`
`
`
`
`
`
`
`I llll lllll lllll lllll lllll lllll 11111111111111111!1 IIIII II Ill 111111111111111
`
`
`
`
`
`
`
`
`
`Europiiisches Patentamt
`
`(19)
`
`
`
`European Patent Office
`
`
`
`Office europeen des brevets
`
`(11) EP 1 536 306 A 1
`
`(12)
`
`EUROPEAN PATENT APPLICATION
`
`(43)Date of publication:
`
`
`01.06.2005 Bulletin 2005/22
`
`(51)Int CL7: G06F 1/00
`
`04023384.3
`
`(21)Application number:
`
`30.09.2004
`(22)Date of filing:
`
`(84)Designated Contracting States:
`
`
`(72)Inventors:
`AT BE BG CH CY CZ DE DK EE ES Fl FR GB GR
`
`• Buer, Mark
`HU IE IT LI LU MC NL PL PT RO SE SI SK TR
`
`Gilbert, AZ 85296 (US)
`• Frank, Edward H.
`
`
`Designated Extension States:
`
`
`Atherton, CA 94027 (US)
`AL HR LTLV MK
`• Seshadri, Nambirajan
`
`Irvine, CA 92612 (US)
`
`(30) Priority: 30.09.2003 US 507586 P
`
`
`
`13.09.2004 us 609537 P
`
`Broadcom Corporation
`(71) Applicant:
`
`
`
`Irvine, California 92618-7013 (US)
`
`Jehle, Volker Armin, Dlpl.-lng.
`(74) Representative:
`Patentanwiilte
`
`Bosch, Graf von Stosch, Jehle,
`
`Fliiggenstrasse 13
`80639 Miinchen (DE)
`
`(54)Proximity authentication system
`
`in part, by incorporating the RFID reader onto the same
`
`
`(57)Access to secured services may be controlled
`
`
`
`chip as a cryptographic processing component. Once
`
`
`based on the proximity of a wireless token to a comput­
`
`
`
`the information is received by the RFID reader it may be
`
`
`ing device through which access to the secured services
`
`
`
`encrypted within the chip. As a result, the information
`
`
`
`is obtained. An authorized user may be provided access
`
`
`may never be presented in the clear outside of the chip.
`
`
`
`to a service only when a wireless token assigned to the
`
`
`
`The cryptographic processing component may crypto­
`
`
`
`user is in the proximity of the computing device. A user's
`
`
`
`
`graphically encrypVsign the credential received from the
`
`
`
`credential may be stored on an RFID token and an RFID
`
`
`token so that assurance may be provided to a service
`
`
`
`
`reader may be implemented within a security boundary
`
`
`provider that the credentials came from a token that was
`
`
`
`on the computing device. Thus, the credential may be
`
`
`
`proximate to the computing device. An RFID reader,
`
`
`passed to the security boundary without passing
`
`
`
`cryptographic processing components and a wireless
`
`
`
`
`through the computing device via software messages or
`
`
`
`
`network controller may be implemented on a single chip
`
`
`applications. The security boundary may be provided,
`in a mobile device.
`
`FIG 1
`100
`
`ACCESS
`DEVICE
`106
`
`102
`110
`
`114
`
`116
`112
`'MRELESS
`SERVICE
`PRUXJMITY AUTHENTICATION
`PROVIDER
`READER
`
`'}-----
`
`108 -----
`
`WIRELESS
`104./ PROXIMITY
`TOKEN
`
`
`
`Pnnted by Jouve, 75001 PARIS (FR)
`
`T"'"
`ct
`(0
`0
`C"')
`
`(0
`C"')
`LC)
`
`T"'"
`
`C.
`UJ
`
`1
`
`MICROSOFT 1008
`
`

`

`1
`
`EP 1 536 306 A1
`
`2
`
`Description
`
`CROSS-REFERENCE TO RELATED APPLICATION
`(S)
`
`[0001] This application claims the benefit of U.S. Pro-
`visional Patent Application No.
`_ filed
`September 13, 2004, entitled PROXIMITY AUTHENTI-
`CATION SYSTEM, Attorney Docket No, 53492/SDB/
`B600, and U.S, Provisional Patent Application No.
`60/507,586, filed September 30, 2003, the disclosures
`of which are hereby incorporated by reference herein.
