WO2000067447A1 - Improvements in and relating to secure data transmission - Google Patents

Improvements in and relating to secure data transmission Download PDF

Info

Publication number
WO2000067447A1
WO2000067447A1 PCT/IE2000/000050 IE0000050W WO0067447A1 WO 2000067447 A1 WO2000067447 A1 WO 2000067447A1 IE 0000050 W IE0000050 W IE 0000050W WO 0067447 A1 WO0067447 A1 WO 0067447A1
Authority
WO
WIPO (PCT)
Prior art keywords
server
certificate
text string
applet
private key
Prior art date
Application number
PCT/IE2000/000050
Other languages
French (fr)
Inventor
Michael Bleahen
William Waller
Paraic Fahey
Original Assignee
Michael Bleahen
William Waller
Paraic Fahey
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Michael Bleahen, William Waller, Paraic Fahey filed Critical Michael Bleahen
Priority to AU44262/00A priority Critical patent/AU4426200A/en
Publication of WO2000067447A1 publication Critical patent/WO2000067447A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information

Definitions

  • the present invention relates to a secure data transmission and in particular to a method for ensuring the authenticity and privacy of data transmission between two or more computer systems.
  • E-Commerce Electronic commerce
  • Cryptography is normally used.
  • the sender and receiver of a data message both know and use the same secret key.
  • the sender uses the secret key to encrypt the message and the receiver decrypts the message using the same secret key.
  • This is known as symmetric cryptography.
  • Symmetric cryptography requires the sender and receiver to agree on the secret key without a third party discovering the key. This can prove problematic when the sender and receiver are in separate physical locations, as a transmission medium, which cannot always be guaranteed, is required to communicate the secret key. If a third party intercepts the key in transit they can use the key to read, modify, or forge messages encrypted or authenticated using that key. This destroys user confidence in the transmission system and is therefore not ideally suited to Ecommerce applications.
  • Public-key cryptography has been developed.
  • Public-key cryptosystems have two primary uses, encryption and digital signatures.
  • sender and receiver each have a pair of keys, one called the public key and the other called the private key.
  • the public key is published, while the private key is kept secret.
  • the need for the sender and receiver to share secret information is eliminated as all data communications involve only public keys and no private key is ever transmitted or shared greatly increasing the trust level in the overall system.
  • Public keys must, however, be associated with their users in an authenticated manner. In these types of systems, anyone can send a confidential message by just using public information and the message can only be decrypted with a private key, which is in the sole possession of the intended recipient.
  • public-key cryptography can also be used for authentication often referred to as digital signatures.
  • a sender performs a computation involving both the sender's private key and the data message.
  • the output is called a digital signature and is attached to the message.
  • the recipient does a computation involving the data message, the purported signature, and the sender's public key. If the result is correct according to a simple, prescribed mathematical relation, the signature is verified to be genuine, otherwise, the signature is fraudulent or the message may have been altered.
  • certification and certificates have been developed. These certificates allow for the possibility of accessing other public keys and making public one's own public key in a manner, which allows legitimate retrieval of public keys but prevents impersonation. Such certificates require authentication of the identity and the public key of an individual before issuing a certificate. Even using such certificates, users are still required to store their private keys securely, so no intruder can obtain them, yet the keys must be readily accessible for legitimate use. Therefore, passing a private key for authentication to a vendor fundamentally compromises system integrity in a manner, which is unacceptable to most users.
  • Ecommerce environment of the type having an authentication server, a web server and an applet, the method controlling data communications between the authentication server, web server, applet and a secure private key server, the method performing the steps of: -
  • the method comprises the further steps of: -
  • a method of generating a certificate operating in a data communication system having a web server, a certification authority, an applet and a secure private key server the method performing the steps of: -
  • Fig.l is a block diagram showing an Ecommerce environment implementing a method for secure data communication in accordance with the invention.
  • Fig.2 is a block diagrammatic view of a method of generating a certificate for use in the invention.
  • Fig.1 there is shown a block diagram illustrating a method for secure data communication in accordance with the invention indicated generally by the reference numeral 1.
