1. Technical Field
The present invention relates generally to security token access devices, and in particular to the management of connections to a security token access device that is capable of maintaining connections with multiple user devices.
2. Description of the Related Art
Security tokens are physical devices for use in authenticating a user of a computer or communication system or device to that system or device. Security tokens may comprise memory for storing financial or personal data, or private data such as private keys used in the S/MIME (Secured Multipurpose Internet Mail Extensions) encryption technique. Preferably, some of this data may be secured using a PIN (personal identification number) or a password as an access control measure, such that the user must be validated to the security token by providing the correct PIN or password before accessing the protected data stored in the token's memory. A common type of security token is a smart card, also referred to as a chip card or integrated circuit card, which is typically used in association with a smart card access devices with an embedded integrated circuit (such as a microprocessor and/or memory) for use as storage of sensitive data or user authentication. Applications of security tokens are known in the art.
Some security tokens are used in conjunction with a security token access device that establishes a communication link between the security token and the user device. The access device may store and maintain information relating to a valid communication link, such as the address of the user device, pairing information and cryptographic keys, and the like. Security information, which may include pairing information, may be required in order to have a secure connection between the access device and the user device. If the security information is not present, then a secure pairing must first be established before the user device can receive or transmit data from or to the security token.
However, access devices typically rely on a dedicated connection with the connecting device, such as a Universal Serial Bus (USB) connection between the user device and the access device, or a wireless communication link between the access device and a single connecting device. Therefore, the security token access device is effectively dedicated for use with a single user device, and cannot be used in conjunction with a further user device without first severing the connection between the first device and the access device. This is inconvenient for a user who uses multiple user devices, for example a personal computer and a mobile communication device, and requires the use of the security token and access device with the multiple user devices in order to perform secure operations with the user devices, such as digitally signing electronic messages sent from the user devices.
It is therefore desirable to provide a system and method by which a security token access device may be used with multiple user devices over a wireless connection. It is further desirable to provide a system and method for managing multiple connections from user devices to an access device to identify and remove connections to user devices that are no longer in use by an unauthorized user.