WO1999021319A2 - Method and apparatus for certificate management in support of non-repudiation - Google Patents

Method and apparatus for certificate management in support of non-repudiation Download PDF

Info

Publication number
WO1999021319A2
WO1999021319A2 PCT/US1998/022377 US9822377W WO9921319A2 WO 1999021319 A2 WO1999021319 A2 WO 1999021319A2 US 9822377 W US9822377 W US 9822377W WO 9921319 A2 WO9921319 A2 WO 9921319A2
Authority
WO
WIPO (PCT)
Prior art keywords
user
application
module
request
certificate
Prior art date
Application number
PCT/US1998/022377
Other languages
English (en)
French (fr)
Other versions
WO1999021319A3 (en
Inventor
Wajdi Abdallah
Adam Dalmatoff
Original Assignee
Interx Technologies, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Interx Technologies, Inc. filed Critical Interx Technologies, Inc.
Priority to EP98955052A priority Critical patent/EP1025551A2/de
Priority to AU11950/99A priority patent/AU1195099A/en
Publication of WO1999021319A2 publication Critical patent/WO1999021319A2/en
Publication of WO1999021319A3 publication Critical patent/WO1999021319A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • G06Q20/38215Use of certificates or encrypted proofs of transaction rights
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols

Definitions

  • the invention relates to electronic information. More particularly, the invention relates to electronic information security.
  • the invention provides a system that binds trust over the Internet, and enables real time Internet transactions and audit, while addressing security concerns and requirements.
  • the invention provides simplified authentication and authorization to users and administrators alike, and establishes a single sign-on mechanism for all Internet applications. Thus, the invention changes the dynamics of the Internet and establishes evidence that connects identity with activity, or, non-repudiation.
  • the invention provides security and audit capabilities that meet or exceed US and Internationally mandated banking regulations and standards (see Federal Deposit Insurance Corp.
  • the invention provides a system that fits easily into existing and newly created business environments and leverages both existing technology investments and business strategies. Return on investment can be realized quickly with the invention in multiple implementation scenarios.
  • Large and small organizations alike can secure Internet communications and manage Internet, Intranet and Extranet access rights enterprise-wide. Reduced start-up and operating costs offer greater opportunities for retail, business, and government trade, while the Internet provides the cost-effective communications mechanism.
  • time to market and the production cost of new services can be reduced by integrating the invention as the security, access, and audit technology into user applications and solutions.
  • the invention is completely transparent and conforms itself to existing business rules and processes.
  • the Internet provides the low cost and ubiquitous network, and the invention provides the security, control, and audit requirements that reduce fraud, theft, and misuse, while encouraging and providing for increased and higher value information exchange.
  • Fig. 1 is a block schematic diagram showing a comparison between an OSI and a TCP/IP network model
  • Fig. 2 is a block schematic diagram showing system architecture components according to the invention
  • Fig. 3 is a block schematic diagram showing inter-relation of the system architecture components shown in Fig. 2;
  • Fig. 4 is a block schematic diagram showing functions and information flows according to the invention.
  • Fig. 5 is a block schematic diagram showing a context model according to the invention.
  • Fig. 6 is a data flow diagram according to the invention.
  • Fig. 7 is a block schematic diagram showing an Internet billing application context model according to the invention.
  • Fig. 8 is a block schematic diagram showing an Internet billing application process and data model according to the invention.
  • Fig. 9 is a block schematic diagram showing functional decomposition of an Internet billing application according to the invention.
  • Fig. 10 is a block schematic diagram showing functional decomposition of an
  • FIG. 11 is a block schematic diagram of a network segmentation model according to the invention.
  • the invention is preferably situated between a server and whatever information a user is trying to access.
  • the invention manages and coordinates all HTTP traffic coming through the server and imposes the security and access rules which the owner of the system has associated with each user and each URL
  • URI is a URL plus everything that comes after the delimiter ".com.”
  • records can be kept at the Web server and records can be kept at the application, but the types of data kept on each are different and there is no way to connect the two into a continuous audit trail.
  • two different sets of records can be compared, and any discrepancies remain discrepancies because there is no method of reconciliation or audit.
  • the invention forms the link between the server and the application/URI, and establishes a continuous audit trail that can be used to enforce accountability.
  • the ID is accepted and the user is allowed access to the application.
  • the application asks for user name/password.
  • the user submits user name and password.
  • the application checks user name and password and, if all is in order, the user is allowed access to application/information.
  • the application and the server are working independently.
  • the application does not know which user or which ID has been allowed access to its log-in screen.
  • the application accepts any valid username/password without reference to the digital ID.
  • the result for example, for a person working at a bank who happens to know/find another employees username/password can access the application by submitting their digital ID to the server and the other individual's username/password to the application to be given access.