  • reference numeral 1 a block diagram illustrating a method for secure data communication in accordance with the invention indicated generally by the reference numeral 1.
  • references to specific computer systems, performance details, communications media, protocols, timing, ports and the like have been omitted.
  • ECC electronic commerce chip
  • the method for secure data communication 1 is illustrated in use in an Ecommerce environment having an authentication server 2, a web server 3, a secure private key server 4 and an applet 5.
  • the method begins by downloading the applet 5 from a vendor web site in response to a data communication request to purchase a service or product.
  • the applet 5 requests a copy of the vendor's certificate from the web site.
  • the certificate is extracted to generate a certificate-received signal.
  • the certificate-received signal causes the applet to automatically initiate an authentication request, transmitted to the vendor's authentication server. This authentication request interrogates the authentication server and requests return transmission of a server authentication certificate.
  • the vendor transmits a vendor certificate to the applet.
  • the vendor's public key is automatically extracted from the vendor certificate within the applet upon receipt.
  • the client then loads a client certificate into the applet and simultaneously transmits the client certificate to the authentication server.
  • the Authentication Server receives the client certificate and extracts a client public key from the client certificate. At the same time, the client public key is automatically extracted from the client certificate by the applet.
  • authentication begins by initialisation of the secure private key server 4.
  • the client loads his/her own certificate into the secure private key server.
  • a client private key is then loaded into the secure private key server 4 generating an auto authenticate signal for transmission to the authentication server requesting initialisation of a new authentication process.
  • the authentication server retrieves a predefined text string from a local memory and encrypts the text string to generate a cipher text string using the client public key on receipt of the authenticate signal. This cipher text string is then transmitted to the applet for further processing.
  • the applet receives the cipher text string from the authentication server and routes the cipher text string to the secure private key server.
  • the secure private key server When the secure private key server receives the entire cipher text string it decrypts the cipher text string to extract a decrypted text string using the client private key. The decrypted text string is then transferred to the applet.
  • the applet in turn encrypts the decrypted text string received from the secure private key server with the Vendor public key extracted from the vendor certificate described above to generate a vendor encoded text string.
  • the vendor encoded text string is then sent to the authentication server for processing.
  • the encoded text string is received it is immediately decrypted to generate an authentication text string using the vendor private key.
  • a comparison is then performed between the authentication text string and the predefined text string from a local memory to generate a match / no match signal. If a no match signal is generated, data communication is terminated, however, a match signal shows that the client has been authenticated and the client can proceed to use the applet for further data communications.
  • the private key critical to such data communication is never beyond the user's control enhancing confidence in the overall communication system.
  • the private key is never stored on a vendors system it is not susceptible to attacks from individuals intent on fraudulent use of the key.
  • Fig. 2 there is illustrated a method of generating a certificate for use in the invention indicated generally by the reference numeral 20.
  • the method 20 operates in a data communication system having a web server 21, a certification authority 22, an applet 23 and a secure private key server 24.
  • the applet 23 gathers the required information about the person or entity requesting certification. When the applet has gathered the necessary information it is automatically packaged and transmitted to the secure private key server 24. A key pair is generated in the secure private key server 24 on receipt of the packaged information and a certificate created using the generated key pair. The certificate is then returned to the applet for onward transmission to the certification authority for signature.
  • one form of certificate contains the users identitiy, the users private key and the users public key and that another form contains only the users identity and public key.
  • the certificate containing the users private key is available only to the secure private key server and the other certificate is passed to the applet. It will also be understood that when the vendor sends its certificate to the applet that this does not contain a private key.

