WO2007001998A1 - Secure transmission of data between clients over communications network - Google Patents

Secure transmission of data between clients over communications network Download PDF

Info

Publication number
WO2007001998A1
WO2007001998A1 PCT/US2006/023838 US2006023838W WO2007001998A1 WO 2007001998 A1 WO2007001998 A1 WO 2007001998A1 US 2006023838 W US2006023838 W US 2006023838W WO 2007001998 A1 WO2007001998 A1 WO 2007001998A1
Authority
WO
WIPO (PCT)
Prior art keywords
client
server
data
certificate
connection messages
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/US2006/023838
Other languages
English (en)
French (fr)
Inventor
Masami Yoshioka
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to JP2008518283A priority Critical patent/JP4601706B2/ja
Priority to EP06773558A priority patent/EP1897274A1/en
Publication of WO2007001998A1 publication Critical patent/WO2007001998A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload

Definitions

  • the present invention relates to secure data transmission between client computers (clients) over a communications network. More particularly, the present invention relates to a method and apparatus for securely transmitting and exchanging data between clients via an intermediate server.
  • Secure data exchange over a communications network is one of the most important issues in may businesses and industries.
  • Various encryption methods and key schemes public and private have been used to securely transmitting electronic data.
  • an electronic mail exchange system is typically protected by a username and password, and usually offers an encryption function for contents and attachments for outgoing messages.
  • Secure Socket Layer (SSL) protocols are typically used for encrypted communications in data exchange systems.
  • Transport Layer Security (TLS) protocols may also used.
  • An electronic certificate (digital ID) is also used to identify the user in electronic transactions. While data to be transmitted is encrypted and access to a data exchange server is restricted using passwords and certificates, such a conventional data exchange system does not protect the "communications path" during the transmission.
  • the encrypted data in he form of data packets may be hacked or altered before reaching the destination/recipient.
  • the data After a user is allowed access to a data exchange server and starts downloading or uploading data, the data may be intercepted, eavesdropped, or filtered to hack information contained therein.
  • a user is only initially authenticated and authorized (typically using the username and password) to log on to a secured site.
  • a disguised user may log on to access the secured site, or the user may be led to an unintended site which tries to obtain personal information from the user.
  • the conventional system does not provide means to confirm that the user is still the same authenticated user, and that the server is still the same server.
  • a method and apparatus securely transmit data between a client and a server over a communications network.
  • the secure data transmission includes, after the client is initially authenticated, (a) transmitting a series of client connection messages from the client to the server at least while the data is being transmitted, (b) transmitting a series of server connection messages from the server to the client at least while the data is being transmitted; (c)' monitoring the client connection messages at the server; (d) monitoring the server connection messages at the client; (e) if a disturbance is found either in the client connection messages or the server connection messages, terminating the data transmission between the client and the server, re-authenticating the client, and retransmitting the data; and (f) if the encrypted data is successfully transmitted to the server, storing the data in a database associated with the recipient.
  • FIG. 1 is a block diagram schematically illustrating a computer system suitable for implementing aspects of the present invention.
  • FIG. 2 is a diagram schematically illustrating a system for securely transmitting data between clients over a communications network in accordance with one embodiment of the present invention.
  • FIG. 3 is a block diagram schematically illustrating the client including a data exchange module in accordance with one embodiment of the present invention.
  • FIG. 4 is a block diagram schematically illustrating the server in accordance with one embodiment of the present invention.
  • FIG. 5 is a diagram conceptually illustrating the communication path protection by a bidirectional connection message flow in accordance with one embodiment of the present invention.
  • FIG. 6 is a process flow diagram schematically illustrating a method for securely transmitting data between a client and a server over a communications network, in accordance with one embodiment of the present invention.
  • FIG. 7 is a process flow diagram schematically illustrating a mechanism of protecting the data transmission path using the connection messages in accordance with one embodiment of the present invention.
  • FIG. 8 is a process flow diagram schematically illustrating a data retrieval by a recipient-client form the server in accordance with one embodiment of the present invention.
  • the components, process steps, and/or data structures may be implemented using various types of operating systems (OS), computing platforms, firmware, computer programs, computer languages, and/or general-purpose machines.
