(19) J Europaisches Patentamt
`
`European Patent Office
`
`Office europeen des brevets
`
`(H)
`
`EP 1536 306 A1
`
`(12)
`
`EUROPEAN PATENT APPLICATION
`
`(43) Date of publication:
`
`(51) lntCl7: G06F 1/00
`
`01.06.2005 Bulletin 2005/22
`
`(21) Application number: 04023384.3
`
`(22) Date of filing: 30.09.2004
`
`(84) Designated Contracting States:
`(72) Inventors:
`• Buer, Mark
`AT BE BG CH CY CZ DE DK EE ES Fl FR GB GR
`Gilbert, AZ 85296 (US)
`HU IE IT LI LU MC NL PL PT RO SE SI SK TR
`• Frank, Edward H.
`Designated Extension States:
`Atherton, CA 94027 (US)
`AL HR LT LV MK
`• Seshadri, Nambirajan
`Irvine, CA 92612 (US)
`
`(30) Priority: 30.09.2003 US 507586 P
`13.09.2004 US 609537 P
`
`(71) Applicant: Broadcom Corporation
`Irvine, California 92618-7013 (US)
`
`(74) Representative: Jehle, Volker Armin, Dipl.-lng.
`Patentanwalte
`Bosch, Graf von Stosch, Jehle,
`Fliiggenstrasse 13
`80639 Munchen (DE)
`
`(54)
`
`Proximity authentication system
`
`Access to secured services may be controlled
`(57)
`based on the proximity of a wireless token to a comput(cid:173)
`ing device through which access to the secured services
`is obtained. An authorized user may be provided access
`to a service only when a wireless token assigned to the
`user is in the proximity of the computing device. A user's
`credential may be stored on an RFIDtokenandan RFID
`reader may be implemented within a security boundary
`on the computing device. Thus, the credential may be
`passed to the security boundary without passing
`through the computing device via software messages or
`applications. The security boundary may be provided,
`
`in part, by incorporating the RFID reader onto the same
`chip as a cryptographic processing component. Once
`the information is received by the RFID reader it may be
`encrypted within the chip. As a result, the information
`may never be presented in the clear outside of the chip.
`The cryptographic processing component may crypto-
`graphically encrypt/sign the credential received from the
`token so that assurance may be provided to a service
`provider that the credentials came from a token that was
`proximate to the computing device. An RFID reader,
`cryptographic processing components and a wireless
`network controller may be implemented on a single chip
`in a mobile device.
`
`FIG1
`
`ACCESS
`DEMCE
`106
`
`WRELESS
`PROXIMITY
`READER
`X
`
`100
`
`114
`
`/•
`
`AUTHENTICATION
`
`116 7
`
`^ 1 02
`
`112
`
`110
`
`SERVICE
`PROVIDER
`
`Printed by Jouve, 75001 PARIS (FR)
`
`CO o
`CO
`CO
`CO
`
`Q.
`LU
`
`Petitioner’s Ex. 1007 , Page 1
`
`

`

`EP 1 536 306 A1
`
`Description
`
`CROSS-REFERENCE TO RELATED APPLICATION
`(S)
`
`[0001] This application claims the benefit of U.S. Pro(cid:173)
`visional Patent Application No.
`, filed
`September 13, 2004, entitled PROXIMITY AUTHENTI(cid:173)
`CATION SYSTEM, Attorney Docket No. 53492/SDB/
`B600, and U.S. Provisional Patent Application No.
`60/507,586, filed September 30, 2003, the disclosures
`of which are hereby incorporated by reference herein.
`
`computing device may then forward these credentials
`to a service provider that then determines whether the
`user is authorized to use the requested service.
`[0008]
`In the event the computing device has been
`s comprised by a hacker or a computer virus, an unau(cid:173)
`thorized person may gain access to these credentials.
`As a result, an unauthorized person may be able to ac(cid:173)
`cess the secured service. Serious consequences may
`result when the secured service includes sensitive in-
`10 formation such as financial data or personal information.
`Accordingly, a need exists for improved techniques for
`providing access to secured services.
`
`TECHNICAL FIELD
`
`SUMMARY
`
`[0002] This application relates to data communication
`systems and, more specifically, to techniques for au(cid:173)
`thenticating proximity of a wireless token in a communi(cid:173)
`cation system.
`
`BACKGROUND
`
`[0003] A variety of security techniques are known for
`protecting information in and controlling the operation of
`a computing device such as a personal computer
`("PC"), a server or a mobile device. For example, phys(cid:173)
`ical and/or cryptographic techniques may be employed
`to control access to the computing device and to data
`stored in the computing device.
`[0004] Physical security techniques may include lo(cid:173)
`cating the computing device in a secure location, locking
`the computing device in an enclosure, protecting inte(cid:173)
`grated circuits (i.e., chips) from invasive monitoring by
`encapsulating the chips in, for example, an epoxy.
`[0005] Cryptographic techniques may include one or
`more of encryption, decryption, authentication, signing
`and verification. In some applications data encryption
`and decryption techniques may be used to prevent un(cid:173)
`authorized applications or persons from accessing data
`stored in the computing device. For example, security
`passwords that are used to restrict access a PC may be
`stored on the PC in an encrypted form. The operating
`system may then decrypt password when it needs to
`compare it with a password typed in by a user.
`[0006]
`In some applications authentication tech(cid:173)
`niques may be used to verify that a given set of data is
`authentic. For example, when a server receives a mes(cid:173)
`sage from a remote client, authentication information
`associated with the message may used to verify that the
`message is from a specific source. In this way, the serv(cid:173)
`er may ensure that only authorized clients access the
`applications and data provided by the server.
`[0007]
`In practice, there may be circumstances under
`which the process of sending secret credentials such as
`a password or cryptographic key may be compromised.
`For example, when a user uses a computing device to
`access a secured service, the user may first need to en(cid:173)
`ter the secret credentials into the computing device. The
`
`[0009] The invention relates to a system and method
`for authenticating the proximity of a wireless token to a
`computing device. For convenience, an embodiment of
`a system constructed or a method practiced according
`20 to the invention will be referred to herein simply as an
`"embodiment."
`[0010]
`In one aspect, the invention relates to a system
`and method for providing access to a secured service
`based on a user's proximity to a proximity reader. Once
`25 the proximity is authenticated the user may then be al(cid:173)
`lowed to access the secured service.
`[0011]
`In some embodiments an authorized user is
`provided access to a service only when a wireless token
`assigned to the user is in the proximity of a computing
`30 device through which access to the secured services is
`obtained. In this way, a reasonable assumption may be
`made that the authorized user is in fact using the com(cid:173)
`puting device to request the service. In contrast, if the
`request was being made by a hacker or a computer vi-
`35 rus, access may be denied since the token may not be
`in the proximity of the computing device.
`[0012]
`In some embodiments a user's credential are
`stored on an RFID token and an RFID reader is imple(cid:173)
`mented within a security boundary on the computing de-
`40 vice. In this way, the credential may be passed to the
`security boundary without passing through the comput(cid:173)
`ing device via software messages or applications. As a
`result, the credentials may not be intercepted by a hack(cid:173)
`er or computer virus that may have compromised the
`45 software executing on the computing system.
`[0013]
`In some embodiments the security boundary
`may be provided, in part, using tamper resistant and/or
`tamper evident hardware. Thus, in the event the com(cid:173)
`puter was physically tampered with in an attempt to
`50 compromise the security of the security boundary, such
`tampering may be ineffective or it may be evident to the
`user. In the latter case, the user may then take appro(cid:173)
`priate steps to re-secure the system.
`[0014]
`In some embodiments, the RFID reader is in-
`55 corporated onto the same chip as a cryptographic
`processing component. Inthisway, once the information
`from the RFID token is received by the RFID reader it
`may be encrypted within the chip. As a result, the infor-
`
`Petitioner’s Ex. 1007 , Page 2
`
`

`

`EP 1 536 306 A1
`
`mation may never be presented in the clear (e.g.. unen(cid:173)
`crypted) outside of the chip. Accordingly, the information
`may only be compromised by a clandestine RFI Dreader
`or by inspecting the internal contents of the chip. In con(cid:173)
`ventional commercial settings, these scenarios may be
`unlikely. Accordingly, a system constructed according to
`the invention may provide improved access control for
`secured services.
`[0015]
`In some embodiments, a cryptographic
`processing component may cryptographically encrypt
`and/or sign credentials received from a token. Thus,
`when a service provider receives the credentials, a high
`level of assurance may be provided to the effect that the
`credentials came from a token th at was proximate to the
`particular computing device.
`[0016]
`In some embodiments an RFID reader, a cryp(cid:173)
`tographic processing component and one or more wire(cid:173)
`less network controller(s) may be implemented on a sin(cid:173)
`gle chip in a mobile device. This may provide a cost ef(cid:173)
`fective and secure mechanism to limit access to the
`wireless network(s). In this case, network access may
`only be provided to the mobile device when a token is
`proximate to the mobile device and when that token has
`been assigned to an authorized user of that mobile de(cid:173)
`vice and the network(s).
`[0017] According to an aspect of the invention, a com(cid:173)
`munication system comprises:
`
`an wireless proximity reader configured to receive
`an RF signal from a wireless token located within a
`defined proximity to the proximity reader and con(cid:173)
`figured to extract information from the received RF
`signal; and
`a wireless network interface coupled to receive the
`information from the proximity reader and send the
`information over a wireless network.
`
`[0018] Advantageously, the system comprises a se(cid:173)
`curity boundary within which the information is extracted
`and received.
`[0019] Advantageously, the wireless proximity reader
`is an RFID reader.
`[0020] Advantageously, the system comprises an au(cid:173)
`thentication processor configured to authenticate the in(cid:173)
`formation sent over the wireless network.
`[0021] Advantageously, the system comprises a cryp(cid:173)
`tographic processor configured to encrypt or authenti(cid:173)
`cate the information sent over the wireless network.
`[0022] Advantageously, the cryptographic processor
`uses a key to cryptographically sign the information that
`is sent over the wireless network.
`[0023] Advantageously, the wireless network inter(cid:173)
`face supports at least one of 802.11 and Bluetooth.
`[0024] Advantageously, the wireless network inter(cid:173)
`face comprises at least one of an 802.11 media access
`controller and a Bluetooth media access controller.
`[0025] Advantageously, the wireless network inter(cid:173)
`face comprises an 802.11 media access controller and
`
`s
`
`10
`
`a Bluetooth media access controller.
`[0026] Advantageously, the wireless network inter(cid:173)
`face uses the information to provide authentication to
`the wireless network.
`[0027] Advantageously the system comprises a serv(cid:173)
`ice processor coupled to receive the information sent
`over the wireless network and configured to provide ac(cid:173)
`cess to a service in response to the information.
`[0028] Advantageously, the system comprises a wire-
`less access point adapted to receive the information
`sent over the wireless network and provide the informa(cid:173)
`tion to a service provider.
`[0029] Advantageously the system comprises a wire(cid:173)
`less access point adapted to receive the information
`'5 sent over the wireless network and provide access to
`the wireless network in response to the information.
`[0030] Advantageously, the information comprises a
`password or key.
`[0031] Advantageously, the system comprises an
`20 RFID token comprising:
`
`a data memory for storing the information;
`an RF circuit coupled to the data memory for gen(cid:173)
`erating a signal according to the information; and
`an antenna coupled to receive the signal from the
`RF circuit and adapted to transmit the signal to the
`wireless proximity reader.
`
`25
`
`[0032] According to an aspect of the invention, a
`30 method of controlling access to a service comprises:
`
`35
`
`40
`
`45
`
`50
`
`55
`
`verifying whether a wireless token is within a de(cid:173)
`fined proximity to a processing device;
`authenticating information associated with the wire-
`less token; and
`providing the authenticated information to a service
`provider.
`
`[0033] Advantageously, the method comprises estab-
`lishing a security boundary forthe verifying, authenticat(cid:173)
`ing and providing.
`[0034] Advantageously, at least a portion of the secu(cid:173)
`rity boundary comprises a cryptographic boundary.
`[0035] Advantageously, at least a portion of the secu-
`rity boundary comprises an integrated circuit.
`[0036] Advantageously, authenticating comprises
`cryptographically signing the information with a key.
`[0037] Advantageously, the authenticated informa(cid:173)
`tion comprises a response to a challenge from the serv-
`ice provider.
`[0038] Advantageously, providing comprises encrypt(cid:173)
`ing data sent to the service provider.
`[0039] Advantageously, the method comprises re(cid:173)
`questing access to a service from a service provider.
`[0040] Advantageously, the method comprises re(cid:173)
`ceiving a challenge from the service provider.
`[0041] Advantageously, the service provider provides
`access to a service in response to the authenticated in-
`
`Petitioner’s Ex. 1007 , Page 3
`
`

`

`EP 1 536 306 A1
`
`formation.
`[0042] Advantageously, the service provider provides
`access to a data network in response to the authenticat(cid:173)
`ed information.
`[0043] Advantageously, the service provider provides
`access to at least one of an 802.11 network and a Blue(cid:173)
`tooth network.
`[0044] Advantageously, the service provider provides
`access to an 802.11 network and a Bluetooth network.
`[0045] Advantageously, the service provider provides
`access to encrypted data in response to the authenti(cid:173)
`cated information.
`[0046] Advantageously, the service provider provides
`a key in response to the authenticated information.
`[0047] Advantageously, the information comprises
`credentials associated with a user of the token.
`[0048] Advantageously, an RFID proximity reader
`verifies whether the wireless token is within the defined
`proximity to the wireless proximity reader.
`[0049] According to an aspect of the invention, a
`method of controlling access to a service comprises:
`
`receiving an RF signal from a proximate wireless
`token;
`obtaining information from the RF signal;
`authenticating the information from the RF signal;
`and
`providing the authenticated information to a service
`provider.
`
`[0050] Advantageously, the method comprises estab(cid:173)
`lishing a security boundary for the obtaining, authenti(cid:173)
`cating and providing.
`[0051] Advantageously, authenticating comprises
`cryptographically signing the information with a key.
`[0052] Advantageously, providing comprises encrypt(cid:173)
`ing the signed information.
`[0053] Advantageously, the method comprises re(cid:173)
`questing access to a service from a service provider.
`[0054] Advantageously, the method comprises re(cid:173)
`ceiving a challenge from the service provider in re(cid:173)
`sponse to the request.
`[0055] Advantageously, the authenticated informa(cid:173)
`tion comprises a response to the challenge.
`[0056] Advantageously, the service provider provides
`access to a service in response to the authenticated in(cid:173)
`formation.
`[0057] Advantageously, the RF signal is an RFID sig(cid:173)
`nal.
`[0058] Advantageously, the information comprises
`credentials associated with a user of the token.
`[0059] According to an aspect of the invention, an in(cid:173)
`tegrated circuit comprises:
`
`a wireless proximity reader configured to receive an
`RF signal from a wireless token located within a de(cid:173)
`fined proximity to the integrated circuit;
`at least one lead that is only routed within the inte(cid:173)
`
`grated circuit for coupling the wireless proximity
`reader to a wireless network interface; and
`a wireless network interface coupled to receive the
`information from the wireless proximity reader and
`provide the information to a port on the integrated
`circuit to send the information over a wireless net(cid:173)
`work.
`
`s
`
`20
`
`[0060] Advantageously the integrated circuit com-
`10 prises a security boundary.
`[0061] Advantageously the wireless proximity reader
`is an RFID reader.
`[0062] Advantageously the integrated circuit com(cid:173)
`prises a cryptographic processor configured to encrypt
`'5 or authenticate the information sent over the wireless
`network.
`[0063] Advantageously the cryptographic processor
`uses a key to cryptographically sign the information that
`is sent over the wireless network.
`[0064] Advantageously the wireless network inter(cid:173)
`face comprises at least one of an 802.11 media access
`controller and a Bluetooth media access controller.
`[0065] Advantageously the wireless network inter(cid:173)
`face comprises an 802.11 media access controller and
`25 a Bluetooth media access controller.
`[0066] Advantageously the wireless network inter(cid:173)
`face uses the information to provide authentication to
`the wireless network.
`[0067] Advantageously the information comprises a
`30 password or key.
`[0068] According to an aspect of the invention, a com(cid:173)
`munication system comprises:
`
`35
`
`40
`
`awireless proximity reader configured to receive an
`RF signal from a wireless token located within a de(cid:173)
`fined proximity to the wireless proximity reader and
`configured to extract information from the received
`RF signal; and
`a key management component coupled to receive
`the information from the wireless proximity reader
`and send the information to a service provider.
`
`[0069] Advantageously the system comprises a se(cid:173)
`curity boundary within which the information is extracted
`45 and received.
`[0070] Advantageously the key management compo(cid:173)
`nent comprises a trusted platform module.
`[0071 ] Advantageously a user is authenticated to the
`trusted platform module by moving the wireless token
`50 within the defined proximity to the wireless proximity
`reader.
`[0072] Advantageously the trusted platform module
`provides access to a protected service after the user is
`authenticated.
`[0073] Advantageously the trusted platform module
`provides access to encrypted data after the user is au(cid:173)
`thenticated.
`[0074] Advantageously the trusted platform module
`
`55
`
`Petitioner’s Ex. 1007 , Page 4
`
`

`

`EP 1 536 306 A1
`
`enables use of protected keys after the user is authen(cid:173)
`ticated.
`[0075] Advantageously, the system comprises a net(cid:173)
`work interface wherein the trusted platform module pro(cid:173)
`vides access to a network via the network interface after
`the user is authenticated.
`[0076] Advantageously, the network interface com(cid:173)
`prises a wireless interface.
`[0077] Advantageously, the network interface com(cid:173)
`prises at least one of an 802.11 network interface and a
`Bluetooth network interface.
`[0078] Advantageously, the network interface com(cid:173)
`prises an 802.11 network interface and a Bluetooth net(cid:173)
`work interface.
`[0079] Advantageously, the system comprises a serv(cid:173)
`ice provider configured to provide access to data and a
`service.
`[0080] Advantageously, the system comprises a serv(cid:173)
`ice provider configured to supply cryptographic keys.
`[0081] Advantageously, the wireless proximity reader
`is included within a boundary of the key management
`component.
`[0082] Advantageously, the wireless proximity reader
`is an RFID reader.
`[0083] According to an aspect of the invention, a
`method of providing access to a service comprises:
`
`s
`
`w
`
`15
`
`20
`
`25
`
`[0093] Advantageously, the RF signal is an RFID sig(cid:173)
`nal.
`[0094] Advantageously, the information comprises
`credentials associated with a user of the token.
`[0095] Advantageously,
`the service comprises at
`least one of 802.11 network access and Bluetooth net(cid:173)
`work access.
`[0096] Advantageously, the service comprises 802.11
`network access and Bluetooth network access.
`[0097] According to an aspect of the invention, an in(cid:173)
`tegrated circuit comprises:
`
`awireless proximity reader configured to receive an
`RF signal from a wireless token located within a de-
`fined proximity to the wireless proximity reader and
`configured to extract information from the received
`RF signal; and
`at least one connection within the integrated circuit
`for coupling the wireless proximity reader to a wire-
`less network interface; and
`a key management component coupled to receive
`the information from the wireless proximity reader
`and provide the information to a port on the integrat(cid:173)
`ed circuit to send the information to a service pro-
`vider.
`
`receiving an RF signal from a proximate wireless
`token;
`obtaining information from the RF signal;
`authenticating the information to a key manage(cid:173)
`ment component; and
`providing, by the key management component, ac(cid:173)
`cess to a service.
`
`[0084] Advantageously, the method comprises estab(cid:173)
`lishing a security boundary for the receiving, obtaining,
`authenticating and providing.
`[0085] Advantageously, at least a portion of the secu(cid:173)
`rity boundary comprises a cryptographic boundary.
`[0086] Advantageously, at least a portion of the secu(cid:173)
`rity boundary comprises an integrated circuit.
`[0087] Advantageously, the method comprises au(cid:173)
`thenticating the information and providing the authenti(cid:173)
`cated information to a service provider.
`[0088] Advantageously, authenticating the informa(cid:173)
`tion comprises cryptographically signing the information
`with a key.
`[0089] Advantageously, the key management compo(cid:173)
`nent comprises a trusted platform module.
`[0090] Advantageously, the trusted platform module
`enables key usage after the user is authenticated.
`[0091] Advantageously, the trusted platform module
`enables access to processing resources after the user
`is authenticated.
`[0092] Advantageously, the trusted platform module
`enables access to data network services after the user
`is authenticated.
`
`30
`
`35
`
`40
`
`[0098] Advantageously, the integrated circuit com(cid:173)
`prises a security boundary within which the information
`is extracted and received.
`[0099] Advantageously, the wireless proximity reader
`is an RFID reader.
`[0100] Advantageously, the wireless proximity reader
`is included within a boundary of the key management
`component.
`[0101] Advantageously, the key management compo(cid:173)
`nent comprises a trusted platform module.
`[0102] Advantageously, the wireless proximity reader
`is included within a boundary of the trusted platform
`module.
`[0103] Advantageously, the integrated circuit com(cid:173)
`prises a network interface wherein the trusted platform
`module provides access to a network via the network
`interface after the user is authenticated.
`[0104] Advantageously, the network interface com-
`45 prises awireless interface.
`[0105] Advantageously, the wireless network inter(cid:173)
`face comprises at least one of an 802.11 network inter(cid:173)
`face and a Bluetooth network interface.
`[0106] Advantageously, the wireless network inter-
`face comprises an 802.11 network interface and a Blue(cid:173)
`tooth network interface.
`
`so
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`55
`
`[0107] These and other features, aspects and advan(cid:173)
`tages of the present invention will be more fully under(cid:173)
`stood when considered with respect to the following de(cid:173)
`tailed description, appended claims and accompanying
`
`Petitioner’s Ex. 1007 , Page 5
`
`

`

`EP 1 536 306 A1
`
`10
`
`drawings, wherein:
`
`FIG. 1 is a simplified block diagram of one embod(cid:173)
`iment of a proximity-based authentication system
`constructed in accordance with the invention;
`FIG. 2 is a flow chart of one embodiment of proxim(cid:173)
`ity-based authentication operations that may be
`performed in accordance with the invention;
`FIG. 3 is a simplified block diagram of one embod(cid:173)
`iment of a proximity-based authentication system
`constructed in accordance with the invention;
`FIG. 4 is a flow chart of one embodiment of proxim(cid:173)
`ity-based authentication operations that may be
`performed in accordance with the invention;
`FIG. 5 is a simplified block diagram of one embod(cid:173)
`iment of a proximity-based network authentication
`system constructed in accordance with the inven(cid:173)
`tion;
`FIG. 6 is a simplified block diagram of one embod(cid:173)
`iment of a proximity-based wireless network au(cid:173)
`thentication system constructed in accordance with
`the invention;
`FIG. 7 is a flow chart of one embodiment of proxim(cid:173)
`ity-based network authentication operations that
`may be performed in accordance with the invention;
`FIG. 8 is a simplified block diagram of one embod(cid:173)
`iment of proximity-based authentication for a trust(cid:173)
`ed platform module constructed in accordance with
`the invention;
`FIG. 9 is a flow chart of one embodiment of proxim(cid:173)
`ity-based authentication operations for a trusted
`platform module that may be performed in accord(cid:173)
`ance with the invention;
`FIG. 10 is a simplified block diagram of one embod(cid:173)
`iment of an integrated circuit including a trusted
`platform module constructed in accordance with the
`invention: and
`FIG. 11 is a simplified block diagram of one embod(cid:173)
`iment of proximity-based authentication for a trust(cid:173)
`ed platform module constructed in accordance with
`the invention.
`
`[0108]
`In accordance with common practice the vari(cid:173)
`ous features illustrated in the drawings may not be
`drawn to scale. Accordingly, the dimensions of the var(cid:173)
`ious features may be arbitrarily expanded or reduced for
`clarity. In addition, some of the drawings may be simpli(cid:173)
`fied for clarity. Thus, the drawings may not depict all of
`the components of a given apparatus or method. Finally
`like reference numerals denote like features throughout
`the specification and figures.
`
`DETAILED DESCRIPTION
`
`[0109] The invention is described below, with refer(cid:173)
`ence to detailed illustrative embodiments. It will be ap(cid:173)
`parent that the invention may be embodied in a wide
`variety of forms, some of which may be quite different
`
`s
`
`'5
`
`from those of the disclosed embodiments. Consequent(cid:173)
`ly, the specific structural and functional details disclosed
`herein are merely representative and do not limit the
`scope of the invention.
`[0110] Figure 1 illustrates one embodiment of a sys(cid:173)
`tem 100 where selected services may be provided to a
`user via a computing device only when a wireless token
`assigned to a user is proximate to the computing device.
`Operations of the system 100 will be explained in more
`10 detail in conjunction with the flowchart of Figure 2.
`[0111] As represented by block202 in Figure2 an ac(cid:173)
`cess device 102 (Figure 1) such as a computer includes
`components that may be used to determine whether a
`wireless token 104 assigned to a user or users is prox-
`imate to the access device 102. For example, a wireless
`proximity reader 106 may be configured to receive sig(cid:173)
`nals 108 (e.g., RF signals) from the wireless proximity
`token 104. The signals 108 may include information that
`uniquely identifies the wireless proximity token 104. In
`20 addition, this information may include one or more cre(cid:173)
`dentials (e.g., a password) that may be used to access
`a secured service provided by a service provider 110.
`[0112] The determination of proximity between the to(cid:173)
`ken 104 and the reader 106 may be established using
`25 a variety of mechanisms depending on the application.
`In some embodiments, the token will not generate sig(cid:173)
`nals until it is within a given distance of the reader. This
`may be accomplished, for example, by using a relatively
`passive token that intercepts signals transmitted by the
`reader and transmits signals in response to the received
`signals. Different distances between the token 104 and
`the reader 106 may be defined as indicative of proximity
`depending on the requirements of the application and,
`in some cases, characteristics of the operating environ-
`35 ment.
`[0113] As represented by block 204, the access de(cid:173)
`vice 102 may request access to a service from the serv(cid:173)
`ice provider 110 by sending a signal over a communica(cid:173)
`tion media 112. Depending upon the particular applica-
`40 Won, the communication media 112 may comprise, for
`example, electric wires, optical cables or air.
`[0114] Typically, access to the service will be initiated
`by the user's interaction with the access device 102. For
`example, the user may use a keyboard or pointing de-
`45 vice (e.g., a computer mouse) to request the service. In
`conjunction with this the user may be asked to input a
`password and/or provide a biometric (e.g., a fingerprint)
`to a biometric reader to further verify the authenticity of
`the user. In this way, access to a service may be restrict-
`so ed until the user satisfies one or more verification que(cid:173)
`ries including, for example, what the user knows (e.g.,
`a password), what the user possesses (e.g., a token)
`and who the user is (e.g., a physical or biometric char(cid:173)
`acteristic).
`[0115]
`In some embodiments, the access device 102
`may automatically request a predefined service once
`the user places the token 104 proximate the access de(cid:173)
`vice 102. For example, the access device 102 may in-
`
`30
`
`55
`
`Petitioner’s Ex. 1007 , Page 6
`
`

`

`11
`
`EP 1 536 306 A1
`
`12
`
`elude a database (not shown) that matches a given to(cid:173)
`ken (or information from the token) with one or more de(cid:173)
`fault services. Thus, when a token associated with de(cid:173)
`fault services approaches the access device 102, the
`access device 102 may automatically request the serv(cid:173)
`ices from the service provider 110.
`[0116] As represented by block 206, the access de(cid:173)
`vice 102 may send authentication-related information to
`the service provider 110 to indicate that the token 104
`is proximate to the access device 102. For example, the
`access device 102 may include an authentication com(cid:173)
`ponent 116 such that the determination of whether the
`token 104 is proximate the access device 102 is per(cid:173)
`formed in a secure manner. In addition, the information
`provided by the token may be maintained within the ac(cid:173)
`cess device 102 in a secure manner. For example, the
`information may only pass between the reader 106 and
`the authentication component 114 via a connection 116
`within a common integrated circuit.
`[0117]
`In addition, the authentication component 114
`may be in secure communication with the service pro(cid:173)
`vider 110. This may be accomplished, for example, by
`placing the authentication component 114 and the serv(cid:173)
`ice provider 110 on the same integrated circuit or within
`secured hardware. In addition, a cryptographically se(cid:173)
`cured communication channel may be established be(cid:173)
`tween the authentication component 114 and the serv(cid:173)
`ice provider 110.
`[0118]
`In some embodiments, the authentication in(cid:173)
`formation may include information from the token. In the
`case where the communications over the media 112
`may be cryptographically secured, the authentication
`component 114 may process (e.g., encrypt or sign) the
`information before sending ittotheserviceprovider 110.
`Since communications from the access device 102 may
`be trusted in this example, the authentication compo(cid:173)
`nent 114 thereby provides a cryptographically reliable
`authentication that the information is from a specific to(cid:173)
`ken that is proximate that particular access device. In
`other words the encryption or cryptographic signing of
`the information may provide the necessary authentica(cid:173)
`tion.
`[0119] After the service provider 110 has received an
`authenticated indication that the token is proximate the
`access device 102, the service provider 110 may then
`enable access to the requested serv