Abstract

A method for secure data communication for use in an electronic commerce environment of the type having an authentication server (2), a web server (3) and an applet (5). Data communications between the authentication server, web server, applet and a secure private key server (4) is controlled by generating a certificate-received signal, initiating an authentication request, requesting a server authentication certificate, extracting the vendor public key, loading a client certificate into the applet and simultaneously transmitting the client certificate to the authentication server and receiving the client certificate at the authentication server and extracting a client public key from the client certificate and simultaneously extracting the client public key from the client certificate. This overcomes the problems associated with allowing a vendor access to a users private key.

Description

IMPROVEMENTS IN AND RELATING TO SECURE DATA TRANSMISSION
The present invention relates to a secure data transmission and in particular to a method for ensuring the authenticity and privacy of data transmission between two or more computer systems.
The business of selling products and services across communication channels, such as the Internet, is now generally referred to as electronic commerce or "E-Commerce". Security and responsiveness are the principal concerns for users in all Ecommerce transactions. To provide this security, cryptography is normally used. Traditionally in cryptography, the sender and receiver of a data message both know and use the same secret key. The sender uses the secret key to encrypt the message and the receiver decrypts the message using the same secret key. This is known as symmetric cryptography. Symmetric cryptography requires the sender and receiver to agree on the secret key without a third party discovering the key. This can prove problematic when the sender and receiver are in separate physical locations, as a transmission medium, which cannot always be guaranteed, is required to communicate the secret key. If a third party intercepts the key in transit they can use the key to read, modify, or forge messages encrypted or authenticated using that key. This destroys user confidence in the transmission system and is therefore not ideally suited to Ecommerce applications.
To overcome this problem, public-key cryptography has been developed. Public-key cryptosystems have two primary uses, encryption and digital signatures. In a public-key cryptosystem, used for encryption, sender and receiver each have a pair of keys, one called the public key and the other called the private key. The public key is published, while the private key is kept secret. The need for the sender and receiver to share secret information is eliminated as all data communications involve only public keys and no private key is ever transmitted or shared greatly increasing the trust level in the overall system. Public keys must, however, be associated with their users in an authenticated manner. In these types of systems, anyone can send a confidential message by just using public information and the message can only be decrypted with a private key, which is in the sole possession of the intended recipient. The problem with this system is that the private key is of necessity, linked mathematically to the public key. Therefore, it is always possible to attack a public-key system to derive the private key from the public key. Typically, the defence against this is to make the problem of deriving the private key from the public key as difficult as possible. For example, many public-key cryptosystems are designed so that deriving the private key from the public key requires the attacker to factor a large number, it which case it is computationally infeasible to perform the derivation.
As indicated above, public-key cryptography can also be used for authentication often referred to as digital signatures. To sign a message, a sender performs a computation involving both the sender's private key and the data message. The output is called a digital signature and is attached to the message. To verify the signature, the recipient does a computation involving the data message, the purported signature, and the sender's public key. If the result is correct according to a simple, prescribed mathematical relation, the signature is verified to be genuine, otherwise, the signature is fraudulent or the message may have been altered.
A number of solutions to various aspects of public-key cryptosystems are known. For example, US Patent Nos. US 4,200,770 and US 4,218,582 (Hellman et al) show encryption as well as a means of authentication using long-term public keys as does US Patent No. 4,405,829 (Rivest et al). All of the proposed solutions provide a high level of security, however, as Ecommerce develops it is increasingly required that the senders private key be taken into a Vendor's software applet in an Ecommerce transaction to authenticate the purchase. The greatly reduces the consumers confidence in such transactions as the security of the private key is now in the hands of the vendor and beyond the control of the user. Additionally, it is possible to create code to transparently extract the private key and subsequently use the key for unauthorised transactions.
In an attempt to further enhance the security limitations described above, certification and certificates have been developed. These certificates allow for the possibility of accessing other public keys and making public one's own public key in a manner, which allows legitimate retrieval of public keys but prevents impersonation. Such certificates require authentication of the identity and the public key of an individual before issuing a certificate. Even using such certificates, users are still required to store their private keys securely, so no intruder can obtain them, yet the keys must be readily accessible for legitimate use. Therefore, passing a private key for authentication to a vendor fundamentally compromises system integrity in a manner, which is unacceptable to most users.
There is therefore a need for method for secure data communication, which will overcome the aforementioned problems.
Accordingly, there is provided a method for secure data communication for use in an
Ecommerce environment of the type having an authentication server, a web server and an applet, the method controlling data communications between the authentication server, web server, applet and a secure private key server, the method performing the steps of: -
downloading the applet from a vendor web site in response to a data communication request;
requesting a copy of a vendor certificate from the web site;
extracting a data response to generate a certificate-received signal;
automatically initiating an authentication request for transmission to the authentication server;
interrogating the authentication server and requesting return transmission of a server authentication certificate;
transmitting a vendor certificate to the applet;
automatically extracting the vendor public key from the vendor certificate within the applet; loading a client certificate into the applet and simultaneously transmitting the client certificate to the authentication server; and
receiving the client certificate at the authentication server and extracting a client public key from the client certificate and simultaneously automatically extracting the client public key from the client certificate by the applet.
Preferably, the method comprises the further steps of: -
initialising the secure private key server;
loading a certificate into the secure private key server;
loading a client private key into the secure private key server;
generating an auto authenticate signal for transmission to the authentication server requesting initialisation of a new authentication process;
retrieving a predefined text string from a local memory using the authentication server and encrypting the text string to generate a cipher text string using the client public key on receipt of the authenticate signal;
transmitting a cipher text string to the applet, receiving the cipher text string from the authentication server and routing the cipher text string to the secure private key server;
decrypting the cipher text string to extract a decrypted text string using the client private key and transferring the decrypted text string to the applet;