  • OS operating systems
  • the method can be implemented as a programmed process running on processing circuitry.
  • the processing circuitry can take the form of numerous combinations of processors and operating systems, or a stand-alone device.
  • the process can be implemented as instructions executed by such hardware, hardware alone, or any combination thereof.
  • the software may be stored on a program storage device readable by a machine.
  • the method may be implemented on a data processing computer such as a personal computer, workstation computer, mainframe computer, or high performance server running an OS such as Solaris® available from Sun Microsystems, Inc. of Palo Alto, California, Microsoft® Windows® XP and Windows® 2000, available form Microsoft Corporation of Redmond, Washington, or various versions of the Unix operating system such as Linux available from a number of vendors.
  • the method may also be implemented on a multiple- processor system, or in a computing environment including various peripherals such as input devices, output devices, displays, pointing devices, memories, storage devices, media interfaces for transferring data to and from the processor(s), and the like.
  • a computer system or computing environment may be networked locally, or over the Internet.
  • FIG. 1 depicts a block diagram of a computer system 100 suitable for implementing aspects of the present invention.
  • computer system 100 includes a bus 102 which interconnects major subsystems such as a central processor 104, a system memory 106 (typically RAM), an input/output (I/O) controller 108, an external device such as a display screen 110 via display adapter 112, serial ports 114 and 116, a keyboard 118, a fixed disk drive 120, a floppy disk drive 122 operative to receive a floppy disk 124, and a CD-ROM player 126 operative to receive a CD-ROM 128.
  • bus 102 which interconnects major subsystems such as a central processor 104, a system memory 106 (typically RAM), an input/output (I/O) controller 108, an external device such as a display screen 110 via display adapter 112, serial ports 114 and 116, a keyboard 118, a fixed disk drive 120, a floppy disk drive 122 operative to
  • pointing device 130 e.g., a mouse
  • modem 132 may provide a direct connection to a remote server via a telephone link or to the Internet via a POP (point of presence).
  • POP point of presence
  • a network interface adapter 134 may be used to interface to a lo.cal or wide area network using any network interface system known to those skilled in the art (e.g., Ethernet, xDSL, AppleTalkTM).
  • the present invention provides additional layers of security to protect the transmission path by providing an intermediate server between clients (client computers) and exchanging certain connection messages between the client computer and the server.
  • the present invention may also be applied to electronic transactions between a client and a server.
  • a series of connection messages having a specific sequence, order or pattern are and are exchanged as a "background" communication during the data transmission.
  • the present invention also provides a specific certification process in which the client and the server exchange a client certificate and a server certificate.
  • FIG. 2 schematically illustrates a system 200 for securely transmitting data between clients 10 and 12 over a communications network 14 in accordance with one embodiment of the present invention.
  • the system includes an intermediate server 16 coupled with the communications network 14. Although only two clients are show in FIG. 2, more than two clients may be included in the system 200. This is a closed system and all users (and clients) should be registered before joining the system. All registered users/clients are known to the server 16 which intermediates data exchange between the clients.
  • the data transmission is protected by employing an encryption scheme, for example, the SSL protocol. Other encryption scheme(s) may be used, in addition to or in place of the SSL protocol.
  • a user can select a user or a group of users as recipient(s) of the data to be transmitted.
  • Each client includes a data exchange module capable of communicating with the server 16.
  • FIG. 3 schematically illustrates the client 10 including a data exchange module 20 in accordance with one embodiment of the present invention.
  • the data exchange module 20 may be an application program installed on the client computer.
  • the application program has one-to-one correspondence with the client 10 on which it is installed, and identified by a unique module identification information, for example, a serial number.
  • An electronic certificate for the client 10 (a client certificate) is assigned when the application program is installed on the client 10, for example, by the maker of the application program.
  • the electronic certificate may be updated, changed, or renewed yearly or every two years, and the like.
  • the client certificate is specifically assigned to a particular client to identify the client.
  • the data exchange module 20 includes a certificate transmitter 22, a data encryptor 24, a connection message transmitter 26, a connection message receiver 28, a data transmission controller 30, and an interface 32.