`
`computing device may then forward these credentials
`to a service provider that then determines whetherthe
`user is authorized to use the requested service.
`[0008]
`In the event the computing device has been
`comprised by a hacker or a computer virus, an unau-
`thorized person may gain access to these credentials.
`As a result, an unauthorized person may be able to ac-
`cess the secured service. Serious consequences may
`result when the secured service includes sensitive in-
`formation such asfinancial data or personalinformation.
`Accordingly, a need exists for improved techniques for
`providing access to secured services.
`
`TECHNICAL FIELD
`
`SUMMARY
`
`[0002] This application relates to data communication
`systems and, more specifically, to techniques for au-
`thenticating proximity of a wireless token in a communi-
`cation system.
`
`BACKGROUND
`
`[0003] A variety of security techniques are knownfor
`protecting information in and controlling the operation of
`a computing device such as a personal computer
`("PC"), a server or a mobile device. For example, phys-
`ical and/or cryptographic techniques may be employed
`to control access to the computing device and to data
`stored in the computing device.
`[0004]
`Physical security techniques may include !o-
`cating the computing device in a securelocation, locking
`the computing device in an enclosure, protecting inte-
`grated circuits (i.e., chips) from invasive monitoring by
`encapsulating the chips in, for example, an epoxy.
`[0005] Cryptographic techniques may include one or
`more of encryption. decryption, authentication, signing
`and verification.
`In some applications data encryption
`and decryption techniques may be used to prevent un-
`authorized applications or persons from accessing data
`stored in the computing device, For example, security
`passwordsthat are used to restrict access a PC may be
`stored on the PC in an encrypted form. The operating
`system may then decrypt password when it needs to
`compareit with a password typedin by a user.
`[0006]
`In
`some applications authentication tech-
`niques may be used toverify that a given setof datais
`authentic. For example, when a server receives a mes-
`sage from a remote client, authentication information
`associated with the message may usedto verify that the
`message is from a specific source. In this way, the serv-
`er may ensure that only authorized clients access the
`applications and data provided by the server.
`[0007]
`In practice, there may be circumstances under
`which the process of sending secret credentials such as
`a password or cryptographic key may be compromised.
`For example, when a user uses a computing device to
`access a secured service, the user mayfirst need to en-
`ter the secret credentials into the computing device. The
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`[0009] The invention relates to a system and method
`for authenticating the proximity of a wireless token to a
`computing device. For convenience, an embodiment of
`a system constructed or a method practiced according
`to the invention will be referred to herein simply as an
`“embodiment.”
`
`In one aspect, the invention relates to a system
`[0010]
`and method for providing access to a secured service
`based on a user's proximity to a proximity reader. Once
`the proximity is authenticated the user may then beal-
`lowed to access the secured service.
`[0011]
`In some embodiments an authorized user is
`provided accessto a service only when a wireless token
`assigned to the useris in the proximity of a computing
`device through which accessto the secured servicesis
`obtained. In this way, a reasonable assumption may be
`madethat the authorized user is in fact using the com-
`puting device to request the service. In contrast, if the
`request was being made by a hacker or a computer vi-
`rus, access may be denied since the token may not be
`in the proximity of the computing device.
`[0012]
`In some embodiments a user's credential are
`stored on an RFID token and an RFID reader is imple-
`mented within a security boundary on the computing de-
`vice.
`In this way, the credential may be passed to the
`security boundary without passing through the comput-
`ing device via software messagesor applications. As a
`result, the credentials may not be intercepted by a hack-
`er or computer virus that may have compromised the
`software executing on the computing system.
`[0013]
`In some embodiments the security boundary
`may beprovided, in part, using tamperresistant and/or
`tamper evident hardware. Thus, in the event the com-
`puter was physically tampered with in an attempt to
`compromise the security of the security boundary, such
`tampering maybeineffective or it may be evident to the
`user. In the latter case, the user may then take appro-
`priate steps to re-secure the system.
`[0014]
`In some embodiments, the RFID reader is in-
`corporated onto the same chip as a cryptographic
`processing component. In this way, once the information
`from the RFID token is received by the RFID reader it
`may be encrypted within the chip. As a result, the infor-
`
`

`

`3
`
`EP 1 536 306 A1
`
`4
`
`a Bluetooth media access controller.
`[0026] Advantageously,
`the wireless network inter-
`face uses the information to provide authentication to
`the wireless network.