  • the vagaries of http and the World Wide Web do not allow for accountability of system users. If the bank finds a discrepancy, it can come to the person who used another's username/password and the person can say that she was not logged into the application. In fact, this person could be logged in elsewhere and showing other activities at the same time. If the bank comes to the employee signed into the application, that person can say she was not logged in with her digital ID to the server.
  • the invention provides the mechanism to connect the server and the application to form continuous and unbroken, reconcilable and auditable audit trails that establish accountability of system users.
  • the invention creates for http communications what is possible for security and audit in a client/server or mainframe application.
  • the invention performs its processes and functions for each and every data request.
  • the invention provides a system that binds trust over the Internet, and enables real time Internet transactions and audit, while addressing security concerns and requirements.
  • the invention provides simplified authentication and authorization to users and administrators alike, and establishes a single sign-on mechanism for all Internet applications.
  • the invention changes the dynamics of the Internet and establishes evidence that connects identity with activity, or, non-repudiation.
  • the invention provides security and audit capabilities that meet or exceed US and Internationally mandated banking regulations and standards (see Federal Deposit Insurance Corp.
  • the invention provides a system that fits easily into existing and newly created business environments and leverages both existing technology investments and business strategies.
  • the invention is completely transparent and conforms itself to existing business rules and processes.
  • the Internet provides the low cost and ubiquitous network, and the invention provides the security, control, and audit requirements that reduce fraud, theft, and misuse, while encouraging and providing for increased and higher value information exchange.
  • the preferred embodiment of the invention uses digital signatures, authentication, access control, data integrity, and non-repudiation to accomplish Web based security, control, and audit. This creates an environment of system trust.
  • the Internet with all its potential as a reliable commercial marketplace is established.
  • the preferred embodiment of the invention fits as a layer between the Internet and user resources that are to be protected and controlled.
  • the invention is completely configurable and designed to integrate into existing application environments to enable such environments for secure Internet eCommerce.
  • the invention provides a system that is flexible, i.e. it delivers security, control, and audit capabilities to any Internet application with any business or communication function.
  • the invention allows exchanging purchase orders, invoices, bid request, legal documents, medical records, and financial data, all with common Internet technology in standard merchant to consumer, and business-to-business processes and formats.
  • the invention provides a system that manages the components identified below to secure and control Internet connected systems and networks.
  • Digital Signatures are unique pieces of technology that are used to identify people or machines. Many different kinds of digital signatures, or digital IDs (DID) exist including SmartCards, biometrics, and digital certificates, which are most often used for Internet identification schemes. The invention can be integrated to be used with any DID, but for purposes of this document the discussion herein concentrates on digital certificates. Once a reliable and unique certificate is issued to a user's customers, business associates, and employees, the invention uses this certificate to identify the person requesting services from the user's system, and tracks their actions throughout their stay. Digital signatures enable proof positive identification over the Internet.
  • DID digital IDs
  • Authentication functions in the invention have a unique multi-layer design to offer superior security values for an Internet connected environment.
  • the invention provides a system that enforces authentication for each and every action requested from each user without negatively impacting system performance.
  • the invention performs authentication checks for both local and third party DID issuers to confirm validity and establish identity. DID and password configurations not using the invention only check these security measures at log on. In contrast thereto, the invention does this continuously. Additionally, the DID and password execute their authentication at separate and unconnected locations in the user's system.
  • the invention binds digital certificates and password together and asks for authorization, as with an ATM card. This link separates security provided by the invention, and enables real time secure communications and transactions over the Internet. To distinguish authentication further, a second layer of authentication can be enabled to enforce challenge questions if the user's security assessment requires extremely strict measures.
  • Access Control in the invention provides the ease of single Internet, Intranet, and Extranet sign-on without compromising security or application utility. Access control and authorization are used to control the information and applications which individuals and groups are permitted to access. Due to the nature of Web technology, standard Internet access control mechanisms operate only at the start of communications, but the invention provides a system that performs this function continuously for every request made to a user's system. Access control permits a sales person to access only the accounts they manage, while the sales manager can access the accounts of all the sales employees. At the same time, neither can access human resources or accounting data. The invention permits full control of access to all system users based upon their role in an organization.
  • Additional control is provided to set access rights by time, frequency, and number of visits to a specific location, thus enabling controlled product and service distribution.
