TW200826602A - Memory device for cryptographic operations and method for interacting therewith - Google Patents

Abstract

A memory device for cryptographic operations and method for interacting therewith is provided. In one provided method, a cryptographic communication application is registered to be associated with a protocol type in a web browser. A message encapsulated in the protocol type from the web browser is received and thereafter transmitted to the memory device. Here, the message is associated with a cryptographic operation. One provided memory device includes a memory configured to store a cryptographic communication application, and the cryptographic communication application is configured to be associated with a web browser. The cryptographic communication application comprises computer instructions for receiving a message encapsulated in a protocol type from the web browser and transmitting the message to the memory device. The message is associated with a cryptographic operation.

Description

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates generally to memory technology, and more particularly to a method and apparatus for interacting with a memory device in a cryptographic compilation operation. [Prior Art] A hardware token is a physical device for cryptographic operations such as 4 acknowledgment, digital signature, and other cryptographic operations. For example, a hardware token can be configured to generate a one-shot password. This one-time password can be used to log into a corporate network. In order to log into a corporate network, a user may be prompted to type in their login identification, password, and a one-time password generated by the hardware token on a web page. In response, the user types in their login identification, password, and a one-time password generated by the hardware token and displayed thereon. In order to enter the one-time password, the user must physically copy the one-time password on the web page. In other words, the user must read the one-time password from the hardware token, remember the one-shot password and physically enter the one-time password into the web page. ί This type of manual copying of the one-time password from the hardware token on a web page is error-prone. Therefore, further efforts are needed to improve the copying of information from the hardware token. SUMMARY OF THE INVENTION Various embodiments of the present invention provide methods, systems, and/or apparatus for interacting with a memory device in a cryptographic compilation operation. It will be appreciated that the specific embodiments can be implemented in a number of ways, including as a method, a circuit system. Several specific implementations of the present invention are described below in the example 123629.doc 200826602. In accordance with an embodiment of the present invention, a method for interacting with a memory device is provided. In this method, a cryptographically compiled communication application is registered to be associated with one of the types of web browsers. A message from the web browser encapsulating one of the agreement types is received and then sent to the memory device. Here, the message is associated with a cryptographic compilation operation. In accordance with another embodiment of the present invention, a memory device is provided. The memory device includes a memory configured to store a cryptographic compilation communication application, the cryptographic communication application being configured to associate with a web browser. The cryptographic compiling communication application includes a computer command for receiving a message encapsulated in a protocol type from the web browser and transmitting the message to the memory device. Here, the message is associated with a cryptographic compilation operation. Other embodiments and advantages of the present invention will become apparent from the Detailed Description of the Drawing. [Embodiment] A detailed description of one or more specific embodiments is provided below with the accompanying drawings. The detailed description is provided in connection with such specific embodiments, but not limited to the specific embodiments. The material is only limited by the scope of the patent, and covers the alternatives, modifications and equivalents. The following description presents many specific details for the purpose of providing a full understanding. The details are provided for the purpose of example and the description may be made in accordance with the scope of the patent application, without some or all of the details of the specific details. For the sake of clarity, it is not mentioned in detail 123629.doc 200826602 Avoid unnecessary confusion of this description. The specific embodiments described herein provide methods, systems, and/or devices for interacting with a memory device. To interact with a memory device, a calculation = can post the message associated with the password compilation operation to the web browser. As will be explained in more detail below, a cryptographic compiling communication application, on behalf of the computing device, receives the messages via the web page viewer and communicates the messages to the memory device. The memory device can additionally communicate messages to the computing device via the web browser. Therefore, the computing device can establish a communication channel with the memory device through the web browser. BRIEF DESCRIPTION OF THE DRAWINGS Figure 1 is a simplified block diagram of an embodiment of the present invention for interacting with a memory device in a cryptographic compilation operation. As shown in FIG. 12, system 100 includes a client computing device 102, a server computing device 110, and a memory device 108. The client computing device 1G2 is coupled to the memory device 1G8 and can access the memory device to store or retrieve data. The memory device 1G8 is removably coupled to the client computing device 102 via a mechanical interface 118 (e.g., a pin and a domain socket connector). In general, the memory device 108 is a storage device. One example of the memory device 1〇8 is a one-by-one. As shown in the memory device 8 of Fig. 1, the flash memory card may include an n-plane and a δ-remember controller 〇2 and a memory port 22. The memory 丨Μ can include a flash memory composed of 6 hexamedrons. Examples of flash memory include NOR, AND, split bit lines N〇R (DIN〇R), inverse AND (NAND), and other flash memory. In general, the interface and memory controller 120 interfaces with the client computing device 1〇2 to transmit data. Interface 123629.doc 200826602 = The memory controller 12 manages the communication to and from the memory 122. For example, the interface and memory controller 120 converts between the data address of the data used by the client computing device 102 and the body address of the memory 122 during the read and write operations. There are various flash memory cards, and the examples are sold under the trademarks Secure Digital, MultiMediaCard, MinisD, Muir, C〇mpactFlash, SmartMedia, xdpicture (5),