`
`mation may never be presentedin the clear (e.g., unen-
`crypted) outside of the chip. Accordingly,the information
`may only be compromised by aclandestine RFID reader
`or by inspecting the internal contents of the chip. In con-
`[0027] Advantageously, the system comprises a serv-
`ventional commercial settings, these scenarios may be
`ice processor coupled to receive the information sent
`unlikely. Accordingly, a system constructed according to
`over the wireless network and configured to provide ac-
`the invention may provide improved access control for
`secured services.
`cess to a service in response to the information.
`
`
`
`
`
`[0015] a_cryptographicIn some embodiments, [0028] Advantageously, the system comprises a wire-
`processing component may cryptographically encrypt
`less access point adapted to receive the information
`and/or sign credentials received from a token. Thus,
`sent over the wireless network and provide the informa-
`whena service provider receives the credentials, a high
`tion to a service provider.
`level of assurance maybe providedto the effect that the
`[0029] Advantageously, the system comprisesa wire-
`credentials came from a token that was proximate to the
`less access point adapted to receive the information
`particular computing device.
`sent over the wireless network and provide access to
`[0016]
`Insome embodiments an RFID reader, acryp-
`the wireless network in response to the information.
`tographic processing component and one or more wire-
`[0030] Advantageously, the information comprises a
`less network controller(s) may be implemented on a sin-
`passwordor key.
`gle chip in a mobile device. This may provide a costef-
`[0031] Advantageously,
`fective and secure mechanism to limit access to the
`RFID token comprising:
`
`20
`
`the system comprises an
`
`wireless network(s). In this case, network access may
`only be provided to the mobile device whena token is
`proximate to the mobile device and when that token has
`been assigned to an authorized userof that mobile de-
`vice and the network(s).
`[0017] According to an aspectof the invention, a com-
`munication system comprises:
`
`25
`
`a data memory for storing the information;
`an RF circuit coupled to the data memory for gen-
`erating a signal according to the information; and
`an antenna coupled to receive the signal from the
`FF circuit and adapted to transmit the signal to the
`wireless proximity reader.
`
`an wireless proximity reader configured to receive
`an RF signal from a wireless token located within a
`defined proximity to the proximity reader and con-
`figured to extract information from the received RF
`signal; and
`a wireless networkinterface coupled to receive the
`information from the proximity reader and send the
`information over a wireless network.
`
`[0018] Advantageously, the system comprises a se-
`curity boundary within which the information is extracted
`and received.
`[0019] Advantageously, the wireless proximity reader
`is an RFID reader.
`
`[0020] Advantageously, the system comprises an au-
`thentication processor configured to authenticate the in-
`formation sent over the wireless network.
`
`[0021] Advantageously, the system comprises a cryp-
`tographic processor configured to encrypt or authenti-
`cate the information sent over the wireless network.
`
`[0022] Advantageously, the cryptographic processor
`uses a key to cryptographically sign the information that
`is sent over the wireless network.
`
`[0023] Advantageously, the wireless network inter-
`face supports at least one of 802.11 and Bluetooth.
`[0024] Advantageously, the wireless network inter-
`face comprises at least one of an 802.11 media access
`controller and a Bluetooth media access controller.
`[0025] Advantageously, the wireless network inter-
`face comprises an 802.11 media access controller and
`
`30
`
`[0032] According to an aspect of the invention, a
`methodof controlling access to a service comprises:
`
`35
`
`40
`
`45
`
`50
`
`55
`
`verifying whether a wireless token is within a de-
`fined proximity to a processing device;
`authenticating information associated with the wire-
`less token; and
`providing the authenticated information to a service
`provider.
`
`[0033] Advantageously, the method comprises estab-
`lishing a security boundary for the verifying, authenticat-
`ing and providing.
`[0034] Advantageously, atleast a portion of the secu-
`rity boundary comprises a cryptographic boundary.
`[0035] Advantageously,at least a portion of the secu-
`rity boundary comprises an integrated circuit.
`[0036] Advantageously,
`authenticating
`comprises
`cryptographically signing the information with a key.
`[0037] Advantageously,
`the authenticated informa-
`tion comprises a response to a challenge from the serv-
`ice provider.
`[0038] Advantageously, providing comprises encrypt-
`ing data sent to the service provider.
`[0039] Advantageously,
`the method comprises re-
`questing access to a service from a service provider.
