Secure access to secure access module-enabled machine using personal security device

What is claimed is: 1 . A method for accessing a secure host device using a personal security device (PSD) of a user, comprising: providing the PSD with a credential for accessing the secure host device, wherein the credential is only readable from or operable with the PSD when a secure channel is established between the PSD and the secure host device after presenting the PSD in a non-contact field of a reader monitored by the secure host device; establishing the secure channel with the PSD using keys stored and operated on the secure host device; and securely releasing the credential of the PSD to a requesting component of the secure host device to achieve access by the user to the secure host device when the PSD is presented in the non-contact field. 2 . The method according to claim 1 , wherein the requesting component is an operating system (OS) of the secure host device, and wherein the credential is an OS credential. 3 . The method according to claim 1 , wherein the requesting component is an application running on the secure host device. 4 . The method according to claim 1 , wherein the credential is a one-time password. 5 . The method according to claim 1 , wherein the PSD is at least one of: a smart card, a tag, a wearable, or a mobile terminal. 6 . The method according to claim 1 , wherein the secure host device includes a secure access module (SAM). 7 . The method according to claim 6 , wherein the SAM runs on at least one of: dedicated secure hardware of the secure host device or a main processor of the secure host device. 8 . The method according to claim 1 , wherein the establishing of the secure channel is performed in at least one of: a tethered mode of operation or a roaming mode of operation, wherein, for the tethered mode of operation, the PSD releases the credential to the secure host device only when the PSD is cryptographically bound to the secure host device, and, wherein, for the roaming mode of operation, the PSD releases the OS credential to any secure host device activated for a specific group of PSDs. 9 . The method according to claim 1 , further comprising: binding the PSD to the user to provide two factor authentication. 10 . A non-transitory computer readable medium storing software for accessing a secure host device using a personal security device (PSD) of a user, the software comprising: executable code that stores on the PSD a credential for accessing the secure host device, wherein the credential is only readable from or operable with the PSD when a secure channel is established between the PSD and the secure host device after presenting the PSD in a non-contact field of a reader monitored by the secure host device; executable code that establishes the secure channel with the PSD using keys stored and operated on the secure host device; executable code that securely releases the credential of the PSD to a requesting component of the secure host device to achieve access by the user to the secure host device when the PSD is presented in the non-contact field. 11 . The non-transitory computer readable medium according to claim 10 , wherein the requesting component is an operating system (OS) of the secure host device, and wherein the credential is an OS credential. 12 . The non-transitory computer readable medium according to claim 10 , wherein the requesting component is an application running on the secure host device. 13 . The non-transitory computer readable medium according to claim 10 , wherein the credential is a one-time password. 14 . The non-transitory computer readable medium according to claim 10 , wherein the PSD is at least one of: a smart card, a tag, a wearable, or a mobile terminal. 15 . The non-transitory computer readable medium according to claim 10 , wherein the secure host device includes a secure access module (SAM). 16 . The non-transitory computer readable medium according to claim 15 , wherein the SAM runs on at least one of: dedicated secure hardware of the secure host device or a main processor of the secure host device 17 . The non-transitory computer readable medium according to claim 10 , wherein the executable code that establishes the secure channel includes at least one of: executable code that provides a tethered mode of operation or executable code that provides a roaming mode of operation, wherein, for the tethered mode of operation, the PSD releases the credential to the secure host device only when the PSD is cryptographically bound to the secure host device, and, wherein, for the roaming mode of operation, the PSD releases the OS credential to any secure host device activated for a specific group of PSDs. 18 . The non-transitory computer readable medium according to claim 10 , further comprising: executable code that binds the PSD to the user to provide two factor authentication. 19 . A mechanism for accessing a secure host device using a personal security device (PSD) of a user, the mechanism comprising: a non-contact field reader monitored by the secure host device; and at least one processor that reads software stored on at least one computer readable medium, the software comprising: executable code that stores on the PSD a credential for accessing the secure host device, wherein the credential is only readable from or operable with the PSD when a secure channel is established between the PSD and the secure host device after presenting the PSD in the non-contact field of the reader monitored by the secure host device; executable code that establishes the secure channel with the PSD using keys stored and operated on the secure host device; executable code that securely releases the credential of the PSD to a requesting component of the secure host device to achieve access by the user to the secure host device when the PSD is presented in the non-contact field. 20 . The mechanism according to claim 19 , wherein the PSD is at least one of: a smart card, a tag, a wearable, or a mobile terminal, and wherein the secure host device includes a secure access module.