WO2003044636A3 - Method and system for reducing personal security device latency - Google Patents

Method and system for reducing personal security device latency Download PDF

Info

Publication number
WO2003044636A3
WO2003044636A3 PCT/EP2002/012852 EP0212852W WO03044636A3 WO 2003044636 A3 WO2003044636 A3 WO 2003044636A3 EP 0212852 W EP0212852 W EP 0212852W WO 03044636 A3 WO03044636 A3 WO 03044636A3
Authority
WO
WIPO (PCT)
Prior art keywords
cache
data
personal security
cache server
psd
Prior art date
Application number
PCT/EP2002/012852
Other languages
French (fr)
Other versions
WO2003044636A2 (en
Inventor
Yves Audebert
Olivier Clemot
Original Assignee
Activcard Ireland Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Activcard Ireland Ltd filed Critical Activcard Ireland Ltd
Priority to AU2002365987A priority Critical patent/AU2002365987A1/en
Priority to EP02803376A priority patent/EP1459156A2/en
Publication of WO2003044636A2 publication Critical patent/WO2003044636A2/en
Publication of WO2003044636A3 publication Critical patent/WO2003044636A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2113Multi-level security, e.g. mandatory access control
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources

Abstract

This invention describes a system and method for reducing communications throughput latency caused by the low-level communications protocol and serial communications interface associated with the use of personal security devices. To improve the data throughput, a cache (165) is created under the exclusive ownership of an API level program called a cache server (115). The cache server (115) maintains access rights associated with the data (40, 50, 60) transferred from the PSD (160) into cache memory. Requests made by programs for cached PSD data (40', 50', 60') are first verified for access rights and serviced by the cache server (115). Cryptographic techniques may be employed to prevent unauthorized monitoring of the contents of the cache (165).
PCT/EP2002/012852 2001-11-19 2002-11-15 Method and system for reducing personal security device latency WO2003044636A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
AU2002365987A AU2002365987A1 (en) 2001-11-19 2002-11-15 Method and system for reducing personal security device latency
EP02803376A EP1459156A2 (en) 2001-11-19 2002-11-15 Method and system for reducing personal security device latency

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US09/988,301 US20030097582A1 (en) 2001-11-19 2001-11-19 Method and system for reducing personal security device latency
US09/988,301 2001-11-19

Publications (2)

Publication Number Publication Date
WO2003044636A2 WO2003044636A2 (en) 2003-05-30
WO2003044636A3 true WO2003044636A3 (en) 2004-03-25

Family

ID=25534022

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2002/012852 WO2003044636A2 (en) 2001-11-19 2002-11-15 Method and system for reducing personal security device latency

Country Status (4)

Country Link
US (1) US20030097582A1 (en)
EP (1) EP1459156A2 (en)
AU (1) AU2002365987A1 (en)
WO (1) WO2003044636A2 (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9219755B2 (en) 1996-11-08 2015-12-22 Finjan, Inc. Malicious mobile code runtime monitoring system and methods
US7058822B2 (en) 2000-03-30 2006-06-06 Finjan Software, Ltd. Malicious mobile code runtime monitoring system and methods
US8079086B1 (en) 1997-11-06 2011-12-13 Finjan, Inc. Malicious mobile code runtime monitoring system and methods
DE10340181A1 (en) * 2003-09-01 2005-03-24 Giesecke & Devrient Gmbh Method for cryptographically securing communication with a portable data carrier
EP1589419A1 (en) * 2004-04-19 2005-10-26 Sun Microsystems, Inc. System and method for controlling the use of a method in an object-oriented computer environment

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5854891A (en) * 1996-08-09 1998-12-29 Tritheim Technologies, Inc. Smart card reader having multiple data enabling storage compartments
EP0936530A1 (en) * 1998-02-16 1999-08-18 Siemens Nixdorf Informationssysteme AG Virtual smart card

