ATE536591T1 - VERFAHREN UND SYSTEM ZUR VEREITELUNG VON ßMAN IN THE MIDDLEß HACKING TECHNIKEN - Google Patents
VERFAHREN UND SYSTEM ZUR VEREITELUNG VON ßMAN IN THE MIDDLEß HACKING TECHNIKENInfo
- Publication number
- ATE536591T1 ATE536591T1 AT09757431T AT09757431T ATE536591T1 AT E536591 T1 ATE536591 T1 AT E536591T1 AT 09757431 T AT09757431 T AT 09757431T AT 09757431 T AT09757431 T AT 09757431T AT E536591 T1 ATE536591 T1 AT E536591T1
- Authority
- AT
- Austria
- Prior art keywords
- user
- ippw
- password
- secure
- web site
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Information Transfer Between Computers (AREA)
- Computer And Data Communications (AREA)
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US12/132,203 US8055587B2 (en) | 2008-06-03 | 2008-06-03 | Man in the middle computer technique |
| PCT/EP2009/056500 WO2009147049A2 (en) | 2008-06-03 | 2009-05-28 | Method and system for defeating the man in the middle computer hacking technique |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| ATE536591T1 true ATE536591T1 (de) | 2011-12-15 |
Family
ID=41380876
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| AT09757431T ATE536591T1 (de) | 2008-06-03 | 2009-05-28 | VERFAHREN UND SYSTEM ZUR VEREITELUNG VON ßMAN IN THE MIDDLEß HACKING TECHNIKEN |
Country Status (8)
| Country | Link |
|---|---|
| US (1) | US8055587B2 (https=) |
| EP (1) | EP2232811B1 (https=) |
| JP (1) | JP4921614B2 (https=) |
| KR (1) | KR20110014177A (https=) |
| CN (1) | CN102027728B (https=) |
| AT (1) | ATE536591T1 (https=) |
| CA (1) | CA2706582C (https=) |
| WO (1) | WO2009147049A2 (https=) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102377572B (zh) * | 2011-11-23 | 2014-01-29 | 广东南方信息安全产业基地有限公司 | 基于线性移位的双向认证方法 |
| US8800004B2 (en) | 2012-03-21 | 2014-08-05 | Gary Martin SHANNON | Computerized authorization system and method |
| US8954004B1 (en) | 2012-09-20 | 2015-02-10 | Trend Micro Incorporated | Systems and methods for accessing websites using smartphones |
| US10693893B2 (en) | 2018-01-16 | 2020-06-23 | International Business Machines Corporation | Detection of man-in-the-middle in HTTPS transactions independent of certificate trust chain |
Family Cites Families (52)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5875296A (en) * | 1997-01-28 | 1999-02-23 | International Business Machines Corporation | Distributed file system web server user authentication with cookies |
| US6085224A (en) * | 1997-03-11 | 2000-07-04 | Intracept, Inc. | Method and system for responding to hidden data and programs in a datastream |
| US6112240A (en) * | 1997-09-03 | 2000-08-29 | International Business Machines Corporation | Web site client information tracker |
| US6092196A (en) * | 1997-11-25 | 2000-07-18 | Nortel Networks Limited | HTTP distributed remote user authentication system |
| US6304906B1 (en) * | 1998-08-06 | 2001-10-16 | Hewlett-Packard Company | Method and systems for allowing data service system to provide class-based services to its users |
| US6205480B1 (en) * | 1998-08-19 | 2001-03-20 | Computer Associates Think, Inc. | System and method for web server user authentication |
| US6374359B1 (en) * | 1998-11-19 | 2002-04-16 | International Business Machines Corporation | Dynamic use and validation of HTTP cookies for authentication |
| US6985953B1 (en) * | 1998-11-30 | 2006-01-10 | George Mason University | System and apparatus for storage and transfer of secure data on web |
| US6714926B1 (en) * | 1999-02-02 | 2004-03-30 | Amazon.Com, Inc. | Use of browser cookies to store structured data |
| US7155605B1 (en) * | 1999-03-31 | 2006-12-26 | Lenovo (Singapore) Pte. Ltd. | Data processing system and method for maintaining secure data blocks |
| US6751654B2 (en) * | 1999-03-31 | 2004-06-15 | International Business Machines Corporation | Simulating web cookies for non-cookie capable browsers |
| US6226752B1 (en) * | 1999-05-11 | 2001-05-01 | Sun Microsystems, Inc. | Method and apparatus for authenticating users |
| US7188181B1 (en) * | 1999-06-30 | 2007-03-06 | Sun Microsystems, Inc. | Universal session sharing |
| US6976077B1 (en) * | 1999-07-06 | 2005-12-13 | Microsoft Corporation | Automatic and transparent synchronization of server-side state information with a client application |
| US6789115B1 (en) * | 1999-07-09 | 2004-09-07 | Merrill Lynch & Company | System for collecting, analyzing, and reporting high volume multi-web server usage |
| US6970933B1 (en) * | 1999-07-15 | 2005-11-29 | F5 Networks, Inc. | Enabling application level persistence between a server and another resource over a network |
| US6851060B1 (en) * | 1999-07-15 | 2005-02-01 | International Business Machines Corporation | User control of web browser user data |
| US7287084B1 (en) * | 1999-07-15 | 2007-10-23 | F5 Networks, Inc. | Enabling encryption of application level persistence between a server and a client |
| US20010027439A1 (en) * | 1999-07-16 | 2001-10-04 | Holtzman Henry N. | Method and system for computerized form completion |
| US6651217B1 (en) * | 1999-09-01 | 2003-11-18 | Microsoft Corporation | System and method for populating forms with previously used data values |
| US6909785B1 (en) * | 1999-11-11 | 2005-06-21 | Qualcomm, Inc. | Method and apparatus for efficient irregular synchronization of a stream cipher |
| US6725269B1 (en) * | 1999-12-02 | 2004-04-20 | International Business Machines Corporation | System and method for maintaining multiple identities and reputations for internet interactions |
| JP2001274786A (ja) * | 2000-01-21 | 2001-10-05 | Victor Co Of Japan Ltd | コンテンツ情報伝送方法、コンテンツ情報記録方法、コンテンツ情報伝送装置、コンテンツ情報記録装置、伝送媒体、及び記録媒体 |
| US6751736B1 (en) * | 2000-03-14 | 2004-06-15 | International Business Machines Corporation | Method and apparatus for E-commerce by using optional fields for virtual bar codes |
| US7200863B2 (en) * | 2000-05-16 | 2007-04-03 | Hoshiko Llc | System and method for serving content over a wide area network |
| US6714930B1 (en) * | 2000-05-31 | 2004-03-30 | International Business Machines Corporation | Lightweight directory access protocol, (LDAP) trusted processing of unique identifiers |
| US6836845B1 (en) * | 2000-06-30 | 2004-12-28 | Palm Source, Inc. | Method and apparatus for generating queries for secure authentication and authorization of transactions |
| US7194764B2 (en) * | 2000-07-10 | 2007-03-20 | Oracle International Corporation | User authentication |
| US7124203B2 (en) * | 2000-07-10 | 2006-10-17 | Oracle International Corporation | Selective cache flushing in identity and access management systems |
| US7249369B2 (en) * | 2000-07-10 | 2007-07-24 | Oracle International Corporation | Post data processing |
| US6973580B1 (en) * | 2000-07-13 | 2005-12-06 | International Business Machines Corporation | System and method for alerting computer users of digital security intrusions |
| US7010605B1 (en) * | 2000-08-29 | 2006-03-07 | Microsoft Corporation | Method and apparatus for encoding and storing session data |
| JP2002091828A (ja) * | 2000-09-18 | 2002-03-29 | Sharp Corp | データ処理装置および記憶装置、並びに、それらを使用したデータ転送システム |
| US7085744B2 (en) * | 2000-12-08 | 2006-08-01 | International Business Machines Corporation | Method and system for conducting a transaction over a network |
| US7185364B2 (en) * | 2001-03-21 | 2007-02-27 | Oracle International Corporation | Access system interface |
| US7020705B2 (en) * | 2001-04-26 | 2006-03-28 | Intel Corporation | De-authenticating in security environments only providing authentication |
| US7231661B1 (en) * | 2001-06-21 | 2007-06-12 | Oracle International Corporation | Authorization services with external authentication |
| US7225256B2 (en) * | 2001-11-30 | 2007-05-29 | Oracle International Corporation | Impersonation in an access system |
| US6665634B2 (en) * | 2001-12-21 | 2003-12-16 | Hewlett-Packard Development Company, L.P. | Test system for testing dynamic information returned by a web server |
| ATE322790T1 (de) * | 2002-01-18 | 2006-04-15 | Stonesoft Corp | Ueberwachung des datenflusses zur verbesserung des netzwerksicherheitsschutzes |
| US7243368B2 (en) * | 2002-03-29 | 2007-07-10 | Hewlett-Packard Development Company, L.P. | Access control system and method for a networked computer system |
| US7100049B2 (en) * | 2002-05-10 | 2006-08-29 | Rsa Security Inc. | Method and apparatus for authentication of users and web sites |
| US7171564B2 (en) * | 2002-08-29 | 2007-01-30 | International Business Machines Corporation | Universal password generation method |
| US7334013B1 (en) * | 2002-12-20 | 2008-02-19 | Microsoft Corporation | Shared services management |
| US20040158746A1 (en) * | 2003-02-07 | 2004-08-12 | Limin Hu | Automatic log-in processing and password management system for multiple target web sites |
