
    System and method for providing security in browser-based access to smart cards 有权
    用于在基于浏览器的智能卡访问中提供安全性的系统和方法

    公开(公告)号:US08713644B2

    公开(公告)日:2014-04-29

    申请号:US13255106

    申请日:2010-03-05

    IPC分类号: H04L9/32 G06F21/00

    摘要: A method of operating a host computer having a web-browser with the capability of executing at least one web-browser add-on to provide a web application access to a smart card to protect the smart card from security threats associated with being connected to the Internet. Prior to establishing a connection between a web application executing in the web browser, verifying that the web application has been authorized to connect to a smart care using the web-browser add-on to provide a web application access to a smart card.

    摘要翻译: 一种操作具有网络浏览器的主计算机的方法,所述主机具有执行至少一个网络浏览器附件的能力,以提供对智能卡的web应用访问,以保护智能卡免受与连接到智能卡相关联的安全威胁 互联网。 在建立在web浏览器中执行的web应用程序之间的连接之后,验证Web应用程序是否被授权使用web浏览器附件来连接到智能护理以提供web应用程序访问智能卡。

    Method of preventing web browser extensions from hijacking user information
    6.
    发明授权
    Method of preventing web browser extensions from hijacking user information 失效
    防止Web浏览器扩展劫持用户信息的方法

    公开(公告)号:US08527757B2

    公开(公告)日:2013-09-03

    申请号:US12666276

    申请日:2008-06-23

    IPC分类号: H04L29/06

    摘要: The invention relates to a portable authentication token comprising connection means for connecting to a computer, browser communication means for communicating with a browser running on the computer, and user authentication means for authenticating a user of the token to a server. The user authentication means are triggered via the browser communication means when the user connects to the server from the browser of the computer. The user authentication means are set to authenticate the user by communicating with the server through the browser. The token comprises out-of-band token communication means set to validate user authentication by establishing a communication channel between the token and the server, the communication channel bypassing the browser.The invention also relates to an authentication method and to a system comprising a token, a computer and a server to which the user authenticates with the token.

    摘要翻译: 本发明涉及包括用于连接到计算机的连接装置的便携式认证令牌,用于与在计算机上运行的浏览器进行通信的浏览器通信装置以及用于将令牌的用户认证到服务器的用户认证装置。 当用户从计算机的浏览器连接到服务器时,通过浏览器通信装置触发用户认证装置。 用户认证装置设置为通过浏览器与服务器通信来认证用户。 令牌包括带外令牌通信装置,设置为通过在令牌和服务器之间建立通信信道来验证用户认证,通信信道绕过浏览器。 本发明还涉及一种认证方法以及一种系统,该系统包括令牌,计算机和服务器,用户使用令牌进行认证。

    METHOD AND SYSTEM FOR SECURING COMMUNICATION BETWEEN A HOST COMPUTER AND A SECURE PORTABLE DEVICE
    8.
    发明申请
    METHOD AND SYSTEM FOR SECURING COMMUNICATION BETWEEN A HOST COMPUTER AND A SECURE PORTABLE DEVICE 审中-公开
    主机计算机和安全便携式设备之间的通信保护方法和系统

    公开(公告)号:US20080189554A1

    公开(公告)日:2008-08-07

    申请号:US11948758

    申请日:2007-11-30

    IPC分类号: H04L9/06

    摘要: A secure portable electronic device for providing secure services when used in conjunction with a host computer having a central processing unit. The secure portable device communicates with the host computer via a host agent program executing on the host computer from the secure portable device. Periodically, the host agent and a corresponding program executing on the secure portable device, cooperate to verify the integrity and authenticity of the host agent program, for example, in conjunction with exchanging a new session key. Other systems and methods are disclosed.