  • the data exchange module 20 also includes a decryptor 38 which decrypt data received from the server 16.
  • the client 10 also includes other components such as data processing module (not shown) to process the data.
  • the certificate transmitter 22 is adapted to send the client certificate to the server 16 via the interface 32.
  • a server certificate is returned from the server 16 to the client 10 if the client 10 is authenticated.
  • the client 10 attaches the server certificate to data to be transmitted, and the data encryptor 24 encrypts the data and the server certificate together to generate encrypted data.
  • SSL secure socket layer
  • the connection message transmitter 26 sends a series of client connection messages to the server 16 at least while the encrypted data is being transmitted.
  • the client 10 starts sending the connection messages from the time when the client 10 logs on to the server 16 and stops sending the client connection messages when the client 10 logs off from the server 16.
  • the series of client connection messages have a sequence, order, or pattern specific to the client 10.
  • each of the client connection messages may be numbered, time stamped, or otherwise identifiable or distinguishable each other such that series of them forms a particular sequence determinable by the receiver/observer.
  • the client connection messages may include several types, and a sequence of the types constitute a pattern.
  • connection messages have four types A, B, C, D, a sequence of ABCD ABCD ABCD... constitute a specific periodic pattern.
  • the client connection messages are client-specific, or include a client-identifier, and thus the server can distinguish which client sends the specific client connection messages.
  • each client has a different pattern of the client connection messages.
  • the specific sequence, order, or pattern may be updated or changed once for a desired time period.
  • connection message receiver 28 receives and monitors server connection messages sent from the server 16. Similarly to the client connection messages, the series of server connection messages have a specific sequence, order, or pattern. During the data transmission, the connection message receiver 28 monitors and checks the sequence of the received server messages. If the order (or specific pattern) is disturbed, for example, missing server message(s) or switching the order thereof, it means some hacking of the data, misdirection, interception, or other attack on the data transmission.
  • the data transmission controller 30 controls the certificate transmitter 22, the encryptor 24, the connection message transmitter 26, and the connection message receiver 28. If the connection message receiver 28 detects a disturbance in the received server connection messages, the data transmission controller 30 stops the ongoing data transmission. If the data transmission is terminated before completion, the data transmission controller 30 starts over client authentication processes such that the certificate transmitter 22 re-sends the client certificate to the server 16.
  • the client 10 also includes a security module 40 and a memory or database 42.
  • User identification information such as a username, a password, biometric information, and other personal information such as date of birth, place of berth, etc. may be stored in the memory 42.
  • a hardware-based security key 44 such as a Hardware against Software Piracy (HASP®) key, available from Aladdin Knowledge Systems, Ltd., Arlington Heights, Illinois, may also be installed, for example, when the application program is installed.
  • HASP® key is used for protecting and licensing software running on stand-alone computers.
  • Other types of hardware-based keys, passwords, or passcodes may also be used.
  • the security module 40 authorizes a user to use the client 10 based on the user identification information.
  • the security module 40 identifies and authenticates the user using any combination of the above mentioned identification/personal information.
  • the user may be prompted to enter one or more types of the personal identification via a user interface 34.
  • the attempted user may also be required to insert the correct hardware- based security key before using the client computer to transmit data.
  • a plurality of users may be allowed to use the client 10 for data transmission by sharing the correct hardware-based security key.
  • the client 10 may also be provided with a biometric sensor 46, for example, a fingerprint sensor or an image capturing device to receive the biometric information from the attempted user.
  • the security module 40 includes software and/or circuitry (not shown) necessary to perform such biometric identification processes as is well understood by those of ordinary skill in the art. All of the identification/personal information mentioned above may be stored at the time when the data exchange module is installed and initialized for a specific client and user. It should be noted that although the security module 40 is illustrated separately from the data exchange module 20 in FIG. 3, the security module 40 may be integrated into, or part of the data exchange module 20.
  • the client 10 may first send an access request with the client certificate to the server 16.
  • the server 16 confirms that the requesting client 10 has the correct client certificate, and then sends back its server certificate to the client 10.