These flashes of Mem〇ry Stick, Ding (10) Training (10) and other flash memory cards

Memory card. Another example of the memory device i 〇 8 is a universal serial bus (lake) equipped with i, for example, a (four) driver. The Cong flash drive can include a flash memory that is integrated with the user interface for connection to the user computing device 102. The client computing device 102 is in communication with the server computing device 11A. The client computing device 102 can communicate with the server computing device via a computer network (which can include a local area network (LAN), the Internet) or through other connections. The client computing device 102 can be configured to load the web browser 104 and the cryptographic compile communication application 丨〇6. The server computing device 11A can be configured to load a message generator 112. As will be explained in more detail below, the client computing device 102 and the server computing device 11 include memory for storing the web browser 104, the cryptographic communication application 1-6, and the message generator 112. The additional components included in the client computing device i 〇 2 and the server computing device 110 are configured to execute the web page browser 104, the cryptographic compiling communication application program 〇6, and the message generator 112 stored in the memory. processor. In general, web browser 104 is a software application that enables 123629.doc -10- 200826602 users to display and interact with text, images, and other information located on a web page or other source. There are various web browsers (e.g., web browser 1G4) that can be loaded on the client computing device (10), and the example locks are labeled as Fernet Explorer, MoziUa Firef〇x, and the web page viewer. T is to be used to store the web page accessed by the web browser 1〇4 or: the source is stored in the feeding device to calculate the skirting position. For example, server computing device 11G may include a web page service configured to store and service web pages.

C device. Web page browser 104 can communicate with server computing device 11 using Hypertext Transfer Protocol (HTTP) or secure HTTP. In general, the HTTP system is a method of loading information on the World Wide Web (web page). The HTTP allows the web browser 104 to submit information (e.g., message ι 6) to the feeding device 100 and retrieve the web page from the server computing device. Alternatively, secure HTTP can be used to provide authentication and encrypted communication between the web page „device 1() 4 and the server computing device^. Security Ηττρ is similar to HTTP 'but using different presets 例如 (eg 443 And having an additional layer of encryption/authentication between Ηττρ and Transmission Control Protocol (TCP). The cryptographic compile communication application 106 is associated with the web browser 104. For example, the tiling, code compiling communication application 106 can be A plug-in application, which can be loaded into the web browser 104. A plug-in application is operated within the limits of the web page S: 1G4 - the computer program. The password compiling communication application 1 can also be used. a helper object software, stand-alone application, or other application type. The cryptographic compile communication application 〇6 is initially stored in the memory device 108 and can be associated with or associated with the memory device 104. The computing device 102 is loaded into the network 123629.doc -11-200826602. Chat: In general, the cryptographic compiling communication application 1 is configured to enable the memory device 1G8 and the servo. The communication associated with the cryptographic code operation between the computing devices 110. In other words, the cryptographic compilation communication application 106 establishes a communication channel between the memory device 1 8 and the server computing device via the web browser (10). 'Password compilation operations may include operations associated with the following operations: from a memory device f 108 to capture a single secret battle and response, security key exchange, digital rights management (DRM), a statement provided, digital certificate , digital signature, and other cryptographic operations. The device 112 encapsulates the message from the server computing device UG into a confederation class 1 (eg, Multipurpose Internet Mail Extensions (MIME)), and 2 As will be explained in more detail below, the 'Cryptographic Compilation Communication Application (10) is used to receive messages encapsulated in the unique agreement type (eg, Μ ^ ^ ) /, sent from the 忒 server computing device to the web browser map 2 is a flowchart of an overview of operations for interacting with a memory device in accordance with an embodiment of the present invention. To post a message associated with a cryptographic operation to a memory The device, a server computing device sends the -TCP packet to a web browser, the Tcp packet encapsulating the == page_self-processing-only-contract type. The association may include various protocols. For example, In a specific embodiment, a "one of the unique mime types (for example, from the ne_tIme password; a one-time password)" in the ": capsule: Γ-MIME protocol" may be encoded in the standard. - In the example, the message can be encapsulated in the _ direct Internet message encapsulation (D-delete) agreement. Because the web page viewer and 123629.doc 200826602 do not handle such Μ type web pages themselves (four) from the narration ~ " When this type of agreement is encountered, the formula is loaded or loaded into the web page viewer - the application type ^ piece), which is configured to handle encapsulation in the protocol class ^ Xunxin's, for example, password compile communication applications. Thus, as shown in operation 202, the cryptographic compile communication application is registered to be associated with the type of agreement in the browser such that the web page executes the password when the web browser encounters the type Compiling the application; the application is used to process the message encapsulated in the protocol type. In a specific example, the field connects the 6 s hex device to the computing device of the page browser. Loading or registering the password compiling communication application to the web browser. When the memory device is disconnected, the password compiling communication application can be unregistered from the web browser. Therefore, the mima can be The application is privately registered to the web browser when the memory device is connected to the computing device and is unregistered when the memory device is removed. This type of dynamic registration avoids modifying the host configuration (such as registering a bank) and can also load the cryptographic compile communication application into an open web browser and remove it without having to close the web browser. When the password compile communication application is registered, the password compiling communication application receives the message encapsulated in the agreement type from the web browser in operation 2〇4. The messages are sent from another computing device (e.g., a web server) to the web browser. A message may include various materials associated with a cryptographic operation. Examples of messages include commands to generate a one-time password, commands to request a one-time password, commands to initiate a request, connection information, commands to provide a request, and other messages. After the cipher compile communication receives the message in the program 123629.doc 13-200826602, the cipher compile communication application sends the message to the memory device in operation 2-6. Figure 3 is a flow diagram of an overview of an operation for interacting with a memory device in accordance with another embodiment of the present invention. As shown in Figure 3, the cryptographic compile communication application receives the message sent to the web browser in operation 3 〇 2. Here, the web page viewer can be configured to send all messages sent by the i I web page/Liu Weiwei to the Xiao password compile communication application. The cryptographic compile communication application can also be configured to use the two to intercept all messages sent to the δHai web browser. Then, in operation 304, the cryptographic compiling communication application extracts a message associated with the - unique protocol type (eg, ΜΙΜΕ) from the received message and develops the extracted message to the memory device in the operation write. . The cryptographic compile communication application can extract the message by filtering the messages. For example, the cryptographic money-passing program can pass messages encapsulated in a -sponsored type of agreement to block other messages encapsulated in other types of agreements. Another example of an extraction operation may include separating messages encapsulated in a -sponsored type and other messages encapsulated in other types of agreements. The cryptographic communication = the program sends the message encapsulated in the unique agreement type to the memory device and sends other messages to the web page browsing by means of the chorus & Device. 4 is a block diagram of a mutual interface module and a memory device interface module according to the embodiment of the present invention. As shown in Fig. 4, the client computing device 102 is configured to load the network (10) and the shared library. The password communication application 1〇6 series is included in the web page Liu Xun nm. Shared library (or dynamic link library) 123629.doc 14 200826602 Includes one or more programs and can be loaded and linked to the password code #通# application 106 during the execution period. Here, the shared library 〇2 allows the cryptographic compile communication application 106 to interface and communicate with the memory device 108. In the specific embodiment of the decimation of Figure 4, the shared library includes a high level application. Ten-face (API) 405 and device API 4 10. The high level API 405 and device API 410 are configured to generally convert messages from the cryptographic compile communication application 1-6 into one or more memory device operations. (or memory device command). The shared library 402 may additionally include a protocol router 4〇4. It should be understood that the cryptographic compile communication application 〇6 may be configured to handle multiple protocol types and each protocol type may be Associated with a different cryptographic compilation operation, for example, a first agreement type can be associated with a one-time password, a second agreement type can be associated with a DRM, and a third agreement type can be associated with a digital signature. The cryptographic compile communication application 1-6 may be configured to extract messages encapsulated in the three contract types and send such messages to the memory device 1 〇 8 through the shared library 402. For multiple The agreement type, the face level API 405 may include a plurality of agreement modules 4〇6 to 4〇8 to interface with the agreement types. Here, the agreement router 4〇4 identifies the type of agreement associated with each message and News The information is delivered to a protocol module (eg, protocol modules 406, 407, and 408) that is configured to interface with and process the message encapsulated in the protocol type. For example, for the first And the second and third protocols, the protocol router 4 〇 4 can identify a message encapsulated in the first protocol type and deliver it to the protocol module 406 that interfaces with the one-time password. 4 may also identify a message encapsulating one of the second protocol types and deliver it to the DRM interface protocol module 4〇7. This 123629.doc -15-200826602, the protocol router 404 can identify the capsule Sealing one of the third agreement types and delivering it to the agreement module 4〇8 interfaced with the digital signature. After the k-way and processing the special message, the agreement modules Mg to 408 will The interest rate is developed to the device API 410. The device API 41 is configured to interface between the high level API 405 and the memory device 1 〇 8. One example of an interface operation is to convert commands from the question level API 405 Memory device operation. For example, device API 41 0 may include lower level interface function to interact with memory The device 108 communicates. One example of a lower level interface function includes input/output memory device operations associated with inputting data to and from the memory device 108. It should be understood that in other embodiments, The shared library 〇2 may include fewer or more modules in addition to the modules shown in Figure 4. For example, if only one protocol type is processed by the cryptographic compilation communication application 1-6, then sharing The library 4〇2 may not include the protocol router 4〇4. If the device API 410 is built in the memory device 1〇8, the shared library 402 may not include the device Αρι. Figure 5 is a block diagram of a module for interacting with a memory device in accordance with an embodiment of the present invention. The web browser 104 and the LaimchPad application 502 are executed on the client computing device 〇2. In general, the LaunchPad application 5〇2 enables the client computing device to access and manage the applications and materials stored in the memory device 108. The LaunchPad application 5〇2 can be automatically loaded and executed on the client computing device 102 when the memory device 108 is connected to the client computing device. The grievance link library modules 106, 5〇4, 5〇6, and 5〇8 are built into both the LaunchPad application 502 and the web browser 1〇4. Modules include 123629.doc -16- 200826602

PluginLoader.dll 504 . PluginHelper.dll 506 ,

ServiceProvider 508 and password compile communication application program 1.6, which can also be a dynamic connection library. The cryptographic compile communication application 1-6 can be a MIME filter, and in a specific embodiment, the web browser can call the cryptographic compile communication application to process, text/〇tp "MIM] E type. ServiceProvider The .dll 508 processes the I set command received from the cryptographic compile communication application 106. The piuginL 〇ader_dll 504 loads the PluginHelper.dll 506 into all instances of the web browser ι 4 and the newly generated instance. When the memory device 108 is disconnected PluginLoader.dll 504 can also uninstall PluginHelpendll 506 from all instances of web browser 1〇4. PlUginHelper dU 5〇6 is configured to register or unregister passwords to compile communication applications 1 〇 6 and can provide additional The table function populates a web page with the usage data. In the illustrated embodiment of Figure 5, once the memory device 1 〇 8 is connected to the client-side computing device 102, the PluginLoader.dll 504 is loaded. Then PluginLoader.dll 504 The PluginHelper.dll 506 is loaded into the web page (in all instances of the browser 104. It should be noted that there may be multiple instances of the web browser 104, depending on The number of open web browser windows. If there are more than one instance of the web browser 104, the dynamic link library core groups 506, 106, and 508 are loaded into each instance. Once the PluginHelper.dll 506 is loaded into the web page Browser 1〇4, the

PluginHelper.dll registers the password to compile the communication application ι〇6 to handle (for example) the "text/〇tp" MIME type. Figure 6 is a diagram for use with a memory device in accordance with an embodiment of the present invention 123629.doc -17- 200826602 f'

User name and 3, code. In operation 612, the end user (4) enters his or her user name and password into the login page, and in operation 614, the web page browsing 104 transmits the child's name and password to the server computing device 11 . The server juice device receives the user name and password and generates a request for one of the one-time passwords based on the user name and password. To communicate the request to the memory device 1() 8, the server computing device (1) encapsulates the single-sex code request in the -only protocol type. Here, the server computing device 110 encapsulates the child-only password request in the MIME protocol and sends an MIME unilateral password request to the web page H 104 in operation. In the - operation of the operation of the % financial sub-password. In general, a single = is a code that can be used to access various drop systems (eg, server computing devices). Once the one-time password is used, the single second f~ cannot be used again because the login system expects a new one-time start code for the next login. As shown in Figure 6, the end user_ provides the address of the web page that the end user desires to access. The address may be in the form of a system_resource locator (URL) which identifies a string of characters at the location of a web page. In operation 6, the web stomach > Liu t receives the URL and sends a request for the page/page to the server computing device 110 located at the URL in operation 608. In response, in operation 61, the server computing device sends a login page to the web page «Please 4. As a security feature, the server-counting device 110 authenticates the user's identity before allowing access to the requested web page. In this example, the boarding page requests the end user 602 to enter its specific embodiment t. As described above, the web browser 1() 4 may not be configured to process messages encapsulated in the MIME protocol. Therefore, the web page of the MIME OTP request is processed by the executor 16. In another embodiment, the cryptographic compile communication application 1-6 can block all messages sent to the web browser 104 and execute messages encapsulated in a unique protocol type, such as the ones. Sub-password request. It should be noted that the web browser 104 can communicate with the server computing device 110 using secure HTTp. Therefore, the additional communication between the MIME single-password request and the web browser 1〇4 and the server computing device 11〇 is additionally encapsulated in secure HTTP. Ο

The cryptographic compile communication application 1-6 receives the one-time password request in operation 618 because the request is encapsulated in the MIME protocol and, in response, the request is sent to the device 〇ρι 41 in operation 620. The device ah 410 is configured to interface with the memory server 1 () 8 and generate a memory device command for the memory device in operation _ to generate a one-time password response command, the memory device 1G8 A line password is generated and the code is sent to the device in operation 626. Next, in 628, the device API sends the one-time password to the weight application program, and at operation 632 t, the password compiling application sends the one-time password to the servo through the web page at @1()4. The computing device calculates and acknowledges the one-time password to be associated with the user name and password in operation 614. If the single-character password is valid, then the server UG will operate 2 to the web browser 104. Figure 7 is a diagram of a method for the interaction with the memory of the memory in accordance with one of the present inventions. In general, a total of 123629.doc -19· 200826602 One of the keys or string of characters known to the parties that only exchange encrypted messages with the secret system. For example, the shared secret can be used to encrypt or decrypt the message. In another example, the shared secret can be based on the shared secret The shared secret is used as input to one of the one-way hash algorithms to generate a one-shot password. In the example of Figure 7, the memory device 108 uses a common secret to generate a one-time password. When the memory device 108 is initially booted The cryptographic compile communication application 1 〇 6 can retrieve the shared secret. To retrieve the shared secret, the cryptographic compile communication application 106 in operation 〇4 will use the web browser ι 4 to share the secret 7〇4. One of the first requests is sent to the server computing device 丨 1 (). The server computing device 110 may not directly provide the shared secret to the memory device 1 。 8. In fact, the server computing device 110 redirects the cryptographic compiling communication application Program 1 06. The shared secret is retrieved from the providing service 702. In cryptography, the providing service 702 can be a third party service (e.g., a web service) that can be used to manage attributes within the scope of a defined program. Providing a service may involve the generation of a shared secret, the provision of the shared secret, and other services. In operation 706, the server computing device 11 transmits the connection information to the web browser 104. The connection information includes a connection to provide the service 7 Information on 〇2. Examples of connection information include the address or location of the service 〇2 (such as the URL of the child's service), the type of agreement used to communicate with the service, the activation code, and other connection information. Here, The connection information is encapsulated in a unique agreement type (eg, MIME) to communicate the connection information to the cryptographic compilation communication application 透过6 via the web browser 104. In accordance with an embodiment of the present invention, operation 708 As shown, with the receipt of the MIME message with the connection information, the web browser 1〇4 calls the password to compile 123629.doc -20- 200826602 The MIME message is processed by program 1 。 6. In another embodiment, the cryptographic compile communication application 106 extracts the MIME message from other messages sent to the web browser 1 。 4. Next, the cryptographic compile communication application 106 A communication channel is established with the & service 702 based on the received connection information, and a second request for one of the conflicting secrets is sent in operation 71. In operation 711, the service 702 is provided with a second response to generate a second response. The secret is shared and the shared secret is sent to the cryptographic compile communication application 1-6 in operation 712. It should be understood that communication between the cryptographic compile communication application 1-6 and the providing service 702 may not be through the web browser 104. In other words, the cryptographic compile communication application ι 6 can communicate directly with the provisioning service 702. Therefore, the message sent from the service provider 7〇2 to the cryptographic compile communication application 1〇6 is not encapsulated in the MIME protocol. With the receipt of the shared secret, the cryptographic compilation communication application 106 transmits the shared secret to the memory device 1-8 in operation 714. Figure 8 is a simplified block diagram of the use of a feature and selector mechanism in accordance with an embodiment of the present invention. As shown in FIG. 8, the system 8.1 includes a user terminal device 102, a memory device 〇8, server computing devices A to B 814 to 815, and a verification service eight to (: 8 〇 2 to 8 〇 4). The client computing device 1 装载 2 loads the web browser 104 and loads the cryptographic compile communication application 1 〇 6 into the web browser. The cipher compile communication application 1 〇 6 = can be included and stored in An attribute associated with an application or virtual device on the memory device 1. An example of a feature includes a name/value pair. Certain characteristics (referred to as inherent characteristics) may be indirectly established. Intrinsic characteristics may include 123629.doc • 21 • 200826602 Information inherent to the operation of an application or virtual device associated with features such as 忒. In accordance with an embodiment of the present invention, it will be appreciated that features can be used for a selector. The 'reservoir computing device A 814 is configured to use the authentication service A 802 or the authentication service B 8〇3 for authentication. On the other hand, the server computing device B 815 is configured to authenticate the service C 8〇4 is used to identify 5 forbearance.丨〇8 can store multiple virtual tokens to 8^ 〇 and each token is associated with a different authentication service 8〇2, 8〇3 or 8〇4. The selector can be included in the send to password The communication application Ο1〇6 is compiled to select the virtual token 808, 809 or 81. For example, the server computing device A 814 sends the faceted single password request 85〇 to the web server 104. MIME The one-time password request 85 includes a selector that specifies a one-time password from one of the tokens used in conjunction with the authentication service A (the system is A 808). Based on the selector, the Mimar The compile communication application 106 sends a one-time password request 852 to the virtual token A 8 8 to the memory device 108. In response, the memory device (10) will be used in conjunction with the authentication service. The one-time password 854 is sent to the server = ^ #装置 A 814. In another example, the server computing device B 815 sends a MIME single-password request 86〇 to the web browser 1 (>4. At the same time, the MIME single password request 860 includes a selection # device, which is intended to be used for single-passwords. Use one of the tokens (which is a virtual token C 810) with the validation service C 804. Based on the selector, the cryptographic compilation communication application will have a single pass of the one-time password from the virtual token C 81G The sexual password request 864 is sent to the memory device 108. In response, the memory device 1 8 sends a one-time password 862 for use with the authentication service C 804 to 123629.doc -22-200826602 Apparatus 15 8 15 ect. 2: A simplified block diagram of a specific embodiment of the present invention applicable to a load-and-password application and with a memory device. In some embodiments, == Γ, 罗9= 实^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Examples of computing devices (4) include - desktop power: and a device, a portable computing device, - personal digital assistant, - corpse, internal - computing engine and other computer systems. As shown in Figure 9, Trick: Set 9: includes bus 902 or other communication device for conveying information: (: two / 与 and installed £ 'for example processor 904, system memory 906 (example (four) machine access memory (RAM )), storage device 9〇8 (eg only body (volume), disk drive, CD player and other storage devices), communication interface (such as data machine or Ethernet card), display 914 (such as cathode ray officer) (CRT) or liquid crystal display (LCD), input/output device 916 (9) such as a keyboard, and cursor control 918 (eg, a mouse or trackball). In some embodiments, when execution is dependent on system memory touches By one or more of the program instructions, the computing device (4) is provided by the processor 904 Performing a specific operation. The media can be read from another computer (eg, the storage device reads such program instructions into system memory 9〇6. In some embodiments, hard-wired circuits can be used in place of or in combination with the software. The program instructions are used to implement the specific embodiments of the present invention. It should be understood that the term "computer readable medium" refers to a suitable medium that participates in providing program instructions to processor 9 (10) for execution. This medium may take many forms 123629. Doc -23 - 200826602, including but not limited to non-volatile media, volatile media, and transmission media. Non-volatile media may include, for example, a compact disc or a magnetic disk, such as a memory device. The volatile media may include Dynamic memory, such as system memory 906. Transmission media includes coaxial cables, copper wires, and optical fibers, including wires including bus bars 902. Transmission media can also take the form of acoustic or optical waves, such as in radio waves and infrared data communications. The waves are generated. The general form of computer readable media includes, for example, magnetic media (such as floppy disks, flexible disks, hard disks, tapes, and Magnetic media), $school media (such as CD-ROM and other optical media), patterned physical media (such as punch cards, tapes and other physical media), memory chips or enamel, Carrier (eg RAM, Programmable Read Only Memory (pR〇M), Erasable Programmable Read Only Memory (EPR0M), Flash Memory and other memory chips or ports) and a computer readable Any other medium. In some embodiments, execution of a sequence of program instructions for implementing the specific embodiments may be performed by a single computing device 9 。. In other embodiments, by communication Two or more computer systems (eg, computing device 91A) coupled by a network (eg, a local area network (LAN), a public switched telephone network (psTN), a wireless network, and other communication links) can be executed in coordination with each other A sequence of program instructions to implement the specific embodiments. In addition, computing device 910 can communicate and receive messages, data, and instructions, including programs (ie, application code), through communication link 92 and communication interface 912. When the program instructions are received and/or stored in a storage device 〇8 or other non-volatile storage for subsequent execution, the received program instructions can be executed by the processor 〇4. 123629.doc -24- 200826602 The above specific embodiments provide methods, systems and/or devices for mounting with a memory. By being able to communicate with a memory device through a web page, it is possible to automate a cryptographic compilation operation between the computing devices without the user's participation. For example, a server computing device can request a sneak peek from a memory device and the sniffer device can send a single smug to the singer through a web page The computing device automatically responds. Through the webpage ^Cry: - The establishment of the communication channel reduces the participation of the user in the password compiling operation. Therefore, such a communication channel simplifies (for example) an authentication operation for the user, because the communication channel eliminates the user's one-time password. Manually copying the need on a web page. Although the foregoing specific embodiments have been described in detail for purposes of clarity, the particular embodiments are not limited to the details. There are many alternative ways of implementing these specific embodiments. Therefore, the disclosed embodiments are to be considered as illustrative and not restrictive, and the specific embodiments are not to to modify. In the context of the patent, the components and/or operations do not imply any specific order of operation unless explicitly stated in the scope of the patent application. [Simple Description of the Drawings] This description has been explained in detail by the above 4 and in conjunction with the accompanying drawings. It is easy to understand that the same reference numerals indicate the same structural elements. Figure 1 is a simplified block diagram of a system for interacting with a memory device in a cryptographic compilation operation in accordance with a specific embodiment of the present invention. 123629.doc -25 - 200826602 Figure 2 is a flow diagram showing an overview of the operation of the n-hidden device interaction in accordance with an embodiment of the present invention. Figure 3 is a diagram for a / memory device in accordance with another embodiment of the present invention. Figure 4 is a simplified block diagram of an interface module interfaced with a cryptographically compiled communication application and a memory device in accordance with a specific embodiment of the present invention. A block diagram of a module for interacting with a memory device in accordance with an embodiment of the invention.