    摘要翻译: 一种用于在与具有中央处理单元的主计算机结合使用时提供安全服务的安全便携式电子设备。 安全便携式设备通过主机计算机上从安全便携式设备执行的主机代理程序与主机通信。 周期性地,主机代理和在安全便携式设备上执行的相应程序,例如结合交换新的会话密钥来协作来验证主机代理程序的完整性和真实性。 公开了其它系统和方法。

    METHOD AND SYSTEM OF PROVIDING SECURITY SERVICES USING A SECURE DEVICE
    9.
    发明申请
    METHOD AND SYSTEM OF PROVIDING SECURITY SERVICES USING A SECURE DEVICE 审中-公开
    使用安全设备提供安全服务的方法和系统

    公开(公告)号:US20080052770A1

    公开(公告)日:2008-02-28

    申请号:US11564121

    申请日:2006-11-28

    IPC分类号: H04L9/32 G06F15/16

    摘要: A secure portable electronic device for providing secure services when used in conjunction with a host computer. The secure portable device includes a read-only memory partition, a read/write memory partition, and a secure memory partition. The secure portable device includes instructions stored in the read-only partition including a host agent containing instructions executable by the host computer. The secure portable device also includes instructions stored in the secure memory partition. These instructions include a card agent containing instructions executable by central processing units secure portable electronic device, and includes a card agent communications module for communicating with the host agent; and a security module for accessing private information stored in the secure memory partition. The host agent includes a host agent communications module for communicating with the card agent and at least one function requiring use of private information stored in the secure memory partition of the portable device and operable to transmit a request to the card agent to perform a corresponding function requiring the use of private information stored on the portable device.

    摘要翻译: 一种用于在与主机结合使用时提供安全服务的安全便携式电子设备。 安全便携式设备包括只读存储器分区,读/写存储器分区和安全存储器分区。 安全便携式设备包括存储在只读分区中的指令,包括主机代理,其中包含可由主机计算机执行的指令。 安全便携式设备还包括存储在安全存储器分区中的指令。 这些指令包括包含可由中央处理单元安全的便携式电子设备执行的指令的卡代理,并且包括用于与主机代理进行通信的卡代理通信模块; 以及用于访问存储在安全存储器分区中的私人信息的安全模块。 主机代理包括用于与卡代理进行通信的主机代理通信模块和需要使用存储在便携式设备的安全存储器分区中的私有信息的至少一个功能,并且可操作地向卡代理发送请求以执行相应的功能 需要使用存储在便携式设备上的私人信息。

    Communications of UICC in mobile devices using internet protocols
    10.
    发明授权
    Communications of UICC in mobile devices using internet protocols 失效
    UICC在使用互联网协议的移动设备中的通信

    公开(公告)号:US07454233B2

    公开(公告)日:2008-11-18

    申请号:US11234577

    申请日:2005-09-23

    IPC分类号: H04B1/38

    摘要: A mobile device and UICC communication using standard Internet protocols. Such communication allows users access to their UICC information using standard web browsers and allows use of the UICCs to communicate with remote servers and thereby provide secure services for Internet transactions. The mobile device has a communications module to selectively communicate with the UICC processor or with at least one node on a network, the mobile device communications module has an Internet protocol module operable to receive messages issued from a first Internet application as Internet protocol packets, and to transmit the packets to target IP addresses; and operable to receive Internet protocol packets, to process the packets, and to send the messages contained in the packets to the first Internet application.

    摘要翻译: 移动设备和使用标准互联网协议的UICC通信。 这种通信允许用户使用标准Web浏览器访问其UICC信息,并允许使用UICC与远程服务器通信,从而为互联网事务提供安全服务。 移动设备具有通信模块以选择性地与UICC处理器或网络上的至少一个节点进行通信,移动设备通信模块具有互联网协议模块,其可操作以从因特网协议分组接收从第一互联网应用发出的消息,以及 将数据包传输到目标IP地址; 并且可操作以接收因特网协议分组,处理分组,以及将分组中包含的消息发送到第一互联网应用。