| US7281130B2 (en) * | 2003-07-30 | 2007-10-09 | Hewlett-Packard Development Company, L.P. | Storing authentication sequences for expedited login to secure applications |
| US7340496B2 (en) * | 2003-12-17 | 2008-03-04 | International Business Machines Corporation | System and method for determining the Nth state of linear feedback shift registers |
| US8935416B2 (en) * | 2006-04-21 | 2015-01-13 | Fortinet, Inc. | Method, apparatus, signals and medium for enforcing compliance with a policy on a client computer |
| FR2905488B1 (fr) * | 2006-09-04 | 2011-04-01 | Baracoda | Architecture d'acces a un flux de donnees au moyen d'un terminal utilisateur |
| US20080104672A1 (en) * | 2006-10-25 | 2008-05-01 | Iovation, Inc. | Detecting and preventing man-in-the-middle phishing attacks |
| US8745151B2 (en) * | 2006-11-09 | 2014-06-03 | Red Hat, Inc. | Web page protection against phishing |
| US8356345B2 (en) * | 2008-06-03 | 2013-01-15 | International Business Machines Corporation | Constructing a secure internet transaction |
-
2008
- 2008-06-03 US US12/132,203 patent/US8055587B2/en not_active Expired - Fee Related
-
2009
- 2009-05-28 CA CA2706582A patent/CA2706582C/en active Active
- 2009-05-28 EP EP09757431A patent/EP2232811B1/en active Active
- 2009-05-28 KR KR1020107027123A patent/KR20110014177A/ko not_active Ceased
- 2009-05-28 JP JP2011512071A patent/JP4921614B2/ja not_active Expired - Fee Related
- 2009-05-28 AT AT09757431T patent/ATE536591T1/de active
- 2009-05-28 CN CN2009801174366A patent/CN102027728B/zh active Active
- 2009-05-28 WO PCT/EP2009/056500 patent/WO2009147049A2/en not_active Ceased
Also Published As
| Publication number | Publication date |
|---|---|
| US20090299759A1 (en) | 2009-12-03 |
| CA2706582A1 (en) | 2009-12-10 |
| EP2232811B1 (en) | 2011-12-07 |
| WO2009147049A3 (en) | 2010-02-25 |
| CN102027728B (zh) | 2013-10-02 |
| WO2009147049A2 (en) | 2009-12-10 |
| EP2232811A2 (en) | 2010-09-29 |
| US8055587B2 (en) | 2011-11-08 |
| CA2706582C (en) | 2017-04-11 |
| CN102027728A (zh) | 2011-04-20 |
| JP4921614B2 (ja) | 2012-04-25 |
| JP2011525011A (ja) | 2011-09-08 |
| KR20110014177A (ko) | 2011-02-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Sutrala et al. | Secure anonymity-preserving password-based user authentication and session key agreement scheme for telecare medicine information systems | |
| RU2008142008A (ru) | Способы аутентификации, шифрования и декодирования идентификатора клиентского терминала и устройства для их реализации | |
| CN104394172B (zh) | 单点登录装置和方法 | |
| ATE524897T1 (de) | Verfahren und system zur authentifizierung eines benutzers mit hilfe eines mobilfunkgeräts | |
| ATE527797T1 (de) | Verfahren und einrichtungen zur benutzerauthentifikation | |
| JP2009500913A5 (https=) | ||
| WO2009022560A1 (ja) | クライアント装置、サーバ装置及びプログラム | |
| WO2008146667A1 (ja) | 匿名認証システムおよび匿名認証方法 | |
| RU2017140260A (ru) | Аутентификация в распределенной среде | |
| JP2006165678A5 (https=) | ||
| WO2007001328A3 (en) | Information-centric security | |
| BRPI0519184A2 (pt) | mÉtodos para autenticar um serviÇo remoto para um usuÁrio, e para autenticar mutuamente um usuÁrio de serviÇo remoto e um serviÇo remoto, arquitetura de software, dispositivo de autenticaÇço, e, mÉtodos para autenticar a identidade e/ou credenciais de um segundo usuÁrio para um primeiro usuÁrio, para criar um dispositivo de autenticaÇço, e, para autenticar um usuÁrio para um serviÇo remoto | |
| EP2519906A1 (en) | Method and system for user authentication | |
| EP1994674A4 (en) | AUTHENTICATION OF MOBILE NETWORK EQUIPMENT | |
| ATE523020T1 (de) | Verfahren zur synchronisierung zwischen server und mobiler vorrichtung | |
| WO2008099756A1 (ja) | クライアント装置、鍵装置、サービス提供装置、ユーザ認証システム、ユーザ認証方法、プログラム、記録媒体 | |
| WO2004046849A3 (en) | Cryptographic methods and apparatus for secure authentication | |
| SG143152A1 (en) | System and method for secure record protocol using shared knowledge of mobile user credentials | |
| WO2007137166A3 (en) | Dynamic web services system and method for use of personal trusted devices and identity tokens | |
| CN102088465A (zh) | 一种基于前置网关的HTTPCookie保护方法 | |
| CN106101160B (zh) | 一种系统登录方法及装置 | |
| GB201016672D0 (en) | Secure exchange/authentication of electronic documents | |
| WO2012058317A3 (en) | System and method for assuring identity on a mobile device | |
| BRPI0811643A2 (pt) | Protocolo de login seguro | |
| JP2006276093A5 (https=) |