`[0040] Advantageously,
`the method comprises re-
`ceiving a challenge from the service provider.
`[0041] Advantageously, the service provider provides
`access to a service in response to the authenticated in-
`
`
`
`

`

`5
`
`EP 1 536 306 A1
`
`6
`
`formation.
`[0042] Advantageously, the service provider provides
`accessto a data networkin responseto the authenticat-
`ed information.
`[0043] Advantageously, the service provider provides
`accessto at least one of an 802.11 network and a Blue-
`tooth network,
`[0044] Advantageously, the service provider provides
`access to an 802.11 network and a Bluetooth network.
`[0045] Advantageously, the service provider provides
`access to encrypted data in response to the authenti-
`cated information.
`
`[0046] Advantageously, the service provider provides
`a key in response to the authenticated information.
`[0047] Advantageously,
`the information comprises
`credentials associated with a user of the token.
`[0048] Advantageously, an RFID proximity reader
`verifies whether the wireless token is within the defined
`
`proximity to the wireless proximity reader.
`[0049] According to an aspect of the invention, a
`method of controlling access to a service comprises:
`
`receiving an RF signal from a proximate wireless
`token:
`obtaining information from the RF signal;
`authenticating the information from the RF signal;
`and
`
`providing the authenticated information to a service
`provider,
`
`[0050] Advantageously, the method comprises estab-
`lishing a security boundary for the obtaining, authenti-
`cating and providing.
`authenticating comprises
`[0051] Advantageously,
`cryptographically signing the information with a key.
`[0052] Advantageously, providing comprises encrypt-
`ing the signed information.
`the method comprises re-
`[0053] Advantageously,
`questing access to a service from a service provider.
`[0054] Advantageously,
`the method comprises re-
`ceiving a challenge from the service provider in re-
`sponse to the request.
`the authenticated informa-
`[0055] Advantageously,
`tion comprises a response to the challenge.
`[0056] Advantageously, the service provider provides
`access to a service in response to the authenticated in-
`formation.
`[0057] Advantageously, the RF signal is an RFID sig-
`nal.
`
`the information comprises
`[0058] Advantageously,
`credentials associated with a user of the token.
`
`[0059] According to an aspectof the invention, an in-
`tegrated circuit comprises:
`
`a wireless proximity reader configured to receive an
`FF signal from a wireless token located within a de-
`fined proximity to the integrated circuit;
`at least one lead that is only routed within the inte-
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`grated circuit for coupling the wireless proximity
`reader to a wireless network interface; and
`a wireless network interface coupled to receive the
`information from the wireless proximity reader and
`provide the information to a port on the integrated
`circuit to send the information over a wireless net-
`work.
`
`[0060] Advantageously,
`prises a security boundary,
`[0061] Advantageously, the wireless proximity reader
`is an RFID reader.
`
`the integrated circuit com-
`
`the integrated circuit com-
`[0062] Advantageously,
`prises a cryptographic processor configured to encrypt
`or authenticate the information sent over the wireless
`network,
`[0063] Advantageously, the cryptographic processor
`uses a key to cryptographically sign the information that
`is sent over the wireless network.
`
`the wireless network inter-
`[0064] Advantageously,
`face comprisesat least one of an 802.11 media access
`controller and a Bluetooth media access controller.
`
`[0065] Advantageously, the wireless network inter-
`face comprises an 802.11 media access controller and
`a Bluetooth media access controller.
`[0066] Advantageously,
`the wireless network inter-
`face uses the information to provide authentication to
`the wireless network.
`
`[0067] Advantageously, the information comprises a
`passwordor key.
`[0068] According to an aspect of the invention, acom-
`munication system comprises:
`
`
`
`awireless proximity reader configured to receive an
`FF signal from a wireless token located within a de-
`fined proximity to the wireless proximity reader and
`configured to extract information from the received
`RF signal; and
`a key management component coupled to receive
`the information from the wireless proximity reader
`and send the information to a service provider.
`
`
`
`[0069] Advantageously, the system comprises a se-
`curity boundary within which the information is extracted
`and received.
`
`[0070] Advantageously, the key management compo-
`nent comprisesa trusted platform module.
`[0071] Advantageously, a user is authenticated to the
`trusted platform module by moving the wireless token
`within the defined proximity to the wireless proximity
`reader.