encrypting the decrypted text string received from the secure private key server with the vendor public key extracted from the vendor certificate to generate a vendor encoded text string; sending the vendor encoded text string to the authentication server, decrypting the encoded text string to generate an authentication text string using the vendor private key; and
comparing the authentication text string and the predefined text string to generate a match / no match signal and in response to a no match signal terminating communication or in response to a match signal for further authenticated data communications.
According to another aspect of the invention there is provided a method of generating a certificate operating in a data communication system having a web server, a certification authority, an applet and a secure private key server the method performing the steps of: -
gathering certification information in the applet and transmitting the information to the secure private key server;
generating a key pair in the secure private key server on receipt of the packaged information and a certificate created using the generated key pair; and
returning the certificate to the applet for onward transmission to the certification authority for signature.
The invention will now be described with reference to the accompanying drawings, which show, by way of example only, a method for secure data communication in which: -
Fig.l is a block diagram showing an Ecommerce environment implementing a method for secure data communication in accordance with the invention; and
Fig.2 is a block diagrammatic view of a method of generating a certificate for use in the invention. Referring to the drawings and initially to Fig.1 there is shown a block diagram illustrating a method for secure data communication in accordance with the invention indicated generally by the reference numeral 1. In order to aid clarity, references to specific computer systems, performance details, communications media, protocols, timing, ports and the like have been omitted. It will be appreciated, by those skilled in the art, that the invention may be implemented in a large number of ways including software, firmware or incorporation in an electronic commerce chip (ECC) without departing from the scope of the invention. An exhaustive recitation of possibilities would only serve to unnecessarily obscure the current invention.
The method for secure data communication 1 is illustrated in use in an Ecommerce environment having an authentication server 2, a web server 3, a secure private key server 4 and an applet 5.
In operation, the method begins by downloading the applet 5 from a vendor web site in response to a data communication request to purchase a service or product. The applet 5 then requests a copy of the vendor's certificate from the web site. Upon receiving a data response from the web site the certificate is extracted to generate a certificate-received signal. The certificate-received signal causes the applet to automatically initiate an authentication request, transmitted to the vendor's authentication server. This authentication request interrogates the authentication server and requests return transmission of a server authentication certificate. When this sequence has been completed without transmission error, the vendor then transmits a vendor certificate to the applet. The vendor's public key is automatically extracted from the vendor certificate within the applet upon receipt. The client then loads a client certificate into the applet and simultaneously transmits the client certificate to the authentication server. The Authentication Server receives the client certificate and extracts a client public key from the client certificate. At the same time, the client public key is automatically extracted from the client certificate by the applet.
Once these steps have been successfully completed, authentication begins by initialisation of the secure private key server 4. The client loads his/her own certificate into the secure private key server. A client private key is then loaded into the secure private key server 4 generating an auto authenticate signal for transmission to the authentication server requesting initialisation of a new authentication process.
The authentication server retrieves a predefined text string from a local memory and encrypts the text string to generate a cipher text string using the client public key on receipt of the authenticate signal. This cipher text string is then transmitted to the applet for further processing. The applet receives the cipher text string from the authentication server and routes the cipher text string to the secure private key server.
When the secure private key server receives the entire cipher text string it decrypts the cipher text string to extract a decrypted text string using the client private key. The decrypted text string is then transferred to the applet.
The applet in turn encrypts the decrypted text string received from the secure private key server with the Vendor public key extracted from the vendor certificate described above to generate a vendor encoded text string.
The vendor encoded text string is then sent to the authentication server for processing. When the encoded text string is received it is immediately decrypted to generate an authentication text string using the vendor private key. A comparison is then performed between the authentication text string and the predefined text string from a local memory to generate a match / no match signal. If a no match signal is generated, data communication is terminated, however, a match signal shows that the client has been authenticated and the client can proceed to use the applet for further data communications.
In this way, the private key critical to such data communication is never beyond the user's control enhancing confidence in the overall communication system. As the private key is never stored on a vendors system it is not susceptible to attacks from individuals intent on fraudulent use of the key.
It will be understood that when the invention is enacted in software that the code required is minimal by comparison with currently available alternatives. Additionally, to further promote consumer confidence in the security of the private key, it is intended to supply source code, which may be compiled by the user. This will allow customers to view the code and ensure no unauthorised caching or transmission of the private key occurs.
Referring now to Fig. 2 there is illustrated a method of generating a certificate for use in the invention indicated generally by the reference numeral 20. The method 20 operates in a data communication system having a web server 21, a certification authority 22, an applet 23 and a secure private key server 24.
In use to produce a certificate, the applet 23 gathers the required information about the person or entity requesting certification. When the applet has gathered the necessary information it is automatically packaged and transmitted to the secure private key server 24. A key pair is generated in the secure private key server 24 on receipt of the packaged information and a certificate created using the generated key pair. The certificate is then returned to the applet for onward transmission to the certification authority for signature.
It will be understood that subsequent to correct authentication any further encryption or decryption process requiring the private key will be processed by the secure private key server so that the advantages described continue.
It will further be understood that one form of certificate contains the users identitiy, the users private key and the users public key and that another form contains only the users identity and public key. The certificate containing the users private key is available only to the secure private key server and the other certificate is passed to the applet. It will also be understood that when the vendor sends its certificate to the applet that this does not contain a private key.
It will of course be understood that the invention is not limited to the specific details as herein described, which are given by way of example only, and that various alterations and modifications may be made without departing from the scope of the invention.