  • the invention allows control over the sequence in which information is requested as well. This feature, taken for granted in a non-Internet system, further distinguishes access control and security provided by the invention.
  • Data Integrity is a crucial element in system security and has the added benefit of providing privacy to communications as well. It ensures that the information sent and received is unaltered.
  • the invention provides a system that handles data integrity functions with cryptography.
  • the invention provides protection for online communication and for data residing on the system itself. Thus, the invention prevents its own system data from being altered by only permitting it to be viewed. This is a key element in maintaining non-repudiation. Data integrity is crucial to proving that information has not been tampered with in cases of legal or company policy enforcement.
  • Non-repudiation is the capability to thwart repudiation and provides the basis for proving the identity behind each and every action made to a user's system through the Internet, Intranet, or Extranet.
  • the invention provides a system that enables clear reports that form a complete and unbroken audit trail and establishes the same accepted level of proof that is possible with non-Internet systems.
  • This unbroken Internet audit trail is what enables a protected and managed system to provide sensitive and high value information. The invention thus frees companies from the constraints of Web technology and allows product and service distribution.
  • Monitoring and alarms provide mechanisms to further protect a user's valuable information systems.
  • the invention provides a system that permits alarms to be configured should illegal or improper activities be discovered. Alarms can be set to cut communications, suspend access rights and page security personnel. The invention also maintains the records so hackers can be found and prosecuted.
  • the invention provides easy integration into existing technology systems and business processes. This allows control of all aspects of Internet, Intranet, and Extranet communications so that a user's system reflects the user's precise security, control, and audit requirements. Simple configuration screens allow for access control and flow control that can be managed by individual, group, application, file, page, date, or time, even exception handling is available. Complete monitoring and reporting data can be standardized for Internet connections streamlining security, audit, and policy management enterprise-wide.
  • the invention operates in the background, transparent to the user. The results are non-transparent, Internet technology with the addition of security and accountability.
  • the invention helps quicken return on investment because management, training, and audit requirements can be centralized and standardized, and existing technology investments are leveraged.
  • Policies and procedures for maintenance, security, and audit are designed to integrate easily into a user's existing corporate culture, as they are fully configurable. A single set of Internet access policies and procedures can be established, which both strengthens and simplifies security.
  • the invention is fully expandable. As new applications are developed or brought online, the invention's administration features simplify the introduction into a user's organization. There are no limits as to how many applications can be protected. The invention effectively secures and connects a user's organization with Web technology inside and out.
  • Extranet use of the invention lets trading partners use the Internet to communicate with a user through a standard Netscape or Microsoft browser.
  • the invention provides a system that is seamless and transparent. There is nothing to come between a user's customers and the ease of use that the Internet provides. All traditional merchant to consumer functions can be provided and carried out with confidence. Because there is no software to distribute, education and support costs are low. Customers also benefit from strong identification, and the security that any confidential data about them cannot be unknowingly misused.
  • the invention extends business-to-business transactions to even the smallest organizations as VAN functions can take place over an enabled Virtual Private Network (VPN).
  • VPN Virtual Private Network
  • Installing the invention at both ends of an Internet transmission establishes a VPN with all the access and cost savings inherent with the Internet.
  • VPN implementations incorporating the invention are stronger than standard VPN installations because security is executed at the Internet application itself.
  • the invention is preferably situated between a user's business applications and the Internet. Other VPNs establish security between the network and the Internet and cannot establish accountability at the application.
  • VPNs that incorporate the invention can process data in real time on the Internet with full accountability, and therefore meet the non-repudiation value of a WAN and VAN. Companies previously unable to afford the advantage of automated eCommerce systems can now be targeted for these services.
  • the invention provides a system that allows a user's corporate Intranet to enable employees to work under the same security and controls as found in LAN environments. Workgroup accountability is established, and the universal browser interface streamlines task processing. As employees change departments or move up in the ranks, cumbersome and costly retraining is held to a minimum. A user's staff can even access the user's system from remote locations without requiring the user to support remote access servers or use a VPN.
  • the invention binds trust to Web applications and delivers continuous security to Web communications for all system users.
  • Application owners get accountability among system users, and a mechanism that permits Internet activities to be audited with detail and non-repudiation. Any application can be made secure for the Internet. Developers can quicken time to market for future projects by incorporating the invention's security and access control functions into their solutions.
  • HTTP lacks the basics of security provisions (identification, authentication, authorization, data integrity, confidentiality, and non-repudiation).
  • HTTP developers must solve these programmatically as part of the HTTP application, but with the invention all of these security provisions are provided to the developer, and are prerequisites for secure HTTP application services.
  • the invention incorporates many advanced security features into HTTP. Digital certificates and user names are bound together, rather than operating individually thereby mimicking an ATM machine. Beyond securing the application from unauthorized users, the invention tracks all activities of all users establishing accountability of system users and HTTP non-repudiation. Security provisions are isolated from the application, thereby making application development less costly. Additionally, no additional servers are required to take advantage of the invention's powerful security functions.
  • One of the invention's objectives is to provide an improved HTTP security architecture that allows a user to concentrate on the HTTP application functions.
  • the invention provides the following security functions that developers are normally required to provide to secure HTTP applications:
  • Fig. 1 is a block schematic diagram showing a comparison between an OSI and a TCP/IP network model.
  • the Open System Interconnect (OSI) model 10 was developed by the International Standards Organization (ISO - www.iso.ch), the primary standard- setting body for data communications. Seven layers are defined to provide service subsets for LAN systems. This approach allows groups of related services to be implemented in modules, and makes designing network software more flexible.
  • the OSI model enables an environment where network users and providers can communicate in an atmosphere of trust and accountability. The names and functions of these layers are described below:
  • Physical Layer 11 Defines the electrical, mechanical, and physical interfaces to the network.
  • Data Link Layer 12 Controls the movement of data along the physical network layers. Flow control and error detection is addressed here.
  • Network Layer 13 Addresses and routes packets throughout the network.
  • Transport Layer 14 Provides transparent packet transfer mechanism between systems.
  • Session Layer 15 Establishes, manages, synchronizes and terminates session dialogues.
  • Presentation Layer 16 Encoding and decoding, compression and decompression, and encryption and decryption are handled here.
  • Application Layer 17 Provides standardized network interfacing for end user applications.
  • DARPA U.S. Defense Advanced Research Projects Agency, www.darpa.mil
  • the last layer 18 of the TCP/IP network model combines session, presentation, and application functions ⁇ e.g. mail transmission, login, video, and World Wide Web).
  • HTTP is the application layer protocol in the TCP/IP model that handles Web communication. When comparing these models it is evident that session and presentation responsibilities fall to the application layer. HTTP does not have any distinct presentation or session Layer control mechanisms. The absence of a separate and distinct session layer in HTTP makes control of
  • the invention addresses HTTP application security concerns.
  • the invention provides a system in the form of middle-ware that is located between the HTTP server and the application. This approach provides presentation and session control for the HTTP protocol.
  • the invention provides identification, authentication, authorization, access control, and non-repudiation capabilities for application users.
  • Fig. 2 is a block schematic diagram showing system architecture components within an Internet environment according to the invention. As shown in Fig. 2 the key logical system components of system architecture are:
  • Certificate Authority 22 or an Organization's internal Certificate Issuance Department
  • An Organization using the invention 23, 24 (typically including a firewall 30 between the organization and the Internet 29 ), including:
  • Fig. 3 is a block schematic diagram showing inter-relation of the system architecture components shown in Fig. 2.
  • the invention's architecture components are based on the following definitions in a secure HTTP application environment.
  • End User 21 A person with a need for a product or service available from a Service Provider Organization (SPO) 23, 24, who meets this need by interacting with an application through a SPO's Internet/Intranet ⁇ xtranet Web site using a desktop computer or other device which supports secure Internet browsing.
  • SPO Service Provider Organization
  • Business Associates, Clients, and Partner Entities 31 An entity that interacts with a SPO using a secure communication channel. This is accomplished when using Internet technology and the invention, which establishes a virtual private network for sending messages, product specifications, purchase orders, invoices, employee data, health records, all of which are highly sensitive and valuable data sets.
  • Certificate Authority 22 An organization trusted by a SPO to issue digital signatures to persons and/or machines wishing to communicate with the SPO's HTTP system.
  • Service Provider Organization 23 An organization that has an electronic product or service that fulfills end user and/or entity demand.
  • the SPO including the following elements:
  • WWW Server 26 Software that responds to incoming requests and initiates a secure connection using cryptographic mechanisms.
  • System Application 27 Software which identifies, authenticates, authorizes, and establishes HTTP user sessions, controls application flow, and tracks the end user and/or entity requests throughout a communication session.
  • Back Office System 32 The internal business processes and information systems infrastructure of a service provider organization.
  • the invention is built based on existing standards (see Table 1 below) to maximize interoperability and reduce costs.
  • the system preferably requires technology standards that are centered upon the need for HTTP based applications to achieve the same security levels found in client/server environments.
  • the standards shown in Table 1 are only examples and are provided for purposes of illustrating the presently preferred embodiment of the invention. They are not intended to be limiting with regard to the scope of the invention.
  • the commercial expansion of the Internet has led to enormous interest in developing enterprise Internet based applications.
  • the Internet is the most widely used and lowest cost communication method. Specifically, Internet-based technologies deliver:
  • An application user interface must be easy to use from the user's perspective and any necessary software must be easy to deploy and support as well.
  • World Wide Web browsers exist for a variety of platforms and are supported on desktop computers. Browser software is becoming the standard for displaying application information on user desktops.
  • the invention supports the Hypertext Markup Language (HTML), as specified by the W3C.
  • HTML Hypertext Markup Language
  • the recommended browser software is either Netscape Navigator V3.0 or later or Microsoft Internet Explorer V3.0 or later, although other browsers may be used in conjunction with the invention.
  • One aspect of the invention relies on public key certificates for identification and authentication of individuals, organization, and machines.
  • the certificates can be issued either by the organization using the invention, or a third party, such as a certificate authority using PKCS, to ensure a unique signature for non-repudiation.
  • PKCS certificate authority
  • These certificates are based on the X.509 V3 standard in the presently preferred embodiment of the invention.
  • the invention does not limit the number of issuers that can be simultaneously used to manage Internet communications.
  • European clients can use certificates issued by a trusted European authority, American clients through a trusted U.S. authority, while a company's employees worldwide use company issued certificates.
  • the invention works with all the certificate authorities that business processes require.
  • SSL is the standard of the Internet Engineering Task Force (IETF) and is in common use. This protocol covers the widest range of potential implementations of network software components. No additional software is required to use a standard Web browser ⁇ e.g. Netscape, Microsoft).
  • the presently preferred embodiment of the invention uses RSA and DES algorithms and their tool kits to assure that non-repudiation is maintained.
  • the invention provides a system that establishes and maintains HTTP application security without limiting or constricting services to be offered on the Web. To achieve these goals and provide flexibility the invention permits detailed and easily changeable encrypted configurations in place of APIs.
  • the invention provides a security architecture for any HTTP application and is completely effective in stand alone systems, as well as those connected to a corporate back-office system. Each application protected by the invention is passed parameters based upon individually established configurations. All parameters are enabled, disabled, and customized per application, per system function, per user, and per administrator.
  • the security architecture structures the invention's capabilities into platforms, models, options, and customizations.
  • Fig. 4 is a block schematic diagram showing functions and information flows according to the invention. A detailed description of each function follows:
  • Engine 40 The system engine is the controller of system operations which are based on administration configurations. The primary activities of the system engine are:
  • Identification 41 The identification function is responsible for identifying users, systems, or machines for the system engine.
  • the primary activities of the Identification function are:
  • the digital certificate validation function is responsible for validating the certificate. This function can validate all kinds of certificates, whether locally in the corporate LAN or third party certificates. In addition, it can connect to the certificate server with or without encryption. The primary activities of this function are:
  • Authentication 43 Authentication is the means of gaining confidence that remote customers or systems are who or what they claim to be. Reliable authentication is needed to enforce access control, establish accountability, and to achieve non-repudiation.
  • the authentication function verifies the user's identity with the system database.
  • the primary activities of the authentication function are: • Collect system authentication configuration from the system engine;
  • the authentication function binds the digital certificate to customer account in the following scenarios:
  • Authorization 44 The authorization function checks the user request and compares it with a pre-defined authorization profile.
  • the primary activities of the authorization function are:
  • Session Management 45 The Web server processes each HTTP request without binding it to the previous request of the same user. This makes it stateless machine.
  • the HTTP session management function is responsible for establishing sessions for all HTTP requests. The primary activities of the session management function are:
  • HTTP Application Dispatcher 46 The HTTP application dispatcher function provides the user access to applications, pages, and/or services available to them based upon their authorization profile. The primary activities of this function are:
  • the logging and non-repudiation function is responsible for keeping track of every user request and its status throughout system processing. It records this data for reporting and monitoring purposes. In addition, the data it collects can be used for generating statistics about the use of the system.
  • the primary activities of the logging and non-repudiation function are:
  • System Administration and Maintenance 48 The system administration and maintenance function is responsible for configuring, maintaining, managing, monitoring, and customizing the system.
  • the primary activities of system administration and maintenance function are:
  • FIG. 5 is a block schematic diagram showing a context model according to the invention.
  • WT-EE1 Customer
  • WT-EE2 Secure HTTP / Web Server
  • WT-EE3 MIS Department (MISD) ;
  • WT-EE4 Internet Application and URL
  • WT-EE5 Application Logs
  • WT-EE6 Certificate Authority.
  • the system initiates customer's authentication procedures, then logs the result of the procedures.
  • the system intercepts HTTP processes and initiates the authentication process based on a decision from active session manager;
  • MISD needs to maintain (Modify, Add, Delete, (MAD)) login users information
  • MISD perform the maintenance (MAD) to users login information database
  • the system provides a set of API's to consolidate system logs with the Internet application.
  • the system initiates the authentication process by requesting user name, password, and certificate;
  • the invention provides an advanced session manager for HTTP servers to provide non- repudiation mechanism for Internet/Intranet/Extranet applications using digital IDs.
  • the main functions of a system incorporating the invention are:
  • Fig. 6 is a data flow diagram according to the invention. The following discussion describes the application processes related to the invention. These entities are referenced in Fig. 6 as follows:
  • WT-01.5 Certificate Revocation
  • WT-01.6 Log User Access Information
  • the process of verification includes:
  • Certificate Revocation process If Certificate is verified through Certificate Revocation process then:
  • Log (User-Name, Start-Time, Certificate Serial Num, Last-Time, URL, and IP- Num) in the User Request log; Log (User-Name, Start-Time, Certificate Serial Num, Last-Time, URL, and IP- Num) in the User Access Information log; and
  • Preconditions User request after idle time.
  • Post Conditions Permit user to access the Internet application.
  • MISD has been authenticated and requires to maintain the users database.
  • the process also lets MISD select a user and one of the following operations:
  • MISD maintains the users database options:
  • Process displays a form to collect the information to add a new user:
  • Process displays the current user information.
  • Process displays the current user information and asks MISD to confirm the delete process
  • MISD finishes users database maintenance and quits
  • Session Log User Request Log
  • Activities Log Activities Log
  • User Access Log User Service
  • MISD has finished maintaining the users database
  • MISD has requested to quit users options maintenance process.
  • Process Check control information database for access control on specified information.
  • Post Conditions Allowed/Denied access based on process.
  • This model describes the data structures that are used internally for the system to support system services and functions.
  • the model maintains data on:
  • WT-DS01 Session Log
  • WT-DS02 User Request Log
  • WT-DS04 User Access Log
  • WT-DS05 Users Information
  • WT-DS06 Certificate Revocation Information
  • WT-DS07 Control Information
  • WT-DS08 Error Log.
  • Database table that logs all users requests on the secure HTTP server.
  • Database table/file containing log data of all the activities on the secure HTTP server with user.
  • Database table that contains users login information.
  • Database table that contain access control information for users.
  • Fig. 7 is a block schematic diagram showing an Internet billing application context model according to the invention
  • Fig. 8 is a block schematic diagram showing an Internet billing application process and data model according to the invention.
  • the following discussion describes the main modules of an example (XYZ) Internet billing application. These modules are referenced in Figs. 7 and 8 as follows:
  • DFD SYSTEM (SECURE APP MANAGER)
  • CUSTOMER CUSTOMER ASSISTANCE ENGINE
  • DFD ADMINISTRA (STAFF ASSISTANT ENGINE).
  • the secure application manager administers the users security access profiles and it is the only mechanism with which the user is allowed to access the application. This is a must for all users of the Internet and Intranet applications (customers and staff).
  • the secure application manager is responsible for:
  • the app manager should Automatically bind a user DID (when applicable) to the customer entry in the customer database (NETCUSTDB).
  • the app manager must have access to internal user access profile (database or permission files) to determine application access by the user.
  • the application manager also must have the capabilities to allow users access, after authenticating them, to HTML files, database and/or Java-based applications.
  • Fig. 9 is a block schematic diagram showing functional decomposition of an Internet billing application according to the invention
  • Fig. 10 is a block schematic diagram showing functional decomposition of an Internet bill payment and presentment application according to the invention.
  • Fig. 9 explains the functional breakdown of the XYZ Internet Billing Application where the invention serves as the security mechanism. This figure breaks down the functions by role as they exist in the organization's business structure. Each block contains a set of functions (forms, programs, etc.) that are available to users permitted access to that portion of XYZs IBA. Under Administration, the Internet Billing Administration Department has access and authority to manage the security and audit facilities that are under the control of the invention.
  • Figure 10 is a detail of the Administration side of Fig. 9 and includes the services available within each block.
  • the invention can be managed through the "Security System Management" block under Internet Billing Administration. All changes made to the Invention's configuration will be reflected throughout the system and affect all customers and administrators.
  • Fig. 1 1 is a block schematic diagram of a network segmentation model according to the invention. This figure shows a physical network layout as might be encountered in a typical installation for the invention. In this case, we use XYZ Corporation Internet Billing Application.
  • the IBA Server is the server that hosts the invention and the IBA. The IBA may be linked to other machines from which it gathers or manipulates data. All the application components which are accessed through the Web Server being controlled and protected by the invention will benefit from the security, access and audit protections that it provides.

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Computer Security & Cryptography (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Computer And Data Communications (AREA)
PCT/US1998/022377 1997-10-22 1998-10-21 Method and apparatus for certificate management in support of non-repudiation WO1999021319A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP98955052A EP1025551A2 (de) 1997-10-22 1998-10-21 Verfahren und vorrichtung zum handhaben von zertifikaten für nichtablehnung
AU11950/99A AU1195099A (en) 1997-10-22 1998-10-21 Method and apparatus for certificate management in support of non-repudiation

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US6263097P 1997-10-22 1997-10-22
US60/062,630 1997-10-22
US17592798A 1998-10-21 1998-10-21
US09/175,927 1998-10-21

Publications (2)

Publication Number Publication Date
WO1999021319A2 true WO1999021319A2 (en) 1999-04-29
WO1999021319A3 WO1999021319A3 (en) 1999-06-24

Family

ID=26742505

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US1998/022377 WO1999021319A2 (en) 1997-10-22 1998-10-21 Method and apparatus for certificate management in support of non-repudiation

Country Status (3)

Country Link
EP (1) EP1025551A2 (de)
AU (1) AU1195099A (de)
WO (1) WO1999021319A2 (de)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0969430A1 (de) * 1998-06-30 2000-01-05 Sun Microsystems, Inc. Unparteiischer Zeuge für elektronische Transaktionen
WO2002011357A2 (en) * 2000-07-28 2002-02-07 Sun Microsystems, Inc. Method and apparatus for cryptographic key management using url programming interface
WO2003034308A1 (en) * 2001-10-15 2003-04-24 Kent Ridge Digital Labs Electronic document management system
GB2386802A (en) * 2002-03-18 2003-09-24 Hewlett Packard Co Auditing of secure communication sessions over a communication network
GB2390446A (en) * 2002-07-02 2004-01-07 Hewlett Packard Co Apparatus for analysing electronic representations of business processes
US20120110011A1 (en) * 2010-10-29 2012-05-03 Ihc Intellectual Asset Management, Llc Managing application access on a computing device
CN104144141A (zh) * 2013-05-07 2014-11-12 苏州精易会信息技术有限公司 一种提高管理软件系统安全性的访问控制方法
CN110245478A (zh) * 2019-06-20 2019-09-17 云南电网有限责任公司大理供电局 一种权限管理整合安全管理的系统

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5715314A (en) * 1994-10-24 1998-02-03 Open Market, Inc. Network sales system
US5613012A (en) * 1994-11-28 1997-03-18 Smarttouch, Llc. Tokenless identification system for authorization of electronic transactions and electronic transmissions
US5826245A (en) * 1995-03-20 1998-10-20 Sandberg-Diment; Erik Providing verification information for a transaction
US5699528A (en) * 1995-10-31 1997-12-16 Mastercard International, Inc. System and method for bill delivery and payment over a communications network
US6252869B1 (en) * 1995-12-29 2001-06-26 At&T Corp. Data network security system and method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
None

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0969430A1 (de) * 1998-06-30 2000-01-05 Sun Microsystems, Inc. Unparteiischer Zeuge für elektronische Transaktionen
WO2002011357A2 (en) * 2000-07-28 2002-02-07 Sun Microsystems, Inc. Method and apparatus for cryptographic key management using url programming interface
WO2002011357A3 (en) * 2000-07-28 2002-08-22 Sun Microsystems Inc Method and apparatus for cryptographic key management using url programming interface
WO2003034308A1 (en) * 2001-10-15 2003-04-24 Kent Ridge Digital Labs Electronic document management system
GB2386802A (en) * 2002-03-18 2003-09-24 Hewlett Packard Co Auditing of secure communication sessions over a communication network
GB2390446A (en) * 2002-07-02 2004-01-07 Hewlett Packard Co Apparatus for analysing electronic representations of business processes
US20120110011A1 (en) * 2010-10-29 2012-05-03 Ihc Intellectual Asset Management, Llc Managing application access on a computing device
CN104144141A (zh) * 2013-05-07 2014-11-12 苏州精易会信息技术有限公司 一种提高管理软件系统安全性的访问控制方法
CN110245478A (zh) * 2019-06-20 2019-09-17 云南电网有限责任公司大理供电局 一种权限管理整合安全管理的系统

Also Published As

Publication number Publication date
AU1195099A (en) 1999-05-10
WO1999021319A3 (en) 1999-06-24
EP1025551A2 (de) 2000-08-09

Similar Documents

Publication Publication Date Title
US6668322B1 (en) Access management system and method employing secure credentials
US7568098B2 (en) Systems and methods for enhancing security of communication over a public network
US6691232B1 (en) Security architecture with environment sensitive credential sufficiency evaluation
US6892307B1 (en) Single sign-on framework with trust-level mapping to authentication requirements
EP1773020B1 (de) Steuerung des Zugriffs auf Ressourcen mit Identitätsschutz
US6609198B1 (en) Log-on service providing credential level change without loss of session continuity
US7392534B2 (en) System and method for preventing identity theft using a secure computing device
US7100054B2 (en) Computer network security system
US20050289085A1 (en) Secure domain network
US20030208684A1 (en) Method and apparatus for reducing on-line fraud using personal digital identification
GB2378010A (en) Mulit-Domain authorisation and authentication
US20080189544A1 (en) Method and apparatus for preferred business partner access in public wireless local area networks (lans)
Lynch A White Paper on the Authentication and Access Management Issues in Cross-organizational Use of Networked Information Resources
Neuman Security, payment, and privacy for network commerce
EP1025551A2 (de) Verfahren und vorrichtung zum handhaben von zertifikaten für nichtablehnung
US20030028768A1 (en) Inter-enterprise, single sign-on technique
Claessens et al. A tangled world wide web of security issues
Raymond Choo Issue report on business adoption of Microsoft Passport
Murthy et al. Technologies for e-commerce: An overview
Kalla et al. Achieving non-repudiation of Web based transactions
Abidin et al. ATM in your pocket–A proposed framework for a mobile E-ATM and E-Pay
Trcek E-business systems security for intelligent enterprise
Peldius Security Architecture for Web Services
Hunt-Coffey Are you who you say you are? Network access management in community college libraries
Trèek E-Business Systems Security for Intelligent Enterprises

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AL AU BA BB BG BR CA CN CU CZ EE GD GE HR HU ID IL IS JP KP LC LK LR LT LV MG MK MN MX NO NZ PL RO SG SI SK SL TR TT UA UZ VN YU

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

AK Designated states

Kind code of ref document: A3

Designated state(s): AL AU BA BB BG BR CA CN CU CZ EE GD GE HR HU ID IL IS JP KP LC LK LR LT LV MG MK MN MX NO NZ PL RO SG SI SK SL TR TT UA UZ VN YU

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
WWE Wipo information: entry into national phase

Ref document number: 1998955052

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 1998955052

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: CA

WWW Wipo information: withdrawn in national office

Ref document number: 1998955052

Country of ref document: EP