Figure 6 is a diagram of the operation of interacting with a memory device to retrieve a one-time password in accordance with a particular embodiment of the present invention. (5) A diagram for an operation for interacting with a memory device to retrieve a shared secret in accordance with the specific embodiment of the present invention. Figure 8 is a simplified block diagram of the use of a feature and selector mechanism in accordance with an embodiment of the present invention. Figure 9 is a simplified block diagram of an overview of a computing device suitable for loading a cryptographic communication application and interfacing with a memory device in accordance with the present invention. [Main component symbol description] 100 102 102 Client computing device 104 Web browser/web server 106 Password compiling communication application/dynamic connection module 108 Memory device 123629.doc • 26 - 200826602 Γ

110 Server Computing Device 112 Message Generator 114 MIME Message 116 Message 118 Mechanical Interface 120 Interface and Memory Controller 122 Memory 402 Shared Library 404 Protocol Router 405 High-Level Application Design Interface (API) 406 Protocol Module 407 Protocol Module 408 Protocol Module 410 Device API 502 LaunchPad Application 504 Dynamic Link Library Module/PluginLoader.dll 506 Dynamic Link Library Module/PluginHelper.dll 508 Dynamic Link Library Module/ServiceProvider.dll 602 Terminal User 702 provides service 704 Common Secret/Operation 801 System 802 Authentication Service A 803 Authentication Service B 123629.doc -27- 200826602 804 808 809 810 814 815 850 852 f 854 860 862 864 902 904 906 908 ί / 910 912 914 916 , 918 920

Verification Service C

Virtual token A virtual token

Virtual character 5

Server computing device A

Server computing device B MIME single password request single password request single password MIME single password request single password single password request bus processor system memory storage device computing device communication interface display input /output device cursor control communication link 123629.doc 28 ·

Claims (1)