Claims

CLAIMS:
1. A method for secure data communication for use in an electronic commerce environment of the type having an authentication server (2), a web server (3) and an applet (5) characterised in that the method controls data communications between the authentication server, web server, applet and a secure private key server (4) by performing the steps of: -
downloading the applet from a vendor web site in response to a data communication request;
requesting a copy of a vendor certificate from the web site;
extracting a data response to generate a certificate-received signal;
automatically initiating an authentication request for transmission to the authentication server;
interrogating the authentication server and requesting return transmission of a server authentication certificate;
transmitting a vendor certificate to the applet;
automatically extracting the vendor public key from the vendor certificate within the applet;
loading a client certificate into the applet and simultaneously transmitting the client certificate to the authentication server; and
receiving the client certificate at the authentication server and extracting a client public key from the client certificate and simultaneously automatically extracting the client public key from the client certificate by the applet.
2. A method as claimed in claim 1 comprising the further steps of: -
initialising the secure private key server;
loading a certificate into the secure private key server;
loading a client private key into the secure private key server;
generating an auto authenticate signal for transmission to the authentication server requesting initialisation of a new authentication process;
retrieving a predefined text string from a local memory using the authentication server and encrypting the text string to generate a cipher text string using the client public key on receipt of the authenticate signal;
transmitting a cipher text string to the applet, receiving the cipher text string from the authentication server and routing the cipher text string to the secure private key server;
decrypting the cipher text string to extract a decrypted text string using the client private key and transferring the decrypted text string to the applet;
encrypting the decrypted text string received from the secure private key server with the vendor public key extracted from the vendor certificate to generate a vendor encoded text string;
sending the vendor encoded text string to the authentication server, decrypting the encoded text string to generate an authentication text string using the vendor private key; and comparing the authentication text string and the predefined text string to generate a match / no match signal and in response to a no match signal terminating communication or in response to a match signal for further authenticated data communications.
A method of generating a certificate operating in a data communication system having a web server, a certification authority, an applet and a secure private key server by performing the steps of: -
gathering certification information in the applet and transmitting the information to the secure private key server;
generating a key pair in the secure private key server on receipt of the packaged information and a certificate created using the generated key pair; and
returning the certificate to the applet for onward transmission to the certification authority for signature.
A method substantially as herein described with reference to and as shown in the accompanying drawings.
PCT/IE2000/000050 1999-04-29 2000-05-02 Improvements in and relating to secure data transmission WO2000067447A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU44262/00A AU4426200A (en) 1999-04-29 2000-05-02 Improvements in and relating to secure data transmission

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IES990359 1999-04-29
IE990359 1999-04-29

Publications (1)

Publication Number Publication Date
WO2000067447A1 true WO2000067447A1 (en) 2000-11-09

Family

ID=11042054

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IE2000/000050 WO2000067447A1 (en) 1999-04-29 2000-05-02 Improvements in and relating to secure data transmission

Country Status (2)

Country Link
AU (1) AU4426200A (en)
WO (1) WO2000067447A1 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003102775A2 (en) * 2002-05-30 2003-12-11 Koninklijke Philips Electronics N.V. Configuration of software applications on a target terminal
US6986037B1 (en) * 2000-04-07 2006-01-10 Sendmail, Inc. Electronic mail system with authentication/encryption methodology for allowing connections to/from a message transfer agent
US9240887B2 (en) 2014-05-02 2016-01-19 Dell Products L.P. Off-host authentication system
US9300664B2 (en) 2014-05-02 2016-03-29 Dell Products L.P. Off-host authentication system
US11101983B2 (en) 2016-02-05 2021-08-24 Ncipher Security Limited Method of data transfer, a method of controlling use of data and a cryptographic device