Family Cites Families (57)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3309425B2 (en) * 1992-05-22 2002-07-29 松下電器産業株式会社 Cache control unit
US5452447A (en) * 1992-12-21 1995-09-19 Sun Microsystems, Inc. Method and apparatus for a caching file server
IL107967A (en) * 1993-12-09 1996-12-05 News Datacom Research Ltd Apparatus and method for securing communication systems
FR2719680B1 (en) * 1994-05-05 1996-07-12 Gemplus Card Int Method for securing access to removable cards for computer.
US5941947A (en) * 1995-08-18 1999-08-24 Microsoft Corporation System and method for controlling access to data entities in a computer network
US6012085A (en) * 1995-11-30 2000-01-04 Stampede Technolgies, Inc. Apparatus and method for increased data access in a network file object oriented caching system
US6122637A (en) * 1995-11-30 2000-09-19 Yohe; Thomas Patrick Apparatus and method for increased data access in an object oriented caching system
US5682514A (en) * 1995-11-30 1997-10-28 Stampede Technologies, Inc. Apparatus and method for increased data access in a network file oriented caching system
US5835943A (en) * 1995-11-30 1998-11-10 Stampede Technologies, Inc. Apparatus and method for increased data access in a network file oriented caching system
US6339787B1 (en) * 1995-11-30 2002-01-15 Stampede Technologies, Inc. Apparatus and method for increasing speed in a network file/object oriented server/client system
US5740370A (en) * 1996-03-27 1998-04-14 Clinton Battersby System for opening cache file associated with designated file of file server only if the file is not subject to being modified by different program
US5896506A (en) * 1996-05-31 1999-04-20 International Business Machines Corporation Distributed storage management system having a cache server and method therefor
US5787468A (en) * 1996-06-11 1998-07-28 Data General Corporation Computer system with a cache coherent non-uniform memory access architecture using a fast tag cache to accelerate memory references
US5889952A (en) * 1996-08-14 1999-03-30 Microsoft Corporation Access check system utilizing cached access permissions
US5860158A (en) * 1996-11-15 1999-01-12 Samsung Electronics Company, Ltd. Cache control unit with a cache request transaction-oriented protocol
US6105027A (en) * 1997-03-10 2000-08-15 Internet Dynamics, Inc. Techniques for eliminating redundant access checking by access filters
US5878218A (en) * 1997-03-17 1999-03-02 International Business Machines Corporation Method and system for creating and utilizing common caches for internetworks
US6557104B2 (en) * 1997-05-02 2003-04-29 Phoenix Technologies Ltd. Method and apparatus for secure processing of cryptographic keys
FR2767624B1 (en) * 1997-08-21 2002-05-10 Activcard ELECTRONIC PORTABLE DEVICE FOR SECURE COMMUNICATION SYSTEM, AND METHOD FOR INITIALIZING ITS PARAMETERS
US6003014A (en) * 1997-08-22 1999-12-14 Visa International Service Association Method and apparatus for acquiring access using a smart card
US6158007A (en) * 1997-09-17 2000-12-05 Jahanshah Moreh Security system for event based middleware
FR2778258A1 (en) * 1998-04-29 1999-11-05 Texas Instruments France Memory traffic access controller
DE19838628A1 (en) * 1998-08-26 2000-03-02 Ibm Extended smart card communication architecture and method for communication between smart card application and data carrier
US6179205B1 (en) * 1998-03-05 2001-01-30 Visa International Service Association System and method for locking and unlocking and application in a smart card
US6430618B1 (en) * 1998-03-13 2002-08-06 Massachusetts Institute Of Technology Method and apparatus for distributing requests among a plurality of resources
US6205481B1 (en) * 1998-03-17 2001-03-20 Infolibria, Inc. Protocol for distributing fresh content among networked cache servers
US6092202A (en) * 1998-05-22 2000-07-18 N*Able Technologies, Inc. Method and system for secure transactions in a computer system
US6360952B1 (en) * 1998-05-29 2002-03-26 Digital Privacy, Inc. Card access system supporting multiple cards and card readers
US6985722B1 (en) * 1998-09-25 2006-01-10 Soma Networks, Inc. Telecommunication services
US6481621B1 (en) * 1999-01-12 2002-11-19 International Business Machines Corporation System method and article of manufacture for accessing and processing smart card information
JP4299911B2 (en) * 1999-03-24 2009-07-22 株式会社東芝 Information transfer system
JP3471654B2 (en) * 1999-04-06 2003-12-02 富士通株式会社 License server, copyright holder system, user system, system, recording medium, and content use control method
CN1197322C (en) * 1999-04-26 2005-04-13 诺基亚移动电话有限公司 Radio terminal for browsing internet
US7085931B1 (en) * 1999-09-03 2006-08-01 Secure Computing Corporation Virtual smart card system and method
US6374332B1 (en) * 1999-09-30 2002-04-16 Unisys Corporation Cache control system for performing multiple outstanding ownership requests
JP3391315B2 (en) * 1999-10-20 2003-03-31 日本電気株式会社 Bus control device
US6526469B1 (en) * 1999-11-12 2003-02-25 International Business Machines Corporation Bus architecture employing varying width uni-directional command bus
US6738901B1 (en) * 1999-12-15 2004-05-18 3M Innovative Properties Company Smart card controlled internet access
US6415357B1 (en) * 1999-12-23 2002-07-02 Unisys Corporation Caching method and apparatus
US6871278B1 (en) * 2000-07-06 2005-03-22 Lasercard Corporation Secure transactions with passive storage media
US6889329B1 (en) * 2000-07-28 2005-05-03 Sun Microsystems, Inc. Adding secure external virtual memory to smart cards
US6842770B1 (en) * 2000-08-18 2005-01-11 Apple Computer, Inc. Method and system for seamlessly accessing remotely stored files
US6959320B2 (en) * 2000-11-06 2005-10-25 Endeavors Technology, Inc. Client-side performance optimization system for streamed applications
US6918113B2 (en) * 2000-11-06 2005-07-12 Endeavors Technology, Inc. Client installation and execution system for streamed applications
US6879808B1 (en) * 2000-11-15 2005-04-12 Space Systems/Loral, Inc Broadband communication systems and methods using low and high bandwidth request and broadcast links
US6983288B1 (en) * 2000-11-20 2006-01-03 Cisco Technology, Inc. Multiple layer information object repository
JP4478321B2 (en) * 2000-11-27 2010-06-09 富士通株式会社 Storage system
US6824064B2 (en) * 2000-12-06 2004-11-30 Mobile-Mind, Inc. Concurrent communication with multiple applications on a smart card
US6729549B2 (en) * 2000-12-19 2004-05-04 International Business Machines Corporation System and method for personalization of smart cards
US20020080190A1 (en) * 2000-12-23 2002-06-27 International Business Machines Corporation Back-up and usage of secure copies of smart card data objects
JP2002197073A (en) * 2000-12-25 2002-07-12 Hitachi Ltd Cache coincidence controller
US6981138B2 (en) * 2001-03-26 2005-12-27 Microsoft Corporation Encrypted key cache
US6986018B2 (en) * 2001-06-26 2006-01-10 Microsoft Corporation Method and apparatus for selecting cache and proxy policy
US6854057B2 (en) * 2001-09-06 2005-02-08 America Online, Inc. Digital certificate proxy
JP2003228534A (en) * 2001-11-30 2003-08-15 Ntt Docomo Inc Information delivery system, descriptive data delivery device, content location management device, data conversion device, receiving terminal device and information delivery method
US6880037B2 (en) * 2002-08-13 2005-04-12 Activcard, Inc. Method of data caching on a smartcard
US20040199727A1 (en) * 2003-04-02 2004-10-07 Narad Charles E. Cache allocation

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5854891A (en) * 1996-08-09 1998-12-29 Tritheim Technologies, Inc. Smart card reader having multiple data enabling storage compartments
EP0936530A1 (en) * 1998-02-16 1999-08-18 Siemens Nixdorf Informationssysteme AG Virtual smart card

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"FIPS PUB 140-1, Federal Information Processing Standards Publication: Security Requirements for cryptographic modules", FEDERAL INFORMATION PROCESSING STANDARDS PUBLICATION, U.S. DEPT. OF COMMERCE, WASHINGTON, DC, US, 11 January 1994 (1994-01-11), pages 1 - 55, XP002237651, ISSN: 0083-1816 *

Also Published As

Publication number Publication date
WO2003044636A2 (en) 2003-05-30
US20030097582A1 (en) 2003-05-22
AU2002365987A1 (en) 2003-06-10
EP1459156A2 (en) 2004-09-22
AU2002365987A8 (en) 2003-06-10

Similar Documents

Publication Publication Date Title
WO2005054973A3 (en) Method and system for improving computer network security
EP1465041A3 (en) Communication device, method and program for checking sofware execution permission
US8161287B2 (en) Method and system for memory protection and security using credentials
TW200620930A (en) Stsyem and method for managing access to protected content by untrusted applications
Flinn et al. Data staging on untrusted surrogates
WO2004090667A3 (en) Method and apparatus for extending protected content access with peer to peer applications
WO2001046783A3 (en) System and method for accessing protected content in a rights-management architecture
WO2006057852A3 (en) Caching content and state data at a network element
WO2004049096A3 (en) Creation of local usage rights voucher
WO2003038575A3 (en) Portability and privacy with data communications network browsing
KR20000076701A (en) A system and method for manipulating a computer file and/or program
EP1944905A1 (en) An encrypted transmission method and equipment system for preventing copying the data resource
WO2001033320A3 (en) Public network access server having a user-configurable firewall
WO1999060750A3 (en) Preventing unauthorized use of service
US20120131124A1 (en) Rdma read destination buffers mapped onto a single representation
CA2462673A1 (en) Systems and methods for providing digital rights management compatibility
AU2003276287A1 (en) Method and apparatus for transmitting data subject to privacy restrictions
WO2002084460A2 (en) Method and system to maintain portable computer data secure and authentication token for use therein
WO2006124411A3 (en) A digital publication system and apparatus
CA2509091A1 (en) System and method for handshaking between wireless devices and servers
WO2002023798A8 (en) System for protecting objects distributed over a network
WO2007047440A3 (en) Method and apparatus for re-authentication of a computing device using cached state
WO2002100117A3 (en) A system and method for reducing the time to deliver information from a communications network to a user
GB2396989A (en) Method and apparatus for content protection across an interface
WO2001025937A1 (en) Network/tdi blocking method and system

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SD SE SG SI SK SL TJ TM TN TR TT TZ UA UG UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR IE IT LU MC NL PT SE SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
REEP Request for entry into the european phase

Ref document number: 2002803376

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2002803376

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2002803376

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Ref document number: JP