JP6792647B2 - 監査能力を備えた仮想スマートカード - Google Patents

監査能力を備えた仮想スマートカード Download PDF

Info

Publication number
JP6792647B2
JP6792647B2 JP2018563664A JP2018563664A JP6792647B2 JP 6792647 B2 JP6792647 B2 JP 6792647B2 JP 2018563664 A JP2018563664 A JP 2018563664A JP 2018563664 A JP2018563664 A JP 2018563664A JP 6792647 B2 JP6792647 B2 JP 6792647B2
Authority
JP
Japan
Prior art keywords
vss
user
smart card
virtual smart
level agent
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
JP2018563664A
Other languages
English (en)
Japanese (ja)
Other versions
JP2019525519A (ja
JP2019525519A5 (https=
Inventor
ロイド デイビッド
ロイド デイビッド
イネス アンドリュー
イネス アンドリュー
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Citrix Systems Inc
Original Assignee
Citrix Systems Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Citrix Systems Inc filed Critical Citrix Systems Inc
Publication of JP2019525519A publication Critical patent/JP2019525519A/ja
Publication of JP2019525519A5 publication Critical patent/JP2019525519A5/ja
Application granted granted Critical
Publication of JP6792647B2 publication Critical patent/JP6792647B2/ja
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/351Virtual cards
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Computing Systems (AREA)
  • Finance (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
JP2018563664A 2016-06-29 2017-04-14 監査能力を備えた仮想スマートカード Expired - Fee Related JP6792647B2 (ja)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US15/196,702 US9973498B2 (en) 2016-06-29 2016-06-29 Virtual smart cards with audit capability
US15/196,702 2016-06-29
PCT/US2017/027620 WO2018004784A1 (en) 2016-06-29 2017-04-14 Virtual smart cards with audit capability

Publications (3)

Publication Number Publication Date
JP2019525519A JP2019525519A (ja) 2019-09-05
JP2019525519A5 JP2019525519A5 (https=) 2020-04-16
JP6792647B2 true JP6792647B2 (ja) 2020-11-25

Family

ID=59227814

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2018563664A Expired - Fee Related JP6792647B2 (ja) 2016-06-29 2017-04-14 監査能力を備えた仮想スマートカード

Country Status (5)

Country Link
US (1) US9973498B2 (https=)
EP (1) EP3455769B1 (https=)
JP (1) JP6792647B2 (https=)
CN (1) CN109313681B (https=)
WO (1) WO2018004784A1 (https=)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3573001A1 (en) * 2018-05-24 2019-11-27 Gemalto Sa Method and system for implementing a virtual smart card service
CN111143850B (zh) * 2019-11-22 2022-03-04 航天恒星科技有限公司 一种卫星数据分布式虚拟化存储的安全防护系统和方法
US11100379B1 (en) * 2020-04-03 2021-08-24 Sentrycard Technologies, Inc. Multi-purpose smart card with user trusted bond
US12495055B2 (en) * 2023-02-27 2025-12-09 Dell Products L.P. Non-anonymized privacy preserving global and local anomaly detection in distributed systems

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000221881A (ja) * 1999-02-01 2000-08-11 Nec Corp 電子署名端末装置、電子署名管理装置および電子署名システム
US7085931B1 (en) * 1999-09-03 2006-08-01 Secure Computing Corporation Virtual smart card system and method
WO2001093212A2 (en) 2000-05-30 2001-12-06 Pointsec Mobile Technologies, Inc. Apparatus and methods for using a virtual smart card
US20020031230A1 (en) * 2000-08-15 2002-03-14 Sweet William B. Method and apparatus for a web-based application service model for security management
US7210037B2 (en) * 2000-12-15 2007-04-24 Oracle International Corp. Method and apparatus for delegating digital signatures to a signature server
US20020184507A1 (en) * 2001-05-31 2002-12-05 Proact Technologies Corp. Centralized single sign-on method and system for a client-server environment
US7299292B2 (en) * 2002-03-29 2007-11-20 Widevine Technologies, Inc. Process and streaming server for encrypting a data stream to a virtual smart card client system
RU2376629C2 (ru) * 2003-06-19 2009-12-20 Квэлкомм Инкорпорейтед Устройство и способ для многофункционального устройства аутентификации
KR101298562B1 (ko) * 2004-07-23 2013-08-22 데이터 시큐어리티 시스템즈 솔루션스 피티이 엘티디 일회용 사설키를 사용하여 디지털 서명을 구현하기 위한시스템 및 방법
US20090037729A1 (en) * 2007-08-03 2009-02-05 Lawrence Smith Authentication factors with public-key infrastructure
CN101420299B (zh) * 2008-11-28 2010-09-01 北京飞天诚信科技有限公司 提高智能密钥设备稳定性的方法和智能密钥设备
AU2011261152B2 (en) 2010-06-02 2015-06-18 Idondemand, Inc. Method and system for providing continued access to authentication and encryption services
JP2013192125A (ja) * 2012-03-15 2013-09-26 Hitachi Ltd 電子署名システム、電子署名や追記の方法
CN103366111B (zh) * 2013-07-10 2016-02-24 公安部第三研究所 移动设备上基于二维码实现智能卡扩展认证控制的方法

Also Published As

Publication number Publication date
JP2019525519A (ja) 2019-09-05
WO2018004784A1 (en) 2018-01-04
EP3455769A1 (en) 2019-03-20
US9973498B2 (en) 2018-05-15
CN109313681B (zh) 2022-03-18
US20180007039A1 (en) 2018-01-04
EP3455769B1 (en) 2020-05-27
CN109313681A (zh) 2019-02-05

Similar Documents

Publication Publication Date Title
US10855674B1 (en) Pre-boot network-based authentication
US10922401B2 (en) Delegated authorization with multi-factor authentication
US8997196B2 (en) Flexible end-point compliance and strong authentication for distributed hybrid enterprises
Grosse et al. Authentication at scale
CN106537403B (zh) 用于从多个装置访问数据的系统
KR101534890B1 (ko) 신뢰된 장치별 인증
US9613205B2 (en) Alternate authentication
CN113316783A (zh) 使用活动目录和一次性口令令牌组合的双因素身份认证
CN101258507B (zh) 具有自动化证书装载的大容量存储装置
US11356261B2 (en) Apparatus and methods for secure access to remote content
KR20040049272A (ko) 네트워크 위치의 하위 위치에 대한 사용자의 인증을 위한방법 및 시스템
TW201248526A (en) Dynamic platform reconfiguration by multi-tenant service providers
US20250358280A1 (en) Techniques for mapping a smart card to multiple user personas
US20150180849A1 (en) Mobile token
US12101408B2 (en) Distribution of one-time passwords for multi-factor authentication via blockchain
JP6792647B2 (ja) 監査能力を備えた仮想スマートカード
US20250330323A1 (en) Techniques for binding tokens to a device and collecting device posture signals
KR101545897B1 (ko) 주기적인 스마트카드 인증을 통한 서버 접근 통제 시스템
US20090327704A1 (en) Strong authentication to a network
US20250119275A1 (en) Authentication tunneling mechanisms for remote connections
US12301720B2 (en) Computing systems and methods for protecting application programming interfaces with two-factor authentication
US20260113181A1 (en) Secure Access to Applications by Support User Accounts
US20260113194A1 (en) Secure Access to Applications by Support User Accounts
KR101068768B1 (ko) 작업승인 기반 보안 커널의 접근통제 방법
CN112970017A (zh) 设备到云存储的安全链接

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20200306

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20200306

A871 Explanation of circumstances concerning accelerated examination

Free format text: JAPANESE INTERMEDIATE CODE: A871

Effective date: 20200306

A975 Report on accelerated examination

Free format text: JAPANESE INTERMEDIATE CODE: A971005

Effective date: 20200401

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20200609

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20200721

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20201002

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20201013

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20201106

R150 Certificate of patent or registration of utility model

Ref document number: 6792647

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150

LAPS Cancellation because of no payment of annual fees