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0817103A2 (en) * 1996-06-28 1998-01-07 Sun Microsystems, Inc. System and method for on-line multimedia access
WO1999005813A2 (en) * 1997-07-23 1999-02-04 Visto Corporation User authentication applet in a computer network

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0817103A2 (en) * 1996-06-28 1998-01-07 Sun Microsystems, Inc. System and method for on-line multimedia access
WO1999005813A2 (en) * 1997-07-23 1999-02-04 Visto Corporation User authentication applet in a computer network

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
PAONE J: "PKI provides a base for secure transactions", COMPUTERS & SECURITY. INTERNATIONAL JOURNAL DEVOTED TO THE STUDY OF TECHNICAL AND FINANCIAL ASPECTS OF COMPUTER SECURITY,NL,ELSEVIER SCIENCE PUBLISHERS. AMSTERDAM, vol. 16, no. 7, 1997, pages 620 - 621, XP004099324, ISSN: 0167-4048 *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6986037B1 (en) * 2000-04-07 2006-01-10 Sendmail, Inc. Electronic mail system with authentication/encryption methodology for allowing connections to/from a message transfer agent
WO2003102775A2 (en) * 2002-05-30 2003-12-11 Koninklijke Philips Electronics N.V. Configuration of software applications on a target terminal
WO2003102775A3 (en) * 2002-05-30 2004-10-28 Koninkl Philips Electronics Nv Configuration of software applications on a target terminal
US9240887B2 (en) 2014-05-02 2016-01-19 Dell Products L.P. Off-host authentication system
US9300664B2 (en) 2014-05-02 2016-03-29 Dell Products L.P. Off-host authentication system
US9577994B2 (en) 2014-05-02 2017-02-21 Dell Products L.P. Off-host authentication system
US9667602B2 (en) 2014-05-02 2017-05-30 Dell Products L.P. Off-host authentication system
US11101983B2 (en) 2016-02-05 2021-08-24 Ncipher Security Limited Method of data transfer, a method of controlling use of data and a cryptographic device
US11849029B2 (en) 2016-02-05 2023-12-19 Ncipher Security Limited Method of data transfer, a method of controlling use of data and cryptographic device

Also Published As

Publication number Publication date
AU4426200A (en) 2000-11-17

Similar Documents

Publication Publication Date Title
US5784463A (en) Token distribution, registration, and dynamic configuration of user entitlement for an application level security system and method
US5602918A (en) Application level security system and method
EP1520392B1 (en) Method of preventing unauthorized distribution and use of electronic keys using a key seed
JP4638990B2 (en) Secure distribution and protection of cryptographic key information
US7387240B2 (en) System and method of secure information transfer
JP3193610B2 (en) Communications system
CA2446304C (en) Use and generation of a session key in a secure socket layer connection
US6826686B1 (en) Method and apparatus for secure password transmission and password changes
US8209753B2 (en) Universal secure messaging for remote security tokens
US20060195402A1 (en) Secure data transmission using undiscoverable or black data
WO2005045617A2 (en) Portable security transaction protocol
EP1081891A2 (en) Autokey initialization of cryptographic devices
US20020018570A1 (en) System and method for secure comparison of a common secret of communicating devices
Kungpisdan et al. A limited-used key generation scheme for internet transactions
JP2010512036A (en) How to transmit an encrypted message
JP2001069138A (en) User verifying system on internet for shared key enciphered ic card
WO2000067447A1 (en) Improvements in and relating to secure data transmission
Gaskell et al. Integrating smart cards into authentication systems
Cheng et al. Security enhancement of an IC-card-based remote login mechanism
AU2002259074B2 (en) Use and generation of a session key in a secure socket layer connection
Khelifi et al. Open Source Cryptographic Algorithm to Better Secure E-Banking Services and Enhance its Protection Techniques
Kossew State of the Art Security in Internet Banking
KADIRIRE ONLINE TRANSACTIONS’SECURITY
Renu et al. INTERNATIONAL JOURNAL OF ENGINEERING SCIENCES & RESEARCH TECHNOLOGY A Noval Approach on Online Transaction Protocols
KR20050018982A (en) Method of preventing unauthorized distribution and use of electronic keys using a key seed

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP