System and method for securing transactions and computer resources with an untrusted network
First Claim
1. A system for securing and tracking usage of transaction services or computer resources by at least one client computer from a first server computer providing the services or resources via an untrusted network in an operating session, without necessarily controlling access to other computer resources provided by the first server computer and by other server computers and other client computers, comprising:
- clearinghouse means for storing identity data of said first server computer and the identity data of each of said client computers;
server software means installed on said first server computer adapted to forward its identity data and identity data of each client computer to said clearinghouse means at the beginning of an operating session in which access to selected services or resources of said first server computer is requested;
client software means installed on each of said client computers adapted to forward its identity data to said first server computer at the beginning of an operating session in which access to selected services or resources is requested; and
, at least one hardware key connected to the client computer, said key being adapted to generate a digital identification, which identification is part of said identity data;
said server software means installed on the first server computer being adapted to selectively request the client computer to forward said digital identification to the first server computer to thereby confirm that said hardware key is connected to said client computer;
said clearinghouse means being adapted to authenticate the identity of said client computer responsive to a request for selected services or resources of said first server computer by a client computer;
said clearinghouse means being adapted to authenticate the identity of said first server computer responsive to said client computer making the request for selected services or resources of said first server computer; and
, said clearinghouse means being adapted to permit access to said selected services or resources responsive to successful initial authentication of said first server computer and of said client computer making said request;
wherein said at least one hardware key is implemented using a hardware token access system, a magnetic card access system, a smart card access system, a biometric identification access system or a central processing unit with a unique embedded digital identification.
3 Assignments
0 Petitions
Accused Products
Abstract
A system for securing and tracking usage of transaction services or computer resources by a client computer from a first server computer, which includes clearinghouse means for storing identity data of the first server computer and the client computer(s); server software means and client software means adapted to forward its identity data and identity data of the client computer(s) to the clearinghouse means at the beginning of an operating session; and a hardware key connected to the client computer, the key being adapted to generate a digital identification as part of the identity data; wherein the hardware key is implemented using a hardware token access system, a magnetic card access system, a smart card access system, a biometric identification access system or a central processing unit with a unique embedded digital identification.
315 Citations
21 Claims
-
1. A system for securing and tracking usage of transaction services or computer resources by at least one client computer from a first server computer providing the services or resources via an untrusted network in an operating session, without necessarily controlling access to other computer resources provided by the first server computer and by other server computers and other client computers, comprising:
-
clearinghouse means for storing identity data of said first server computer and the identity data of each of said client computers;
server software means installed on said first server computer adapted to forward its identity data and identity data of each client computer to said clearinghouse means at the beginning of an operating session in which access to selected services or resources of said first server computer is requested;
client software means installed on each of said client computers adapted to forward its identity data to said first server computer at the beginning of an operating session in which access to selected services or resources is requested; and
,at least one hardware key connected to the client computer, said key being adapted to generate a digital identification, which identification is part of said identity data;
said server software means installed on the first server computer being adapted to selectively request the client computer to forward said digital identification to the first server computer to thereby confirm that said hardware key is connected to said client computer;
said clearinghouse means being adapted to authenticate the identity of said client computer responsive to a request for selected services or resources of said first server computer by a client computer;
said clearinghouse means being adapted to authenticate the identity of said first server computer responsive to said client computer making the request for selected services or resources of said first server computer; and
,said clearinghouse means being adapted to permit access to said selected services or resources responsive to successful initial authentication of said first server computer and of said client computer making said request;
wherein said at least one hardware key is implemented using a hardware token access system, a magnetic card access system, a smart card access system, a biometric identification access system or a central processing unit with a unique embedded digital identification. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
Specification