200826602 X. Applying for a patent, a method for interacting with a memory device, comprising: a book code compiling communication application associated with one of a type of web browser; from the web page The browser receives a message encapsulated in the agreement type, the message being associated with a cryptographic compilation operation; and transmitting the message to the memory device. 2. The method of claiming, further comprising: identifying another type of the agreement associated with the alpha message; and delivering the message to a protocol module configured to The type of agreement is interfaced. The method of claim 1, wherein the cryptographic operation is associated with extracting a one-shot password from the memory device. 4_ The method of claim 1, wherein the cryptographic operation is associated with capturing a shared secret, the shared secret being used to generate a one-time password. The method of claim 1, wherein the message is encapsulated in a Multipurpose Internet Mail Extensions (MIME) protocol. 6. The method of claim 1, further comprising unregistering the cryptographically compiling communication application to be associated with the type of agreement in the web browser. 7. The method of claim 1, wherein the memory device is a universal serial bus device. 8. A computer program product included in a computer readable medium and containing computer instructions for: 123629.doc 200826602 A single-time webmail receives a password from a - computing device via a web browser - Request, the request is encapsulated in a Multi-Internet Extension (MIME) protocol; and τ 9. The request is sent to a Universal Serial Bus (USB) device. The computer program product of claim 8 wherein: the computer program further comprises: receiving the one-time password from the USB device; and transmitting the one-time password to the web browser. 10. The computer program product of claim 8 wherein the computer program comprises computer instructions for receiving, by the web browser, the connection information from the first computing device, the connection information being encapsulated in the setting. ". The computer program product of claim 1 further comprising computer instructions for: establishing a communication channel with the second computing device based on the connection information to capture a share from the second computing device secret. 12. The computer program production port of claim 8, further comprising computer instructions for transmitting the one-time password to the first computing device via the web browser. 13. The computer program product of claim 8, wherein the request is further encapsulated in a secure hypertext transfer protocol. 14. A method for interacting with a memory device, the package +: receiving a plurality of messages sent to a web browser; the plurality of messages extracting a message associated with a protocol type, " Associated with a cryptographic compilation operation; and send the message to the memory device. 123629.doc 200826602 15 - The method of claim 4, further comprising: identifying the type of the agreement associated with the message; and delivering the message to a protocol module, the protocol module being configured Used to process the message associated with the type of agreement. The method of claim 14, wherein the cryptographic operation is associated with taking a one-shot password from the memory device. 17. The method of claim 14, wherein the agreement type is a Multipurpose Internet Mail Extension (MIME) protocol. 18. The method of claim 14, wherein the memory device is a universal serial bus device. 19. The method of claim 14, wherein the plurality of messages are sent from a computing device to the web browser. 2. A computer program product included in a computer readable medium and containing computer instructions for: " receiving a plurality of secure Hypertext Transfer Protocol (HTTP) messages sent to a web browser; A plurality of secure HTTP messages extracting a multipurpose Internet Mail Extensions (MIME) message, the MIME message including a request for one of the one-time passwords; and transmitting the MIME message to a universal serial bus (usb) device . 21. The computer program product of claim 20, jl who has a cow, 4 persons, two, and the progress includes a computer command for: receiving the one-time password from the USB device; and sending the one-time password to the webpage Browser. 123629.doc 200826602 22. The computer program product of claim 20, wherein the computer program includes a computer command for transmitting the one-time password to the computing device via the web browser. The computer program product of claim 22, wherein the request is sent to the web browser by the computing device. 24. A memory device comprising: - a memory configured to store a cryptographic compile communication application, the cryptographic communication application being configured to be associated with a web browser, The cryptographic compile communication application includes computer instructions for: receiving, from the web browser, a message encapsulated in a protocol type 'this message is associated with a cryptographic compilation operation and transmitting the message to the memory device. 25. The memory device of claim 24, wherein the cryptographic compiling communication application further comprises computer instructions for registering the cryptographic compiling communication application to associate with the type of agreement in the web browser. 26. The memory device of claim 24, wherein the cryptographic compiling communication application further comprises computer instructions for: identifying the type of agreement associated with the message; and delivering the message to a protocol module, the agreement The module is configured to interface with the type of agreement. 27. The memory device of claim 24, wherein the web browser is configured to execute the cryptographic compilation communication application when the web browser receives the message encapsulated in the agreement type. The memory device of claim 24, wherein the memory device is a universal serial bus device. 29. The memory device of claim 24, wherein the cryptographic compilation operation is associated with extracting a one-shot password from the memory device. 3. The memory device of claim 24, wherein the cryptographic compilation operation is associated with capturing a shared secret for generating a one-time password. 3 1 . The memory device of claim 24, wherein the message is encapsulated in a multi-purpose Internet Mail Extension (MIME) protocol. 32. A universal serial bus (USB) device comprising: a memory configured to store a cryptographic compiling communication application configured to load a web browser, the cryptographic communication application comprising computer instructions for: receiving, by the web browser, a request for a one-time password from a first computing device, the request being encapsulated in a multi-purpose internet In the Road Mail Extension (MIME) protocol, the request is sent to the USB device, the one-time password is received from the USB device, and the one-time password is sent to the web browser. 33. The USB device of claim 32, wherein the exhaustively compiled communication application further comprises computer instructions for transmitting the single: underlying password to a computing device via the web browser. 34. The USB device of claim 32, the 哕宓m in the basin is taken as 1 Τ. The code compiling communication application 123629.doc 200826602 further includes computer instructions for the computing device to receive a connection information MIME protocol. The first 'the connection information is encapsulated in the 35. For example, the USB device of claim 34, wherein the password compiling communication application includes two computer instructions for: establishing based on the connection information With a number -. The communication channel of the ten different device operates to retrieve a shared secret from the second computing device. 36. The USB device of claim 32, wherein the request is further encapsulated in a secure hypertext transfer protocol. 37. A memory device, comprising: a memory configured to store a cryptographic compiling communication application configured to load a web browser, The cryptographic compile communication application includes computer instructions for: receiving a plurality of messages sent to the web browser, extracting from the plurality of messages a message associated with a protocol type 'the message associated with a cryptographic compilation operation, and Send the message to the memory device. 38. The memory device of claim 37, wherein the cryptographic compile communication application further comprises computer instructions for: identifying the type of agreement associated with the message; and delivering the message to a protocol module, the agreement The module is configured to interface with the type of agreement. 39. The memory device of claim 37, wherein the cryptographic operation is associated with extracting a one-shot password from the 123629.doc 200826602 memory device. 40. The memory device of claim 37, wherein the agreement type is a Multipurpose Internet Mail Extensions (MIME) protocol. 41. The memory device of claim 37, wherein the memory device is a universal serial bus. 42_ - A Universal Serial Bus (UsB) device, comprising: a memory configured to store a cryptographic compiling communication application configured to load a A web browser, the cryptographic communication application includes computer instructions for: receiving a plurality of secure Hypertext Transfer Protocol (HTTP) messages sent to the web browser, extracting a multipurpose internet from the plurality of secure HTTP messages a mail extension (MIME) message containing a request for one of the one-time passwords, sending the MIME message to the USB device, receiving the one-shot password from the USB device, and transmitting the one-time password Go to the web browser. 43. The USB device of claim 42, wherein the cryptographic compiling communication application further comprises computer instructions for transmitting the one-time password to a computing device via the web browser. 44. The USB device of claim 43, wherein the request is sent to the web browser by the computing splicing. 123629.doc