CN102822835A - Personal portable secured network access system - Google Patents
Personal portable secured network access system Download PDFInfo
- Publication number
- CN102822835A CN102822835A CN2010800656330A CN201080065633A CN102822835A CN 102822835 A CN102822835 A CN 102822835A CN 2010800656330 A CN2010800656330 A CN 2010800656330A CN 201080065633 A CN201080065633 A CN 201080065633A CN 102822835 A CN102822835 A CN 102822835A
- Authority
- CN
- China
- Prior art keywords
- client
- frame
- security terminal
- memory device
- secure
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Biomedical Technology (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Biodiversity & Conservation Biology (AREA)
- Life Sciences & Earth Sciences (AREA)
Abstract
Authenticating a customer for access to a content server. The customer is biometrically authenticated to a secure terminal based on information stored in a secure personal storage device belonging to the customer. The customer is allowed access to the secure terminal after a successful authentication. The customer is authenticated to the content server based on account credentials stored on the secure personal storage device issued by the content server.
Description
The cross reference of related application
The application requires the U.S. Provisional Application No.61/145 that submits on January 20th, 2009,904 rights and interests, and this U.S. Provisional Application is incorporated this paper into way of reference.
Technical field
Embodiment of the present invention relates to data processing field; And relate in particular to portable personal secure network access system.
Background technology
For computing equipment (for example, portable computer, workstation, cellular and smart phones etc.), be common through network (such as the internet) access resources.The common mechanism that is used for resources conseravtion is through usemame/password Verification System or must be by other unique identifiers of user input.For the user, many username and password combinations of having to manage the different numbers of the account that are used on the internet are common.Therefore, the user creates quite unsafe password usually or uses identical username and password to be used for a plurality of numbers of the account.In fact these username and password Verification Systems do not confirm that body part – of user that is to say that in case username and password is stolen, then the forger can visit this number of the account.
In addition, because current of no use to verify that the user on the internet is in the safety method of confirming the age, so current network system can not be set the content that the age drives with verifying.If credit card number is dangerous, then the age verification system according to credit card is unsafe.
In addition; Although mobile computing device such as portable computer, mobile phone, smart phone etc. provide convenience and mobile computing environment, where they can easily pass out of mind is placed on or under attack easily by the data of stealing and on said equipment, store.Exist cryptographic system to protect said data, but be not used usually owing to its complicacy.In either case, only if data are backed up, otherwise data will be lost.
The form that two kinds of common distribution medias are arranged.First kind of form comprises general digital copyright management, and media content is bundled into specific computing equipment type for it and another computing equipment is duplicated or moved to strict restriction with media file from a computing equipment.Second kind of form be in contrast: do not have digital copyright management, make media content easily between people, to transmit and do not give media content owner remuneration.
Description of drawings
Through with reference to the following description and the accompanying drawing that are used for explaining embodiment of the present invention, can understand the present invention best.In the accompanying drawings:
Fig. 1 illustrates the exemplary portable personal secure network access system according to an embodiment of the invention;
Fig. 2 illustrates the interactional more detailed view between secure personal memory device, security terminal and content server according to an embodiment of the invention;
Fig. 3 is the exemplary portable personal secure network access system 100 according to an embodiment of the invention;
Fig. 4 is the process flow diagram that illustrates according to the exemplary operation that is used for bio-identification training mechanism of an embodiment;
Fig. 5 is the process flow diagram that illustrates according to the exemplary operation that is used for biometric authentication mechanism of an embodiment;
Fig. 6 is the process flow diagram that illustrates according to the exemplary operation of the portable personal secure network access system accesses network content of use Fig. 1 of an embodiment;
Fig. 7 is the process flow diagram that deal with data is preserved the exemplary operation of request that is used for that illustrates according to an embodiment of the invention;
Fig. 8 is the process flow diagram of exemplary selection that is used to stop safe computing session that illustrates according to an embodiment of the invention;
Fig. 9 is the process flow diagram that is used for dynamically disposing based on resource requirement the exemplary operation of security terminal that illustrates according to an embodiment;
Figure 10 illustrates the process flow diagram of client 105 at the exemplary operation that is used for selecting between a plurality of network interfaces of a plurality of Internet service providers;
Figure 11 is the process flow diagram that the Resource Owner provides the exemplary operation of resource requirement that is used for that illustrates according to an embodiment of the invention;
Figure 12 A-12C illustrates and is used to the exemplary user interface that client 105 shows resource options; And
Figure 13 is the block diagram that the exemplary computer system that can in embodiments more of the present invention, use is shown.
Embodiment
In the following description, set forth a large amount of details.However, it should be understood that even without these details embodiment that also can embodiment of the present invention.In other situation,, be not shown specifically known circuit, structure and technology in order not make this instructions indigestion.Utilize included description, those of ordinary skill in the art can realize appropriate functional and need not undue experimentation.
" embodiment ", " embodiment " and the described embodiments of expression such as " illustrative embodiments " mentioned in this instructions can comprise specific characteristic, structure or characteristic, but each embodiment not necessarily comprises said specific characteristic, structure or characteristic.In addition, such wording same embodiment of definiteness that differs.In addition, when combining an embodiment to describe specific characteristic, structure or characteristic, no matter whether clearly describe, all think to combine other embodiments to realize in such characteristic, structure or characteristic those skilled in the art's the ken.
In following instructions and claims, " connection " and " connection " and their derivative possibly use a technical term.Should be appreciated that these terms also are not intended to conduct synonym each other." connection " be used for expressing possibility mutual direct physical contact or directly electrically contact or maybe be direct physical contact or two or more element co-operate or interactions of directly electrically contacting mutually." connection " is used for being illustrated between two or more elements of mutual connection and sets up communication.
Fig. 1 is the exemplary portable personal secure network access system according to an embodiment of the invention.System 100 comprises security terminal 115A-115N, content server and/or trading server 120A-120N and 130A-130N (hereinafter is a content server), client 105, secure personal memory device 110 and Key Management server 125.Security terminal 115A-115N is suitable for only when the secure personal memory device is inserted into, just to activate.That is to say, the secure personal memory device be not inserted into or attached situation under, security terminal can not operate.Security terminal 115A-115N does not store any data relevant with the client (for example, data file, number of the account voucher, client's setting or preference, bio-identification sample etc.).When with the secure personal memory device when security terminal is removed, this security terminal is removed its internal memory, deletes the internal memory trace that any expression client uses from this security terminal thus.
Through secure personal memory device 110 is inserted into any among the security terminal 115A-115N, client 105 starts the safe computing session with this security terminal.By client 105 all/the secure personal memory device 110 that uses (for example; Safe digital card (SD card), flash disk, thumb actuator, CD etc.) storage is specific to client 105 data (for example, subscriber data file, number of the account voucher, setting/preference etc.).After secure personal memory device 110 being inserted or be attached among the security terminal 115A-115N, this security terminal will be switched on, start and begin the authentication application program and had this secure personal memory device with the people who verifies insertion or attached this secure personal memory device 110.This authentication (for example will comprise the bio-identification checking; Vocal print checking, fingerprint analysis, retina scanning, graphology analysis, or arbitrary combination of vocal print checking, fingerprint analysis, retina scanning and graphology analysis etc.) or similar secret, based on non-legible authentication.After the process authentication; Client 105 can use this security terminal (for example to use local application; Media player, office suite application program, email application, recreation etc.), through network (for example; Local Area Network, wide area network (WAN) (for example, internet), wireless lan (wlan) etc.) access services and/or content.
Some content providers and/or service supplier can provide the secure access of its content and/or service and can be provided at the content of paying them and/or the never refusal during service.Secure access is only effective to the client through security terminal 115A-115N authentication.For example, security terminal 115A-115N comprises and is used for the security terminal web browser of customization of accessed content server 120A-120N and content server 130A-130N.Content server 120A-120N comprises secure content and/or security service 125A-125N, and content server 130A-130N comprises unsafe content and/or unsafe service 135A-135N.Based on providing the authentication to the number of the account voucher of the symbol of the secure personal storage device identification in the secure personal memory device 110 (id) 280 to client's that secure personal memory device 110 is provided security terminal checking and to secure content and/or security service 125A-125N, each among security terminal 115A-115N and the content server 120A-120N is applicable to permission access security content and/or security service 125A-125N.For example; Content server 120A-120N is applicable to that identification is from the connection of the security terminal web browser (with respect to the web browser from the other types of dissimilar computing equipments) of customization and therefore discern a security terminal (for example, among the security terminal 115A-115N) and be used.It is genuine (that is the people who, has secure personal memory device 110) and can trust the information (for example, number of the account voucher) on this secure personal memory device 110 that content server 120A-120N trust to use the client of this security terminal.The client that whenever carries out who also is supported in the computing session verifies again.If be directed to selected among secure content and/or the security service 125A-125N; On secure personal memory device 110, has the number of the account voucher; Then corresponding server can use these vouchers to come the authentication client and allow accessed content and/or service, and the client need not to import usemame/password, Personal Identification Number (PIN) or other identifying informations.If to selected content and/or service; There is not the number of the account voucher on the secure personal memory device 110; Then server can be created number of the account voucher and it is related with secure personal memory device 110, and this number of the account voucher can be written to through the electronic equipment of security terminal 115A in the secure personal memory device 110 subsequently.When security terminal utilized this secure personal memory device 110 to this secure content and/or this server of security service visit next time, the number of the account voucher in the memory device 110 was used for the authentication client and automatically the client is directed to this content and/or service.
The chance of supporting public safety terminal and private security terminal 115A-115N has been created in PKI keying visit to secure personal memory device 110.Some security terminals among the security terminal 115A-115N are private enterprise's security terminal.The security terminal 115A-115N of the private enterprise secure personal memory device (such as secure personal memory device 110) is associated among the security terminal 115A-115N one or one group aspect on be conditional, and the public safety terminal allows any secure personal memory device of on public network, setting up.In some embodiments; Secure personal memory device 110 only can be used on the specific security terminal among the security terminal 115A-115N or on the group of two or more security terminals of security terminal 115A-115N; And in other embodiments, secure personal memory device 110 can be used on any of security terminal 115A-115N.
In one embodiment, content server/trading server 120A is based on the advertisement of client identity authentication display-object.For example; Because the 100 authentication clients 105 of portable personal secure network access system are using Internet resources; Therefore with computing equipment (in the given time period; Many different clients can use this computing equipment) opposite, advertisement can be specially to the action of client 105 when the personal memory device 110 safe in utilization.In order to explain, content server 120A can store the one or more information record programs (cookie) that are used for secure personal storage device identification symbol 280.Can be customized to from inspection to the selection of client 105 advertisement and to accord with 280 related information record programs with the secure personal storage device identification and demography data/marketing data of drawing.Should be appreciated that information record program non-disclosre client 105 identity.
Fig. 2 illustrates the interactional more detailed view between secure personal memory device, security terminal and content server according to an embodiment of the invention.Through in operation 1 secure personal memory device 110 being inserted security terminal 115A, client 105 starts the safe computing session with this terminal.Before secure personal memory device 110 was inserted into, security terminal 115A can not switch on.The power circuit operation that makes security terminal 115A has been accomplished in the insertion of secure personal memory device 110, makes this security terminal 115A energising use for the client.In one embodiment; The insertion of secure personal memory device 110 automatically makes security terminal 115A switch on fully (or can be as an alternative; Recover from dormancy); And in other embodiments, this inserts and allows security terminal 115A by client's 105 energisings (for example, client 105 will press power knob so that security terminal turns back to available state from dormancy).Therefore at operation 2 places, accomplish power circuit 215 and electric power and be applied to security terminal 115A.In addition, security terminal 115A starts its operating system and beginning authenticated client module 242.
During security terminal 115A authentication client 105, with unique recognition data of storage on the personal memory device 110 safe in utilization.Through after the authentication, will between client 105 and security terminal 115A, set up safe computing session, allow the application program (the security terminal web browser 244 that for example, comprises customization) of client 105 terminal 115A safe in utilization.Although the application program that client 105 can terminal 115A safe in utilization should be appreciated that, security terminal 115A does not store and does not keep any data related with client 105A (no matter being user file or subscriber computer activity); Yet, can be stored on the secure personal memory device 110 by that authority is protected and local application data.In secure session constraint, the external program that security terminal 115A can allow to ratify is saved in independently removable device bus passage from removable device bus channel start independently or with data.When the safety computing session finish and/or secure personal memory device 110 by when security terminal 115A removes, security terminal 115A for good and all wipes its interim internal memory, deletes the internal memory trace that any expression client 105 uses from security terminal 115A thus.
By client 105 all/the secure personal memory device 110 that uses (for example; SD card, flash disk, thumb actuator, CD etc.) storage is specific to client's data (for example; The data file that the user produces, be used for the number of the account voucher of one or more network numbers of the account etc.), these data can with the safe computing session of security terminal 115A and content server 120A during use and/or generation.For example, as shown in fig. 1, secure personal memory device 110 comprises client's specific authentication data-carrier store 232, resource object memory block 236 (it comprises number of the account voucher, computing session demand, resource requirement, encryption key etc.) and user data 238.Client's specific authentication data-carrier store 232 storage clients' 105 the unique information of collecting and during authenticated client, using at period of registration by security terminal 115A.In one embodiment, can adopt the qualified registration of assurance to verify that the client properties that is provided is with support age or the transaction of site limitation or the access to content of age or site limitation.For example; Client's specific authentication data comprise in the biometric data one or more (for example, in vocal print checking sample, sample fingerprint, retina scanning image, the handwriting samples etc. one or more) and if registration guarantee qualified other attributes (such as client 105 date of birth) that also comprise.In some embodiments, client's specific authentication data-carrier store 232 does not comprise personal information, and these personal information comprise name, address, SSN, telephone number, e-mail address of client etc.As describing in more detail hereinafter, in one embodiment, security terminal 115A comprises the ability that allows client's 105 training to be used for the biometric data (the bio-identification sample is provided) of authentication.Client 105 also can be in authorized location (for example, when registering and/or buy secure personal memory device 110) training biometric data.
Resource object memory block 236 comprises to the support that is used for the possessory resource object bag of different resources or to the support from same possessory a plurality of resources.As used herein, the Resource Owner is for providing the content and/or the service supplier of resource (content and/or service) to the client.Usually, the Resource Owner provides safe resource.Each resource object bag can comprise the number of the account voucher (for example, one or more username and passwords or other authenticate keys) (voucher that for example, is used for client 105 number of the account) of the secure resources that is used for being provided.The resource object bag also can comprise the computing session demand.For example, some resources can need some security terminals of configuration that (for example, VPN (virtual private net) is provided with, agency's setting, fire wall setting, age are specific examines etc.) is set before being allowed to be visited.In one embodiment, the content of resource object memory block 236 is unknown for client 105, can not be read by client 105.In some embodiments, the content of resource object memory block 236 (for example, number of the account voucher, computing session demand, resource requirement and encryption key etc.) is created by content server (for example, content server 120).For example, the A of content provider can generate the particular user name that is used for client 105 and can generate different particular user name and the password that is used for client 105 with password (perhaps other authentication identifier) and the B of content provider.As will be hereinafter more detailed description; When authentication client 105; The number of the account voucher is used by content server; And can the normally used Standard User name/password of replacement server and/or the personal identity number inquiry use to create the visit of zero-click number of the account and experience, this has also exempted the social engineering risk of theft.
In some embodiments, for example those relate to the embodiment that the third party guarantees qualified registration, and client's specific authentication data-carrier store 232 also comprises client 105 date of birth, and this date of birth can be used to limit the service that client 105 can use.In one embodiment, can not comprise the client properties outside the verify data (for example, biometric authentication data) through the secure personal memory device of self registering training.For example, content and/or service supplier can be based on the availabilities of their content of age limit and/or service.For example, some contents and/or service can be limited to the client who is higher than a dating, the client who is lower than a dating (for example, being oriented to pupillary chatroom), the client in the group of a dating etc.In some embodiments, client 105 date of birth will not be stored, only and if up to 105 his/her age of confirmation of client.For example, when buying secure personal memory device 110 or when be in supervision in authorized location under, register secure personal memory device 110, the ID that can require client 105 to issue through demonstration government shows the evidence at age.
User data 238 is included in any data of producing during the safe computing session and preserving (for example, receiving the content file, application setting (for example, browser bookmark), security terminal setting (for example, font size etc.) etc. of rights management).In some embodiments, security terminal 115 comprises port or the slot that is used for removable media, so that except secure personal memory device 110, client 105 also uses said removable media to come stores user data files.
With the safe computing session of security terminal 115A during use or the information that produces, be stored on the secure personal memory device 110 can encrypted (for example, through security terminal 115).In one embodiment, security terminal 115A needs people's key in bio-identification source to come enabling decryption of encrypted volume 234.For example, client's specific authentication data-carrier store 232 is comprised in the encrypted volume 230 and resource object memory block 236 is comprised in the encrypted volume 234 with user data 238.Encrypted volume 234 is comprised in the encrypted volume 230.The purpose that encrypted volume is encrypted is that they only can be deciphered by suitable security terminal (for example, security terminal 115).In some embodiments, the data in client's specific authentication data-carrier store 232 are used for enabling decryption of encrypted volume 234.For example, before security terminal 115 and/or client's 105 calling party data 23 8 or resource object memory block 236, must be to security terminal 115 authentication client 105 successfully.Should be appreciated that, be exemplary at the encipherment scheme shown in Fig. 1, and other encipherment schemes can be used (for example, single encrypted volume, non-nested encrypted volume etc.) in embodiment.
Secure personal memory device 110 also comprises secure personal storage device identification symbol 280.In one embodiment, secure personal storage device identification symbol 280 is the unique hwid that can not change of during the manufacturing of secure personal memory device 110, implanting.Therefore each different security personal memory device has different and unique storage device identification symbol.
Therefore, at operation 4 places, session interface control module 246 is created safe computing session.After creating session, client 105 can visit and use resource (for example, such as the local resource of local application, Internet resources (resource of unsafe resource and/or safety) etc.).The session lock stop is decided timer and is started from conversation establishing, and the frequency that the Resource Owner sets up comprises the support of session being verified again timer.As indicated above, some resources can require to dispose some terminal and be provided with before they are allowed to visit.Therefore, the resource object memory block 236 of session interface control module 246 access security personal memory devices 110 is to confirm and to use any applicable resource requirement.This will describe hereinafter in more detail.
If selected resource is Internet resources (for example, the website), then the security terminal web browser 244 of customization is used for being connected to this resource.The security terminal web browser 244 of customization is can the access security Internet resources and the web browser of unsafe Internet resources.The secure network resource is not directed against 100 customizations and the Internet resources that trusted of portable personal secure network access system for those.For example, number of site can comprise the security to the concrete customization of security terminal (such as security terminal 115A).The computing equipment that is not security terminal may not be visited this security.Unsafe Internet resources are those not Internet resources of trusted (the conventional internet site that for example, does not customize to portable personal secure network access system 100).For example, content server 120A allows using system 100 secure access Internet resources.Therefore at operation 5 places, terminal 115A is connected to content server 120A through the security terminal web browser 244 of customization.
Content server 120A comprises browser identification module 250, to confirm to be used to import the type of the web browser of connection request; The web browser (such as browser 244) that belongs to the security terminal browser is directed to security terminal authentication module 262, and other web browsers (from the computing equipment as non-security terminal) are redirected to the dangerous part (this does not illustrate) of content server 120.Therefore at operation 6 places, browser identification module 250 confirms to be used to import the security terminal web browser 244 of the browser type of connection request for customization.
Security terminal authentication module 262 comes the authentication security terminal based on one or more encryption keys.For example, security terminal 115A and content server 120A exchange encryption keys, and when request accessed content server 120A, security terminal 115 transmits specific encryption key.The hardware security logic 270 of security terminal 115A comprises key memory block 275, the encryption key between these key memory block 275 memory contents servers and/or the secure personal memory device.If security terminal 115A can not be by authentication, then content server 120A will refuse its visit (security of denied access content server 120A at least).Therefore, in operation 7, security terminal authentication module 262 is carried out verification process to security terminal 115A.For purposes of illustration, security terminal 115A passes through verification process.
Certain time after the 115A of authentication security terminal; At operation 8 places; Authenticated client module 264 is according to secure personal storage device identification symbol 280, (being stored in the resource object memory block 236) the number of the account voucher on the secure personal memory device 110 whether with customer accounting code voucher memory block 268 in the number of the account credential match confirm whether client 105 (through 280 identifications of secure personal storage device identification symbol) is authorized to use service and/or visits the content of being asked.If said number of the account credential match, then browser 244 is directed to this content and/or service, need not the further interaction from the user usually.Certainly, should be appreciated that content server 120A can at any time require biometric authentication with the identity that confirms client 105 (for example, before accomplishing financial transaction etc.).
If in customer accounting code voucher memory block 268, (for example do not have the number of the account voucher; This is that accessed content server 120A is attempted at client 105 terminal safe in utilization first); Then authenticated client module 264 can make a series of problem be shown to client 105, if to confirm that his/her identity and client 105 are less than registration then to create number of the account.After verified his/her identity of client 105, equipment and client's relating module 266 created the number of the account vouchers and itself and secure personal storage device identification accorded with 280 related.Then can the number of the account voucher of being created be write resource object memory block 236.Therefore at operation 9 places, the number of the account voucher is written into resource object memory block 236.
When client 105 when security terminal 115A removes secure personal memory device 110, safe computing session stops.Safe computing session also can otherwise stop, and this will describe hereinafter in more detail.At operation 10 places, client 105 removes secure personal memory device 110 from security terminal 115A.Hardware security logic 270 guarantees that when secure personal memory device 110 was removed, the interim internal memory of security terminal 115A was for good and all wiped.Security logic 270 comprises that internal memory wipes electron device 278, and it is used for when the interim internal memory of secure personal memory device 110 for good and all being wiped security terminal 115 when security terminal 115 removes.For example, internal memory is wiped electron device 278 all values and is set to zero.In addition; In some embodiments; Hardware security logical one 70 contains jamming-proof electron device; If the equipment that makes disturbed (for example, security terminal 115 without approval and the situation of physically being opened etc.), interim internal memory is wiped electron device 278 and is wiped the internal memory of security terminal 115A and any key in the key memory block 275.
Fig. 3 is the exemplary portable personal secure network access system 100 according to an embodiment of the invention.The operation of Fig. 3 will be described with reference to the illustrative embodiments of figure 2.Yet, should be appreciated that, can realize the operation of Fig. 3 through embodiment different embodiment of the present invention and, and can carry out and the embodiment different operation of discussing with reference to figure 3 with reference to the embodiment that figure 2 discusses with reference to figure 2 discussion.
At frame 310 places, security terminal 115A power down (or can be in the dormant state as an alternative).Should be appreciated that, in this state, do not store customer data or client on the security terminal 115 and be provided with.Flow process moves to frame 315 from frame 310, and in frame 315, client 105 inserts security terminal 115A with secure personal memory device 110.The power circuit running that makes security terminal has been accomplished in the insertion of secure personal memory device 110, and this allows security terminal 115A energising, as indicated in frame 320.Control moves on to frame 325 from frame 320.
At frame 325 places, security terminal 115A begins initialize routine, and this initialize routine comprises its operating system of startup and beginning authenticated client module 242.For example, when inserting secure personal memory device 110, the firmware on the security terminal 115A is activated, and makes os starting and authentication module 242 begin.Should be appreciated that under not authentic situation, client 105 can not terminal 115 safe in utilization.Control moves on to frame 330 from frame 325.
At frame 330 places; Authentication module 242 confirms whether secure personal memory device 110 suitably is used for using at security terminal 115A (for example, whether encrypted volume 230 is created with encrypted volume 234 and their content) by format on secure personal memory device 110.In some embodiments, security terminal 115A admits blank memory device (for example, the memory device that is not designated the secure personal storer especially of sporadic purchase) and their formats is used in security terminal 115A with permission.In some embodiments, the client can buy the secure personal memory device of pre-formatting.If secure personal memory device 110 is by format correctly; Flow process moves to frame 340 so, otherwise flow process moves to frame 335, in frame 335; This equipment is formatd to be used for using (for example, creating encrypted volume 230 and encrypted volume 234 etc.) at security terminal 115.Flow process moves to frame 340 from frame 335.
At frame 340 places, next authentication module 242 confirms whether the bio-identification training is accomplished on secure personal memory device 110.For example, client's specific authentication data-carrier store 232 of authentication module 242 addressable secure personal memory devices 110 comes authentication client 105 to determine whether the bio-identification sample of having stored sufficient amount.In some embodiments, secure personal memory device 110 can comprise a plurality of different bio-identification sample type of being accepted by security terminal 115.For example, if in the library terminal 115 safe in utilization, then to replace the biometric authentication of language possibly be suitable to the biometric authentication of non-language.In some embodiments, client 105 can select between biometric authentication mechanism.If (at least for selected biometric authentication mechanism) is not accomplished in the bio-identification training, then flow process moves to frame 345, and in frame 345, authentication module 242 starts biometric authentication training application program; Otherwise flow process moves to frame 350, in frame 350, and the one or more bio-identification challenges of authentication module 242 beginnings.
Fig. 4 is the process flow diagram that illustrates according to the exemplary operation that is used for bio-identification training mechanism of an embodiment.The operation of Fig. 4 will be described about authentication module 242; Yet should be appreciated that the operation of Fig. 4 can be carried out by different module and/or the logic of security terminal 115A.
At frame 410 places, authentication module 242 receives selection from client 105 biometric authentication type with training (for example, voice, retina scanning, graphology analysis, fingerprint analysis etc.), and flow process moves to frame 415.It will of course be appreciated that in some embodiments, give client 105 type option in order to select biometric authentication to train.That is to say that in some embodiments, security terminal 115A need train to one or more biometric authentication types.In such embodiment, do not carry out the operation of frame 410.
At frame 425 places, authentication module 242 reads the bio-identification response from client 105 from the bio-identification inlet flow.Flow process moves to frame 430 subsequently, in frame 430, authentication module 242 based on this response creation numeral sample with related with challenge prompting.Then, flow process moves to frame 435, and in frame 435, operation 420-430 will repeat, up to the challenge sample of accomplishing requirement (if perhaps expecting then greater number).When the challenge sample of said quantity was accomplished, then flow process moved to frame 440, and in frame 440, authentication module 242 is created the bio-identification sample and it is stored in client's specific authentication data-carrier store 232 of secure personal memory device 110.Flow process moves to frame 445 from frame 440, and the bio-identification training is accomplished.
Should be appreciated that before allowing visit, security terminal 115A can require the biometric authentication of client 105 through number of different types.Under these circumstances, the client must accomplish the training that is used for multiple biometric authentication type.
In one embodiment; Basically be stored in client's specific authentication data-carrier store 232 of secure personal memory device 110 soon after a while at the bio-identification sample; Security terminal 115A removes its interim internal memory (for example, the internal memory of hardware security logical one 70 is wiped the volatile ram that electron device 278 is removed security terminal 115A).In any situation, client 105 bio-identification sample will for good and all not be stored on the security terminal 115A.
Return with reference to figure 3, at frame 350 places, authentication module 242 starts biometric authentication mechanism client 105 is carried out authentication.Fig. 5 is the process flow diagram that illustrates according to the exemplary operation that is used for biometric authentication mechanism of an embodiment.The operation of Fig. 5 will be described about authentication module 242; Yet, should be appreciated that the operation of Fig. 5 can be by different module and/or the logic realization of security terminal 115A.
At frame 510 places, authentication module 242 receives from the selection of client 105 biometric authentication type being used for authentication, and flow process moves to frame 515.Certainly, should be appreciated that, in some embodiments, give client 105 in order to the type of selecting biometric authentication to be used for the option of authentication purpose.That is to say that in some embodiments, before allowing visit, security terminal 115A requires one or more specific biometric authentication mechanism successfully to carry out.In such embodiment, do not carry out the operation of frame 510.
As indicated above, security terminal 115A can require client 105 through a plurality of bio-identification challenges (be used for single biometric authentication type or be used for a plurality of biometric authentication types) to obtain authentication.Therefore, at frame 515 places, to the bio-identification challenge of the required quantity of authentication, the circulation beginning.Flow process moves to frame 520 subsequently, in frame 520, and the bio-identification challenge (for example, randomly) that authentication module 242 is selected the selected or required biometric authentication type from client's specific authentication data-carrier store 232 of secure personal memory device 110.Flow process moves to frame 525 from frame 520, in frame 525, utilizes selected bio-identification challenge prompting client 105.Similar with the description about bio-identification training, the bio-identification challenge can be with the mode (for example, on the display of security terminal 115A) of vision and/or the mode of the sense of hearing (for example, through security terminal 115A loudspeaker) prompting.Flow process moves to frame 530 subsequently.
At frame 530 places, authentication module 242 reads the bio-identification response from client 105 from the bio-identification inlet flow.Flow process moves to frame 535 subsequently, and in frame 535, authentication module 242 confirms whether to be matched with basically from client 105 bio-identification response the bio-identification sample of storage in client's specific authentication data-carrier store 232 of secure personal memory device 110.If the bio-identification input is coupling basically, then client 105 moves to frame 545 through bio-identification challenge and flow process, and in frame 545, operation 520-535 repeats, up to the bio-identification challenge of client 105 through requirement.If client 105 is through the bio-identification challenge of requirement, then flow process moves to frame 550 and client 105 obtains authentication to use security terminal 115A.
Yet if client 105 is not through bio-identification challenge (the bio-identification input matches the bio-identification sample of storage basically), flow process moves to frame 540, in frame 540, adopts the action that substitutes.For example, can different bio-identification challenges be prompted to client 105.Yet, in some embodiments, before authentication module 242 confirms that clients 105 are not the owner/user of secure personal memory device 110, his the bio-identification challenge that can not pass through that client 105 has a limited quantity.Under these circumstances, security terminal 115A can cut off the power supply and make its internal memory to wipe immediately.
Therefore, should be clear, when inserting secure personal memory device 110, only trained the client of secure personal memory device 110 just can visit this memory device and can terminal 115A safe in utilization with the bio-identification mode.Therefore, if secure personal memory device 110 is lost or be stolen, the data that are stored on this equipment can not be read and can not in any security terminal, use.
Return with reference to figure 3, after client 105 was by authentication, flow process moved to frame 355, and in frame 355, security terminal 115 is created safe computing session, and this safe computing session allows resource and unsafe resource of client's 105 access securities.For example, client 105 can terminal 115A safe in utilization sends or retrieving electronic mail, writes document or other office associated documents, playing back music and/or video file, plays games etc.Should be noted that security terminal 115A can not store Any user data or other settings (for example, application program setting, preference etc.); These information requirements are stored on the external unit (for example, being content server under the situation of based on network application program, secure personal memory device 110, the memory device that other are removable etc.).
According to client 105 visited which type of resource (for example, safety, unsafe etc.), safe computing session can stand the different security rank.The different security rank limits also client 105 is current can to use for which type of service/application.For example, when computing session is in the highest level of security, the resource that client 1 05 can access security (for example, the internet site of safety) and unsafe resource.In contrast; When computing session is in minimum level of security; Client 105 can not access security resource (for example; The internet site of safety) and can not preserve any data that during this computing session, produce, restarted (it will be described with reference to figure 8 in more detail) up to computing session.
At first, the computing session of safety is set to the highest level of security, allows resource and unsafe resource of client's 105 access securities, and this is illustrated by frame 360.Flow process moves to frame 365 subsequently, and in frame 365, security terminal 115 is that client 105 shows some different resources options based on the current safety rank.These resource options can comprise local application, web application, security website, unsafe website etc.These options can be shown to the user through the terminal network browser 244 (or other application programs) of customization.
Figure 12 A-Figure 12 C illustrates and is used to the exemplary user interface that client 105 shows resource options.Although Figure 12 A-Figure 12 C illustrates the concrete manifestation of tab, should be appreciated that in different embodiment, resource options can be shown or present to client 105 in a different manner.Figure 12 A-Figure 12 C respectively comprises current safety level domain 1215, restarts computing session button 1220 and preservation and exit button 1225.The current safety rank of current safety level domain 1215 indication computing session.Restart computing session button 1220 and allow client 105 to restart computing session, it will be described with reference to figure 8 in more detail.Preservation and exit button 1225 allow clients 105 to be kept at the data (for example, being saved in secure personal memory device 110) that produce during the computing session.As will describe in more detail with reference to figure 6, if the current safety rank is not enough, then client 105 may not be saved in secure personal memory device 110 with data.
Figure 12 A illustrates local application tab 1210, and it shows one or more local applications of security terminal.In one embodiment, regardless of the current safety rank of computing session, each application program that shows on the local application tab 1210 can be used.
Figure 12 B illustrates secure network resource options card 1240, and it shows one or more safe Internet resources (for example, the internet site of safety).In one embodiment; Secure network resource options card 1240 (for example shows one group of one or more non-acquiescence secure network resource that customize to client 105; The Internet resources of safety) (for example; Client 105 possibly not have the one or more relevant number of the account with these secure network resources); Yet in other embodiment, tab 1240 shows one group of one or more secure network resource to clients' 105 concrete customizations (for example, wherein client 105 has those secure network resources of number of the account).For example, wherein title and/or the URL (URL) of client 105 with secure network resource of number of the account can be stored in the resource object memory block 236.These titles and/or link may be displayed in the secure network resource options card 1240.
Shown in Figure 12 B, secure network resource options card 1240 comprises security notice window 1245.When the level of security of computing session is not when being enough to visit the rank of the secure network resource that is shown, can show security notice window 1245.In one embodiment, in order to promote level of security, computing session must be restarted.Security notice window 1245 warning clients 105, the level of security that the resource requirement that is shown is high, and computing session must be restarted.The user can use and restart session button 1220 to restart session and/or to remove secure personal memory device 110 and begin verification process (for example, beginning at frame 315 places of Fig. 3) to restart session.
Figure 12 C illustrates unsafe Internet resources tab 1250, and its demonstration has the group of one or more unsafe Internet resources.When computing session level of security when being high, unsafe Internet resources tab 1250 can show warning, this warning indication use unsafe Internet resources of being shown any will cause level of security to reduce.
Be also to be understood that client 105 is not that a kind of resource in the resource that must from Figure 12 A-Figure 12 C, show is selected.For example, client 105 can get into the station address that in Figure 12 A-Figure 12 B, does not have demonstration.
Return with reference to figure 3, flow process moves to frame 370 from frame 365, and in frame 370, security terminal 115A receives the selection (this resource options must meet the current safety rank) from client 105 resource options.According to the current safety rank, selected resource options can be resource or unsafe resource of safety.Flow process moves to frame 375 subsequently, in frame 375, requires (if any) configuration security terminal 115 according to the session to selected resource options.
As indicated above, some resources can require to dispose some security terminal setting or other demands, as the condition precedent that connects.For example, company's e-mail resources can require to connect to the VPN (VPN) of company's e-mail server.Fig. 9 illustrates to come dynamically to dispose the process flow diagram of the exemplary operation of security terminal according to an embodiment based on resource requirement.The operation of Fig. 9 will be described about computing session interface control module 246; Yet, should be appreciated that the operation of Fig. 9 can be carried out through different module and/or the logic of security terminal 115A.
The operation of Fig. 9 starts from frame 910, and in frame 910, computing session interface control module 246 access resources object storage districts 236 are to read the resource object bag corresponding to selected resource.Flow process moves to frame 915 subsequently, and in frame 915, interface control module 246 confirms whether resource stipulates the particular network interface.For example, some resources can require to connect from the cellular data of specific cellular provider, and other resources can require Wi-Fi through particular network supplier to connect etc.If selected the particular network interface, then flow process moves to frame 920, and in frame 920, interface control module 246 is attempted to set up and be connected to required network and connected; Otherwise flow process moves to frame 925.Flow process moves to frame 930 from frame 920, in frame 930, confirms whether network interface connects successful.If success, then flow process moves to frame 925; Otherwise flow process moves to frame 935 and adopts the action (for example, the client is apprised of and can not visits selected resource) for choosing.
At frame 925 places, interface control module 246 confirms whether resource requires VPN or tunnel transmission.If then flow process moves to frame 945 not.If then flow process moves to frame 940, in frame 940, security terminal 115A attempts setting up VPN connection or tunnel transmission and flow process and moves to frame 950.At frame 950 places, confirm that VPN connects or whether other tunneling techniques are successful.If success, then flow process moves to frame 945, otherwise flow process moves to frame 955, in frame 955, adopts the action (for example, the client is apprised of, and connects or the tunnel because can not set up VPN, can not visit selected resource) for choosing.
At frame 945 places, interface control module 246 confirms whether resource stipulates other terminal configuration or setting (for example, fire wall setting, agency's setting, age requirement etc.).For example, as indicated above, the Resource Owner can be as requested surpasses certain age, is lower than certain age, in certain the range of age etc. and set up a web site (or other guide).If then flow process moves to frame 965 not.If then flow process moves to frame 960, in frame 960, interface control module 246 attempts said other settings of configuration and flow process moves to frame 970.For example, if the requirement of resource identification age, then session interface control module 246 access customer special delegated authority data storage areas 232 are to confirm whether it comprises the date of birth.In one embodiment, if the date of birth is not stored on the data storage area 232, client 105 can only visit general content.If client's date of birth, session interface control module 246 confirmed whether the client satisfies the age requirement on data storage area 232.At frame 970 places, confirm whether configuration is successful.If success, then flow process moves to frame 965, otherwise flow process moves to frame 935, in frame 935, takes the action (for example, the client is apprised of and can not visits selected resource) for choosing.
At frame 965 places, interface control module 246 confirms whether resource is used for local application (for example, media player, word processing program, email client etc.).If then flow process moves to frame 975, in frame 975, attempt this application program of loading and flow process and move to frame 985.If resource is not local application (for example, it is the website), then flow process moves to frame 980, and in frame 980, specific URL and flow process that the web browser 244 of security terminal customization was loaded and was directed to resource move to frame 985.At frame 985 places, confirm whether application program (perhaps local application or web browser 244) successfully loads.If this application program is not successfully loaded, then flow process moves to frame 955, in frame 955, adopts the action for choosing; Otherwise flow process moves to frame 990, and in frame 990, security terminal 115A begins to be connected to source resource.
Return with reference to figure 3, in frame 375, require to dispose after the security terminal 115A according to the session that is used for selected resource options, flow process moves to frame 380 subsequently, in frame 380, carries out selected resource options.The resource options of selecting can be the Internet resources of visiting through the web browser 244 of security terminal customization.
As indicated above, some contents and/or service supplier can provide secure content and/or security service through using the security system of describing among this paper.Fig. 6 illustrates the process flow diagram that visits the exemplary operation of Web content according to the portable personal secure network access system of use Fig. 1 of an embodiment.The operation of Fig. 6 will be described with reference to the illustrative embodiments of figure 2.Yet, should be appreciated that the operation of Fig. 6 can be through carrying out with the different embodiment of discussing with reference to figure 2 of the present invention of embodiment, and can carry out and the embodiment different operation of discussing with reference to figure 6 with reference to the embodiment that figure 2 discusses.
The operation of Fig. 6 starts from frame 610, and in frame 610, computing equipment is connected to content server (for example, content server 120A).Content server 120A confirms to be used for the type of the browser of said connection subsequently.Flow process moves to frame 612 subsequently, and in frame 612, content server 120A confirms that this connection is whether from the security terminal web browser of customization (and therefore from security terminal such as security terminal 115A).If then flow process moves to frame 614, otherwise flow process moves to frame 616, in frame 616, this computing equipment that is not security terminal is redirected to unsafe part of content server 120A.
At frame 614 places, content server 120A is to secure personal memory device 110 request secure personal storage device identification symbols 280.Security terminal 115A visits this identifier and sends it to content server 120A.Flow process moves to frame 618 subsequently, and in frame 618, content server 120 determines whether to have distributed number of the account voucher (for example, username and password or other authenticate keys) for secure personal storage device identification symbol 280.For example, authenticated client module 264 access customer number of the account vouchers 268 are to determine whether to exist the number of the account voucher to secure personal storage device identification symbol 280.In one embodiment, after client 105 terminal safe in utilization first was such as security terminal 115A accessed content server 120A, the number of the account voucher just can exist.If the number of the account voucher to identifier 280 is arranged, then flow process moves to frame 640; Otherwise flow process moves to frame 620.
At frame 620 places, content server 120 receives and shows that answer from client's safety questionnaire is to confirm client 1 05 identity.For example, safe questionnaire can comprise a series of personal questions, because the former business relations of client and content server 120, the personal question of said series is known (for example, grandmother's birth name, first pet etc.) by content server 120.Operation in the frame 620 also can relate to individual number of the account auxiliary (for example, with Customer Service Representative interaction).In case satisfy client identity authentication, then flow process moves to frame 622, in frame 622, confirms whether the client has right to access (for example, whether client 105 has content and/or service supplier's number of the account) to the resource of selecting.For example, authenticated client module 264 access customer numbers of the account 272 are to confirm whether client 1 05 has right to access.If the client does not have right to access, then flow process moves to frame 624, and in frame 624, it is auxiliary to carry out number of the account.For example, the client is provided the option of register account number etc.If the client has right to access, then flow process moves to frame 626.
At frame 626 places, content server 120A creates the number of the account voucher to secure personal storage device identification symbol 280.In one embodiment, client 105 will understand the content of number of the account voucher never.The number of the account voucher can be username and password or other unique authenticate keys.Flow process moves to frame 628 from frame 626, and in frame 628, the number of the account voucher of establishment is stored in content server 120A and goes up (for example, in customer accounting code voucher 268).As the part of the number of the account voucher of storage creation, said number of the account voucher and secure personal storage device identification are accorded with 280 related.Flow process moves to frame 630 from frame 628.
At frame 630 places, the number of the account voucher of creating is write secure personal memory device 110 (for example, in the resource object memory block 236).Therefore; When client 105 personal memory device 110 safe in utilization next time passes through security terminal accessed content server 120A, content server 120A will retrieve the number of the account voucher that is produced and automatically make client 105 get into his/her number of the account (need not further user interaction usually) from secure personal memory device 110.Therefore; Replace username and password and/or Personal Identification Number (PIN); When visit needs the Web content of access registrar (the hypothetical network content is safe and is the part of portable personal secure network access system), the client can personal memory device 110 safe in utilization simply.Therefore, when the secure personal memory device 110 in the use portable personal secure network access system, client 105 need not worry to forget user name, password etc.Flow process moves to frame 632 from frame 630, and in frame 632, security terminal 115A reinitializes the network connection and flow process turns back to frame 610.
Return reference block 640 (content server 120A has identified the number of the account voucher to secure personal storage device identification symbol 280); Content server 120A receives the number of the account voucher (for example, being stored in the resource object memory block 236) from secure personal memory device 110 to security terminal 115A request number of the account voucher and from security terminal 115.Flow process moves to frame 642 subsequently; In frame 642; Content server 120A (for example, authentication module 264) confirms whether to be matched with from the number of the account voucher of secure personal memory device 110 the number of the account voucher (for example, being stored in the customer accounting code voucher 268) of server 120A.If said credential match, then flow process moves to frame 648, and in frame 648, client 105 is by authentication and be eliminated the number of the account visit.Content server 120A can automatically make client 105 get into his/her number of the account.
If said voucher does not match, then flow process moves to frame 644, and in frame 644, server 120A order security terminal 115A deletion is from those number of the account vouchers (they are subsequently by deletion) of resource object memory block 236.Flow process moves to frame 646 subsequently, in frame 646, server 120A deletion from the number of the account voucher of customer accounting code voucher memory block 268 and said number of the account voucher and secure personal storage device identification accord with 280 related.Flow process moves to frame 650 subsequently, and in frame 650, client 105 is apprised of, and the number of the account voucher is invalid and secure personal memory device 110 possibly have problems or they maybe be stolen in the number of the account at content server 120A place.
Return with reference to figure 3, certain time after the selected resource options in frame 380 begins to carry out, flow process moves to frame 385, in frame 385, level of security is adjusted to current resource class (if necessary).For example, if level of security is in highest level (allowing the resource access of unsafe resource access and safety) and performed resource is in lower rank, then level of security will be adjusted to this lower rank.In some embodiments, level of security can not improve, till computing session is restarted.Flow process moves to frame 390 from frame 385, in frame 390, prevent need higher level of security option visited.For example, in the exemplary user interface of Figure 12 A-Figure 12 C, those options can become ash and maybe can not select or not show.Flow process is moved back into frame 365 from frame 390.
In one embodiment, through after a while and after client 105 do not interact with security terminal 115A, security terminal 115A can be locked or get into park mode, under these circumstances, the authentication that is used for client 105 is expired.Therefore, in order to reuse security terminal 115A, client 105 must authorize security terminal 115A once more.Therefore, if overtime generation of authentication or security terminal 115 get into park mode, as in Fig. 3, indicating through frame 395, if client 105 wants to security terminal 115 authentication once more, then control moves on to frame 330.
Client 105 can remove secure personal memory device 110 from security terminal 115A in any moment during operation.As indicated above, this interim internal memory that will cause safe computing session to stop (if having safe computing session) and security terminal 115A is eliminated, and makes the vestige of the data related with client 105 not be retained on the security terminal 115A.In some cases, client 105 also can select to restart safe computing session and not remove secure personal memory device 110 (for example, the current safety rank prevents to visit required Internet resources, and the authentication of generation is overtime, etc.).
Fig. 8 is the process flow diagram of exemplary operation that is used to stop safe computing session that illustrates according to an embodiment of the invention.The operation of Fig. 8 will be described with reference to the illustrative embodiments of figure 2.Yet, should be appreciated that the operation of Fig. 8 can be carried out with the embodiment different embodiment of discussing with reference to figure 2 through of the present invention, and can carry out and the embodiment different operation of discussing with reference to figure 8 with reference to the embodiment that figure 2 discusses.
At frame 810 places, on security terminal 115A, detect session and stop action event.This can be that session of starting of client stops session that action event (for example, client 105 possibly want to restart session) or security terminal 115A start and stops incident (for example, taken place authentication overtime).Flow process moves to frame 820 from frame 810.In frame 815, client 105A (or other users) removes secure personal memory device 110 from security terminal 115A.Flow process also moves to frame 820 from frame 815.
At frame 820 places, make the safe terminal system internal memory (for example, RAM) become blank, make the vestige of the data related not have reservation maybe can't retrieve with client 105A through electron device.For example, internal memory is wiped electron device 278 and is set to the zero safe terminal system internal memory of for good and all wiping through all values.Flow process moves to frame 830 from frame 820, in frame 830, confirms that secure personal memory device 110 is whether in security terminal 115A.If then flow process is moved back into the frame 325 of Fig. 3, in frame 325, beginning authentication module 242 is to allow client 105 to security terminal 115A authentication again.If secure personal memory device 110 is not in security terminal 115A, then flow process moves to frame 835, in frame 835, and the terminal outage.
During computing session, can produce data.For example, client 105 can create document, preserve bookmark etc.As indicated above, if the current safety rank allows, then these data can be saved to (for example, in the storage of subscriber data district 238) on the secure personal memory device 110.For example; If client 105 (for example browses unsafe Internet resources; The website of trusted not); Then allowing client 105 that data storage can be had risk (for example, if data comprise virus, Malware or other malicious data) to a certain degree to his/her secure personal memory device 110.Therefore, in one embodiment, only if the current safety rank allows to write, otherwise security terminal 115A prevents to write to personal memory device 110.In some embodiments, in the arbitrary moment during computing session, client 105 can attempt data are saved in secure personal memory device 110.
Fig. 7 is the process flow diagram that deal with data is preserved the exemplary operation of request that is used for that illustrates according to an embodiment of the invention.The operation of Fig. 7 will be described with reference to the illustrative embodiments of figure 2.Yet, should be appreciated that the operation of Fig. 7 can be carried out with the embodiment different embodiment of discussing with reference to figure 2 through of the present invention, and can carry out and the embodiment different operation of discussing with reference to figure 7 with reference to the embodiment that figure 2 discusses.
At frame 710 places, on security terminal 115A, detect session and preserve action event.In one embodiment, only the client can start the preservation incident, and in other embodiment, security terminal 115A can start preservation incident (for example, when writing the number of the account voucher in the secure personal memory device 110).Flow process moves to frame 720 from frame 710, in frame 720, confirms whether the current safety rank allows to be saved in secure personal memory device 110.As indicated above, some level of securitys possibly not allow to write to secure personal memory device 110.If allow to preserve, then flow process moves to frame 730, and in frame 730, session data is saved to secure personal memory device 110 (for example, in storage of subscriber data district 238).If do not allow to preserve, then flow process moves to frame 740, in frame 740, adopts the action (for example, client 105 is apprised of, because of the current safety rank can not be preserved data) for choosing.
Figure 10 illustrates the process flow diagram of client 105 at the exemplary operation that is used for selecting between a plurality of network interfaces of a plurality of Internet service providers.For example, client 105 can have the number of the account that is used for a plurality of wireless service providers.This is especially common for the tourist.Operation starts from frame 1010 places, and in frame 1010, security terminal 115A retrieves the Network Provider that client 105 orders from secure personal memory device 110.For example, the tabulation of available Network Provider can be stored in the resource object memory block 236.Flow process moves to frame 1020 subsequently, and in frame 1020, security terminal 115A is to available its network interface of operator's signal scanning.Security terminal 115A also is shown to client 105 with the tabulation of network interface.Flow process moves to frame 1030 subsequently, and in frame 1030, security terminal 115A receives the selection for an operator in the operator of said available order from client 105.Then, flow process moves to frame 1040, and in frame 1040, security terminal 115A is to its configuration of configuration file change of selected operator.Flow process moves to frame 1050 from frame 1040.
At frame 1050 places, client's voucher that security terminal 115A is used for this operator is connected to the selected network interface to this operator.Client's voucher is stored in the resource object memory block 236.Flow process moves to frame 1060 subsequently, and in frame 1060, security terminal 115A upgrades and comprises the overtime computing session preference of session locking.For example, various network supplier (with the various network interface) other computing session preferences that can have different session locking timers and describe with reference to Fig. 9 like preceding text.After the computing session preference was updated, flow process moved to frame 1070, in frame 1070, started telephony application (or other application programs of the network of use operator).
Therefore, embodiment of the present invention allow the client between wireless service provider, dynamically switch and need not be used for each wireless service provider independently hardware device, block such as different SIM (user identity identification).
Figure 11 illustrates the process flow diagram that the exemplary operation of resource requirement is provided according to the Resource Owner of an embodiment of the invention.The operation of Figure 11 will be described with reference to the illustrative embodiments of Fig. 2.Yet, should be appreciated that, the operation of Figure 11 can through of the present invention with carry out with reference to embodiment different embodiment that Fig. 2 discussed, and can carry out and the embodiment different operation of discussing with reference to Figure 11 with reference to the embodiment that Fig. 2 discussed.
The operation of Figure 11 starts from frame 1110, and in frame 1110, the Resource Owner is provided for the secure configuration file system preference of their network, if desired the words of safe transmission then the secure configuration file system preference comprise the PKI key.In one embodiment, the secure configuration file system preference comprises local application of checking and approving and the VPN client application of security terminal 115A that can the possessory network of access resources.The secure configuration file system preference can be represented with the folder structure of layering.Flow process moves to frame 1115 from frame 1110, in frame 1115, demonstrates a large amount of options and the input domain that is used for the configuration of resource particular safety terminal session for the Resource Owner.For example, one or more during option and input domain can comprise that VPN is provided with, the agency is provided with, fire wall is provided with etc.Flow process moves to frame 1120 from frame 1115.At frame 1120 places, present a large amount of options and the input domain that is used for client sessions demand (for example, session timer, verify that timer, age confirm etc. again) for the Resource Owner.
After selecting terminal configuration demand and authenticated client demand, flow process moves to frame 1125, and in frame 1125, the Resource Owner starts the object bag to be transferred to secure personal memory device 110.Flow process moves to frame 1130 from frame 1125, and in frame 1130, the compression of creating configuration documentation and supporting documentation is filed.Should be appreciated that in some embodiments, compression is optional.Flow process moves to frame 1135 from frame 1130, in frame 1135, but confirms whether resource is the resource of public visit.But if not the resource of public visit, then flow process moves to frame 1140, in frame 1140, file with the private PKI secret key encryption of server, and this file attaches its public PKI voucher is arranged.If but it is the resource of public visit, then flow process moves to frame 1145, in frame 1145, with the private PKI secret key encryption file (security terminal 115A has public PKI voucher) of server.Flow process moves to frame 1150 from frame 1140 and frame 1145, in frame 1150, encapsulates and places on the registrar to distribute to secure personal memory device 110 together with number of the account voucher as indicated above.
Figure 13 is the block diagram that the exemplary computer system that can in embodiments more of the present invention, use is shown.For example, the exemplary architecture of computer system 1300 can be included among the security terminal 115A.Should be appreciated that although Figure 13 illustrates the various parts of computer system, purpose is not any concrete framework or the mode that representative makes component interconnect, this is because such details and relation of the present invention are little.Should be appreciated that to have less parts or also can use with the present invention than other computer systems of multi-part.
As shown in Figure 13; Computer system 1300 is data handling systems of a kind of form; It comprises bus 1350; Bus 1350 connects with disposal system 1320, power supply 1325, storer 1330 and nonvolatile memory 1340 (for example, hard disk drive, flash memories and phase transition storage (PCM) etc.).Bus 1350 can be passed through various bridgewares as known in the art, controller and/or adapter and connect mutually.Disposal system 1320 can be from storer 1330 and/or nonvolatile memory 1340 search instructions, and carry out these instructions to carry out operation as indicated above.Bus 1350 with above-mentioned component interconnect to together and (for example with these component interconnects to optional docking station (dock) 1360, display controller & display device 1370, input-output apparatus 1080; NIC (NIC), cursor (are for example controlled; Mouse, touch-screen and touch pad etc.), keyboard etc.), removable secure personal memory device 1385 (for example; Secure personal memory device 110) and optional wireless transceiver 1090 (for example, bluetooth, WiFi and infrared etc.).
Can use at one or more electronic equipments (for example, security terminal and content server etc.) and go up storage and the code of carrying out and the data technology shown in realizing scheming.Such electronic equipment use machine-readable media storage and transmission (internal transmission and/or through network and with other electronic equipment) code and data; Machine-readable media such as machine-readable storage medium (for example; Disk, CD, RAS, ROM (read-only memory), flash memory device, phase transition storage) and machine-readable transmission medium (for example, electricity, light, sound or other forms of Chuan broadcast Xin – such as carrier wave, infrared signal, digital signal etc.).In addition; Such electronic equipment generally includes one group of one or more processor that are connected to one or more miscellaneous parts; Said one or more miscellaneous part such as one or more memory devices, user's input-output apparatus (for example, keyboard, touch-screen and/or display) and network connect.The connection of this group processor and miscellaneous part is usually through one or more buses and bridgeware (also being called as bus controller).Memory device is represented one or more machine-readable storage mediums and machine-readable transmission medium respectively with the signal that carries Internet traffic.Therefore, the memory device of given electronic equipment usually storage be used for code and/or the data on the group of one or more processors of this electronic equipment, carried out.Certainly, can use the different combinations of software, firmware and/or hardware to realize a part or a plurality of parts of embodiment of the present invention.
Although described embodiment of the present invention about authenticated with the security terminal and the secure personal memory device that are used for access to netwoks, embodiment is not limited to this.The purposes of security terminal personal memory device authenticated safe in utilization can provide authentication and/or for the user provide secure access with: use equipment or machine, access hardware, access websites, accesses network, open the door or get into the room, use ATM, be engaged in transaction, visit digital media content safe in utilization (film, music etc.) also.
In some embodiments, the secure personal memory device comprises resource object, and this resource object allows the secure personal memory device to serve as electoral register card, driving license, ticket (for example, the ticket of athletic meeting or performance), transactional cards (for example, banking) etc.
For the example of use that the system of describing among this paper is described, film workshop can have the secure site on the interface shown in Figure 12.This operating room can list all Film Title and the film price that they are just selling.The operating room can promptly, newly issue film, risk and comedy etc. to their separated film.The operating room can have trailer and comment on their website.The registrable amusement number of the account of security terminal user (for example, the client 105), and username and password will be stored on their the secure personal memory device.This number of the account will allow the user to preserve the tabulation (movie library) of all films of being bought.Subsequently this user can from they movie library with any movie download to their secure personal memory device and each film watch how many times all right.Can directly on another display, watch film on this security terminal or through docking station 1360.
Although the process flow diagram in the accompanying drawing illustrates the particular order of the performed operation of embodiments more of the present invention; Yet should be appreciated that; Such order is exemplary (for example, can carry out with different orders for the embodiment of choosing, with certain several operative combination, repeat certain several operation etc.).
Although describe the present invention according to some embodiments, those skilled in the art will appreciate that to the invention is not restricted to described embodiment, in the spirit and scope of appended claim, can have change and modification and come embodiment of the present invention.Therefore, this instructions is regarded as illustrative rather than restrictive.
Claims (2)
1. method that is used for the authentication client with the accessed content server said method comprising the steps of:
Be based on canned data in the secure personal memory device that belongs to said client, with the said client of bio-identification mode authentication, wherein, after success identity, said client is allowed to visit said security terminal to security terminal; And
Based on send by said content server and be stored in the number of the account voucher on the said secure personal memory device, to the said client of said content server authentication.
2. system comprises:
Secure personal memory device, said secure personal memory device comprise the access credentials that biometric authentication information and a plurality of secrets that are used for a plurality of Internet resources are sent; And
Security terminal; Said security terminal only is applicable to and when said secure personal memory device is inserted in the said security terminal, just operates; Wherein, Said security terminal uses said biometric authentication information to come authentication to have the client of said secure personal memory device, and can come the said client of authentication to visit said a plurality of Internet resources based on the access credentials that said a plurality of secrets are sent.
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| PCT/US2010/000140 WO2010085335A1 (en) | 2009-01-20 | 2010-01-20 | Personal portable secured network access system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102822835A true CN102822835A (en) | 2012-12-12 |
| CN102822835B CN102822835B (en) | 2016-04-06 |
Family
ID=46642680
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201080065633.0A Expired - Fee Related CN102822835B (en) | 2010-01-20 | 2010-01-20 | Portable personal secure network access system |
Country Status (4)
| Country | Link |
|---|---|
| JP (1) | JP5730907B2 (en) |
| KR (1) | KR101696571B1 (en) |
| CN (1) | CN102822835B (en) |
| AU (1) | AU2010207022B2 (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105490884A (en) * | 2015-12-14 | 2016-04-13 | 迈普通信技术股份有限公司 | VXLAN tunnel detection method and apparatus |
| CN106778188A (en) * | 2017-03-17 | 2017-05-31 | 马鞍山景翔电子科技有限公司 | A kind of ciphering type hard-disk cartridge |
| CN107979571A (en) * | 2016-10-25 | 2018-05-01 | 中国移动通信有限公司研究院 | A kind of file uses processing method, terminal and server |
| CN108038367A (en) * | 2017-12-07 | 2018-05-15 | 上海摩软通讯技术有限公司 | The control method and system of the rights management of user equipment |
| CN108460261A (en) * | 2017-01-03 | 2018-08-28 | 三星电子株式会社 | Method for managing content and its electronic equipment |
| CN110352411A (en) * | 2017-03-20 | 2019-10-18 | 华为技术有限公司 | Method and apparatus for controlling the access to safe computing resource |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11792188B2 (en) * | 2020-08-05 | 2023-10-17 | Bank Of America Corporation | Application for confirming multi-person authentication |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1567327A (en) * | 2003-09-19 | 2005-01-19 | 深圳发展银行 | Credit card data processing method based on cryptogram |
| CN1777193A (en) * | 2004-11-17 | 2006-05-24 | 松下电器产业株式会社 | Ip terminal apparatus and IP communication method |
| US20070136604A1 (en) * | 2005-12-06 | 2007-06-14 | Motorola, Inc. | Method and system for managing secure access to data in a network |
| US20080282334A1 (en) * | 2005-03-07 | 2008-11-13 | Chemla Yves | Security Device, Method and System For Financial Transactions, Based on the Identification of an Individual Using a Biometric Profile and a Smart Card |
Family Cites Families (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPH09251331A (en) * | 1996-03-18 | 1997-09-22 | Hitachi Ltd | Automatic log-in/log-out computer system |
| JPH11154137A (en) * | 1997-11-20 | 1999-06-08 | Hitachi Ltd | Individual work environment setting system |
| JP3658189B2 (en) * | 1998-04-20 | 2005-06-08 | システムニーズ株式会社 | Method of preventing impersonation in computer apparatus |
| JP3998923B2 (en) * | 2001-06-08 | 2007-10-31 | システムニーズ株式会社 | User authentication type VLAN |
| JP2005085080A (en) * | 2003-09-10 | 2005-03-31 | Matsushita Electric Ind Co Ltd | Data-recording device |
| JP2005149453A (en) * | 2003-11-19 | 2005-06-09 | Tsuguo Niihama | Computer system |
| JP2005165966A (en) * | 2003-12-05 | 2005-06-23 | Nec Corp | Communication terminal, authentication method and system of communication terminal |
| JP2005301500A (en) * | 2004-04-08 | 2005-10-27 | Fujitsu Ltd | Information processor |
| JP4969093B2 (en) * | 2005-12-08 | 2012-07-04 | 株式会社リコー | Ticket protection method and client |
| JP4634924B2 (en) * | 2005-12-16 | 2011-02-16 | 株式会社日立情報制御ソリューションズ | Authentication method, authentication program, authentication system, and memory card |
| JP2008046679A (en) * | 2006-08-10 | 2008-02-28 | Hitachi Information & Control Solutions Ltd | Internet service providing system, portable storage medium and communication terminal |
| US7979054B2 (en) * | 2006-10-19 | 2011-07-12 | Qualcomm Incorporated | System and method for authenticating remote server access |
| JP5107771B2 (en) * | 2008-03-28 | 2012-12-26 | 美和ロック株式会社 | Integrated reader / writer and personal authentication system |
| KR101094577B1 (en) * | 2009-02-27 | 2011-12-19 | 주식회사 케이티 | Method for User Terminal Authentication of Interface Server and Interface Server and User Terminal thereof |
-
2010
- 2010-01-20 CN CN201080065633.0A patent/CN102822835B/en not_active Expired - Fee Related
- 2010-01-20 JP JP2012549974A patent/JP5730907B2/en not_active Expired - Fee Related
- 2010-01-20 KR KR1020157031028A patent/KR101696571B1/en active IP Right Grant
- 2010-01-20 AU AU2010207022A patent/AU2010207022B2/en not_active Ceased
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1567327A (en) * | 2003-09-19 | 2005-01-19 | 深圳发展银行 | Credit card data processing method based on cryptogram |
| CN1777193A (en) * | 2004-11-17 | 2006-05-24 | 松下电器产业株式会社 | Ip terminal apparatus and IP communication method |
| US20080282334A1 (en) * | 2005-03-07 | 2008-11-13 | Chemla Yves | Security Device, Method and System For Financial Transactions, Based on the Identification of an Individual Using a Biometric Profile and a Smart Card |
| US20070136604A1 (en) * | 2005-12-06 | 2007-06-14 | Motorola, Inc. | Method and system for managing secure access to data in a network |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105490884A (en) * | 2015-12-14 | 2016-04-13 | 迈普通信技术股份有限公司 | VXLAN tunnel detection method and apparatus |
| CN105490884B (en) * | 2015-12-14 | 2019-04-02 | 迈普通信技术股份有限公司 | A kind of VXLAN tunnel detection method and device |
| CN107979571A (en) * | 2016-10-25 | 2018-05-01 | 中国移动通信有限公司研究院 | A kind of file uses processing method, terminal and server |
| CN108460261A (en) * | 2017-01-03 | 2018-08-28 | 三星电子株式会社 | Method for managing content and its electronic equipment |
| CN108460261B (en) * | 2017-01-03 | 2023-01-10 | 三星电子株式会社 | Method for managing content and electronic device thereof |
| CN106778188A (en) * | 2017-03-17 | 2017-05-31 | 马鞍山景翔电子科技有限公司 | A kind of ciphering type hard-disk cartridge |
| CN110352411A (en) * | 2017-03-20 | 2019-10-18 | 华为技术有限公司 | Method and apparatus for controlling the access to safe computing resource |
| CN108038367A (en) * | 2017-12-07 | 2018-05-15 | 上海摩软通讯技术有限公司 | The control method and system of the rights management of user equipment |
| CN108038367B (en) * | 2017-12-07 | 2021-02-26 | 上海摩软通讯技术有限公司 | Method and system for controlling authority management of user equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| AU2010207022B2 (en) | 2015-12-03 |
| JP5730907B2 (en) | 2015-06-10 |
| JP2013517584A (en) | 2013-05-16 |
| KR101696571B1 (en) | 2017-01-13 |
| AU2010207022A1 (en) | 2012-08-16 |
| KR20150125019A (en) | 2015-11-06 |
| CN102822835B (en) | 2016-04-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101574838B1 (en) | Personal portable secured network access system | |
| TW518489B (en) | Data processing system for application to access by accreditation | |
| CN101258507B (en) | Mass storage device with automated credentials loading | |
| US20110185181A1 (en) | Network authentication method and device for implementing the same | |
| US9667626B2 (en) | Network authentication method and device for implementing the same | |
| KR100548638B1 (en) | Creating and authenticating one time password using smartcard and the smartcard therefor | |
| CN102822835B (en) | Portable personal secure network access system | |
| CN102301642A (en) | secure transaction authentication | |
| KR101125088B1 (en) | System and Method for Authenticating User, Server for Authenticating User and Recording Medium | |
| US20080148040A1 (en) | Secure identity and personal information storage and transfer | |
| EP3579595B1 (en) | Improved system and method for internet access age-verification | |
| WO2005117527A2 (en) | An electronic device to secure authentication to the owner and methods of implementing a global system for highly secured authentication | |
| GB2377523A (en) | User identity verification system | |
| Fumy et al. | Handbook of EID Security: Concepts, Practical Experiences, Technologies | |
| EP2051469A1 (en) | Delegation of authentication | |
| KR101171235B1 (en) | Method for Operating Certificate | |
| TWM618726U (en) | System for verifying identity on different devices based on certificates and verification data | |
| US20240070662A1 (en) | Non-fungible token document platform | |
| US20240020355A1 (en) | Non-fungible token authentication | |
| CA2613899C (en) | Secure identity and personal information storage and transfer | |
| KR20070076576A (en) | Processing method for approving payment | |
| TW200536337A (en) | Method of user authentication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C53 | Correction of patent of invention or patent application | ||
| CB02 | Change of applicant information |
Address after: Delaware Applicant after: AUTHENTICATION HOLDINGS LLC Address before: Delaware Applicant before: AUTHENTICATION HOLDINGS LLC Address after: Delaware Applicant after: AUTHENTICATION HOLDINGS LLC Address before: California, USA Applicant before: AUTHENTICATION HOLDINGS LLC |
|
| COR | Change of bibliographic data |
Free format text: CORRECT: APPLICANT; FROM: BEYOND ACCESS INC. TO: CERTIFICATION HOLDING CO., LTD. |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20160406 Termination date: 20220120 |