`
`[0072] Advantageously, the trusted platform module
`provides access to a protected service after the useris
`authenticated.
`
`[0073] Advantageously, the trusted platform module
`provides access to encrypted data after the user is au-
`thenticated.
`
`[0074] Advantageously, the trusted platform module
`
`

`

`7
`
`EP 1 536 306 A1
`
`8
`
`enables use of protected keys after the user is authen-
`ticated.
`[0075] Advantageously, the system comprises a net-
`work interface wherein the trusted platform module pro-
`vides access to a network via the networkinterface after
`the user is authenticated.
`
`[0076] Advantageously, the network interface com-
`prises a wireless interface.
`[0077] Advantageously, the network interface com-
`prisesat least one of an 802.11 network interface and a
`Bluetooth network interface.
`[0078] Advantageously, the network interface com-
`prises an 802.11 network interface and a Bluetooth net-
`work interface.
`
`[0079] Advantageously, the system comprises a serv-
`ice provider configured to provide access to data anda
`service.
`[0080] Advantageously, the system comprises a serv-
`ice provider configured to supply cryptographic keys.
`[0081] Advantageously, the wireless proximity reader
`is included within a boundary of the key management
`component.
`[0082] Advantageously, the wireless proximity reader
`is an RFID reader.
`
`[0083] According to an aspect of the invention, a
`method of providing access to a service comprises:
`
`receiving an RF signal from a proximate wireless
`token;
`
`obtaining information from the RF signal;
`authenticating the information to a key manage-
`ment component; and
`providing, by the key management component, ac-
`cess to a service.
`
`[0084] Advantageously, the method comprises estab-
`lishing a security boundary for the receiving, obtaining,
`authenticating and providing.
`[0085] Advantageously, at least a portion of the secu-
`rity boundary comprises a cryptographic boundary.
`[0086] Advantageously, at least a portion of the secu-
`rity boundary comprises an integratedcircuit.
`[0087] Advantageously, the method comprises au-
`thenticating the information and providing the authenti-
`cated information to a service provider.
`[0088] Advantageously, authenticating the informa-
`tion comprises cryptographically signing the information
`with a key.
`[0089] Advantageously, the key management compo-
`nent comprisesa trusted platform module.
`[0090] Advantageously, the trusted platform module
`enables key usage after the user is authenticated.
`[0091] Advantageously, the trusted platform module
`enables access to processing resourcesafter the user
`is authenticated.
`[0092] Advantageously, the trusted platform module
`enables access to data network services after the user
`is authenticated.
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`[0093] Advantageously, the RF signal is an RFID sig-
`nal.
`the information comprises
`[0094] Advantageously,
`credentials associated with a user of the token.
`
`the service comprises at
`[0095] Advantageously,
`least one of 802.11 network access and Bluetooth net-
`work access,
`[0096] Advantageously, the service comprises 802.11
`network access and Bluetooth network access.
`[0097] According to an aspectof the invention, an in-
`tegrated circuit comprises:
`
`awireless proximity reader configured to receive an
`FF signal from a wireless token located within a de-
`fined proximity to the wireless proximity reader and
`configured to extract information from the received
`RF signal; and
`at least one connection within the integrated circuit
`for coupling the wireless proximity reader to a wire-
`less networkinterface; and
`
`a key management component coupled to receive
`the information from the wireless proximity reader
`and provide the information to a port on the integrat-
`ed circuit to send the information to a service pro-
`vider.
`
`the integrated circuit com-
`[0098] Advantageously,
`prises a security boundary within which the information
`is extracted and received.
`
`
`
`[0099] Advantageously, the wireless proximity reader
`is an RFID reader.
`[0100] Advantageously, the wireless proximity reader
`is included within a boundary of the key management
`component.
`[0101] Advantageously, the key managementcompo-
`nent comprises a trusted platform module.
`[0102] Advantageously,the wireless proximity reader
`is included within a boundary of the trusted platform
`module.
`the integrated circuit com-
`[0103] Advantageously,
`prises a network interface wherein the trusted platform
`module provides access to a network via the network
`interface after the user is authenticated.
`
`[0104] Advantageously, the network interface com-
`prises a wireless interface.
`(0105) Advantageously, the wireless network inter-
`face comprisesat least one of an 802.11 networkinter-
`face and a Bluetooth networkinterface.
`
`the wireless network inter-
`[0106] Advantageously,
`face comprises an 802.11 network interface and a Blue-
`tooth network interface.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`[0107] These and other features, aspects and advan-
`tages of the present invention will be more fully under-
`stood when considered with respect to the following de-
`tailed description, appended claims and accompanying
`
`

`

`9
`
`EP 1 536 306 A1
`
`10
`
`drawings, wherein:
`
`20
`
`25
`
`30
`
`35
`
`from those of the disclosed embodiments. Consequent-
`ly, the specific structural and functional details disclosed
`herein are merely representative and do notlimit the
`1 is a simplified block diagram of one embod-
`FIG.
`scope of the invention.
`iment of a proximity-based authentication system
`constructed in accordance with the invention;
`
`[0110] Figure1illustrates one embodiment of a sys-
`FIG. 2 Is a flow chart of one embodiment of proxim-
`tem 100 where selected services may be provided to a
`ity-based authentication operations that may be
`user via a computing device only when a wireless token
`performed in accordancewith the invention;
`assigned to a user is proximate to the computing device.
`FIG. 3 is a simplified block diagram of one embod-
`Operations of the system 100 will be explained in more
`iment of a proximity-based authentication system
`detail in conjunction with the flowchart of Figure 2.
`constructed in accordancewith the invention;
`[0111] Asrepresented by block 202 in Figure 2 an ac-
`FIG. 4 is a flow chart of one embodiment of proxim-
`cess device 102 (Figure 1) such as a computerincludes
`ity-based authentication operations that may be
`components that may be used to determine whether a
`performed in accordancewith the invention;
`wireless token 104 assigned to a user or users is prox-
`FIG. 5 is a simplified block diagram of one embod-
`imate to the access device 102. For example, a wireless
`iment of a proximity-based network authentication
`proximity reader 106 may be configured to receivesig-
`system constructed in accordance with the inven-
`nals 108 (e.g., RF signals) from the wireless proximity
`tion;
`token 104. The signals 108 mayinclude information that
`FIG. 6 is a simplified block diagram of one embod-
`uniquely identifies the wireless proximity token 104. In
`iment of a proximity-based wireless network au-
`addition, this information may include one or more cre-
`thentication system constructed in accordance with
`dentials (e.g., a password) that may be used to access
`the invention;
`a secured service provided by a service provider 110.
`FIG. 7 is a flow chart of one embodiment of proxim-
`[0112] The determination of proximity betweenthe to-
`ity-based network authentication operations that
`ken 104 and the reader 106 may be established using
`may be performedin accordancewith the invention:
`a variety of mechanisms depending on the application.
`FIG. 8 is a simplified block diagram of one embod-
`In some embodiments, the token will not generate sig-
`iment of proximity-based authentication for a trust-
`nals until it is within a given distanceof the reader. This
`ed platform module constructed in accordance with
`may be accomplished, for example, by using a relatively
`the invention;
`passive token that intercepts signals transmitted by the
`FIG. 9 is a flow chart of one embodiment of proxim-
`reader and transmits signals in response to the received
`ity-based authentication operations for a trusted
`signals. Different distances between the token 104 and
`platform module that may be performed in accord-
`the reader 106 maybe defined asindicative of proximity
`ance with the invention;
`depending on the requirements of the application and,
`FIG. 10 is a simplified block diagram of one embod-
`in some cases, characteristics of the operating environ-
`ment.
`iment of an integrated circuit
`including a trusted
`platform module constructed in accordancewith the
`invention; and
`FIG. 11 is a simplified block diagram of one embod-
`iment of proximity-based authentication for a trust-
`ed platform module constructed in accordance with
`the invention.
`
`40
`
`In accordance with commonpractice the vari-
`[0108]
`ous features illustrated in the drawings may not be
`drawnto scale. Accordingly, the dimensionsof the var-
`ious features may be arbitrarily expanded or reduced for
`clarity. In addition, some of the drawings may be simpli-
`fied for clarity. Thus, the drawings may not depict all of
`the components of a given apparatus or method. Finally,
`like reference numerals denotelike features throughout
`the specification and figures.
`
`DETAILED DESCRIPTION
`
`[0109] The invention is described below, with refer-
`enceto detailed illustrative embodiments. It will be ap-
`parent that the invention may be embodied in a wide
`variety of forms, some of which may be quite different
`
`45
`
`50
`
`55
`
`[0113] As represented by block 204, the access de-
`vice 102 may request access to a service from the serv-
`ice provider 110 by sending a signal over a communica-
`tion media 112. Depending upon the particular applica-
`tion, the communication media 112 may comprise, for
`example, electric wires, optical cables or air.
`[0114] Typically, access to the service will be initiated
`by the user's interaction with the access device 102. For
`example, the user may use a keyboard or pointing de-
`vice (@.g., a computer mouse) to requestthe service. In
`conjunction with this the user may be asked to input a
`password and/or provide a biometric (e.g., a fingerprint)
`to a biometric reader to further verify the authenticity of
`the user.In this way, access to a service maybe restrict-
`ed until the user satisfies one or more verification que-
`ries including, for example, what the user knows(e.g.,
`a password), what the user possesses (e.g., a token)
`and whothe useris (e.g., a physical or biometric char-
`acteristic).
`[0115]
`Insome embodiments, the access device 102
`may automatically request a predefined service once
`the user places the token 104 proximate the access de-
`vice 102. For example, the access device 102 mayin-
`
`

`

`11
`
`EP 1 536 306 A1
`
`12
`
`clude a database (not shown) that matches a given to-
`ken (or information from the token) with one or more de-
`fault services. Thus, when a token associated with de-
`fault services approaches the access device 102, the
`access device 102 may automatically request the serv-
`ices from the service provider 110.
`[0116] As represented by block 206, the access de-
`vice 102 may send authentication-related information to
`the service provider 110 to indicate that the token 104
`is proximate to the access device 102. For example, the
`access device 102 may include an authentication com-
`ponent 116 such that the determination of whether the
`token 104 is proximate the access device 102 is per-
`formed in a secure manner. In addition, the information
`provided by the token may be maintained within the ac-
`cess device 102 in a secure manner. For example, the
`information may only pass between the reader 106 and
`the authentication component 114 via a connection 116
`within a common integratedcircuit.
`[0117]
`In addition, the authentication component 114
`may be in secure communication with the service pro-
`vider 110. This may be accomplished, for example, by
`placing the authentication component 114 and the serv-
`ice provider 110 on the same integratedcircuit or within
`secured hardware. In addition, a cryptographically se-
`cured communication channel may be established be-
`tween the authentication component 114 and the serv-
`ice provider 110.
`[0118]
`In some embodiments, the authentication in-
`formation mayinclude information from the token. In the
`case where the communications over the media 112
`may be cryptographically secured, the authentication
`component 114 may process (e.g., encrypt or sign) the
`information before sending it to the service provider 110.
`Since communications from the access device 102 may
`be trusted in this example, the authentication compo-
`nent 114 thereby provides a cryptographically reliable
`authentication that the information is from a specific to-
`ken that is proximate that particular access device. In
`other words the encryption or cryptographic signing of
`the information may provide the necessary authentica-
`tion.
`
`[0119] After the service provider 110 has received an
`authenticated indication that the token is proximate the
`access device 102, the service provider 110 may then
`enable accessto the requested service (block 208). This
`process mayinvolve verifying that the information sent
`from the token 104 includes a credential associated with
`an authorized user and or access device.
`
`[0120] As used herein the term service mayinclude,
`for example, access to data and/or a data processing
`service. Thus, a service may enable an access device
`to, for example, read or write data in a data memory,
`access encrypted data, use cryptographic keys, gain ac-
`cess to cryptographic material such as security associ-
`ations and keys, access a web page, accessa data net-
`work or access a processing application.
`[0121] As used herein the term data mayinclude any
`
`information that may be accessed by a computing de-
`vice including, for example, data files, passwords and
`cryptographic security associations including keys.
`[0122] As used herein the term access may include,
`for example, acquiring, using, invoking, ete. Thus, data
`may be accessed by providing a copy of the data to the
`access device. Data also may be accessed by enabling
`the access device to manipulate or use the data. As an
`example of the latter, once a user has been authorized
`to access a service a trusted platform module may use
`keys to perform operations for the user. For a data net-
`work, access mayinclude, for example, sending and/or
`receiving data over the network. For a processing appli-
`cation access mayinclude, for example, invoking, inter-
`acting with or using the application or loading the appli-
`cation onto the access device.
`[0123]
`A service provider may comprise hardware
`and/or software that facilitate providing a service. For
`example, a service provider may consist of a processing
`system