  • the server 16 may only return an approval (positive authentication result) to the client 10 so as to continue the process (allowing the client 10 to log-on to the system), and may wait sending the server certificate until the client 10 further makes a data transmission request. If the client 10 makes a data retrieval request, the server 16 does not have to return the server certificate.
  • the data exchange module's identification information for example, the serial number
  • the data exchange module's identification information may also be used in an additional authentication process for the client 10. Which information is used in what order may be in accordance with a selected authentication protocols between the client 10 and the server 16, and such a specific sequence of the processes may also used to provide an additional security measure.
  • the data exchange module 20 may further include a protocol monitor 36 controlled by the data transmission controller 30.
  • the protocol monitor 36 monitors an operation sequence of the data exchange module 20 for any deviation from predetermined specific protocols. If the timing or operation sequence deviates from the specific protocols, it may indicate the process is being attacked or hacked, or some disguised client/user is attempting to access to the server 16. In such a case, the certification process and/or the subsequent data transmission is halted by the data transmission controller 30, and the entire process is started over. This provides an additionally layer of security.
  • the server 16 is not necessarily an intermediate server, but may be a commercial server providing on-line shopping, on-line banking, or other electronic transactions.
  • the client 10 may be a customer-client.
  • a customer-client may download an application program for the data exchange module from the commercial server, or purchase a recording medium (such as an optical compact disc) storing the application program thereon for an off-line installation.
  • the client connection messages and the server connection messages can be exchanged between the customer-client and the server during the electronic transaction, or as long as the customer-client is logged on to the server.
  • the client/server connection messages provide continuous confirmation of the right customer/server entity during the electronic transaction, as well as protection from unauthorized interference with the communication path.
  • the electronic certificate may be sent separately to the customer-client.
  • the above-mentioned certificate exchange may be performed in the initial authentication process for the customer-client, and the server certificate may be attached when the customer-client makes a payment or transfers a fund, or when any critical/sensitive information is transmitted from the customer-client to the server.
  • FIG. 4 schematically illustrates the server 16 in accordance with one embodiment of the present invention.
  • the server 16 includes a controller 50, an authenticator 52, a certificate transmitter 54, a connection message transmitter 56, a connection message receiver 58, a memory 60, and an interface 70.
  • the authenticator 52 receives a client certificate sent from the client 10, and authenticates the client 10 based on its client certificate. For example, the authenticator 52 determines if the client certificate from the client 10 matches one of registered client certificates.
  • the memory 60 may include a database 68 maintaining the registered client information or the registered client certificates for use by the authenticator 52. Other information such as a username and password may also be used for authenticating the client 10 in addition to the client certificate.
  • the certificate transmitter 54 generates, if the client 10 is authenticated, a server certificate based on, or as a function of, the client certificate, and transmits the server certificate to the client 10.
  • the server certificate includes information of the client certificate.
  • the client certificate may be piggybacked or appended to the server certificate.
  • the server's connection message transmitter 56 sends a series of server connection messages to the client 10.
  • the server connection messages are transmitted at least while the data is being transmitted between the server 16 and the client 10.
  • the server 16 starts sending the server connection messages from the time when the client 10 logs on to the server 16 and stops sending the client connection messages when the client 10 logs off from the server 16.
  • the server connection messages are not broadcasted, but transmitted only to the client 10 which is currently logs onto the server 16.
  • the server connection messages have a specific sequence, order, or pattern to be monitored by the client 10.
  • connection message receiver 58 receives and monitors the client connection messages sent from the client 10, and the controller 50 terminates data transmission if the connection message receiver 58 finds a disturbance in the sequence, order or pattern of the client connection messages. If the data transmission is terminated or halted before completion due to the disturbance in the received client messages, the controller 50 may send an error message through the interface 70 to the client 10. In response to such an error message, the client 10 initiates re-authentication process by sending the client certificate so as to re-transmits the data. If the data transmission is successfully completed, the transmitted data (uploaded data) is stored in the memory 60 of the server 16, typically for a predetermined time period.
  • the memory 60 includes databases 62, 64, 66, ..., each of which is associated with a specific client.
  • a user of the client 10 can select which user(s) the data to be sent to (i.e., recipient clients), and how long the stored data to be maintained in the server 16. These selected information may be specified in the data transmission request. If no specific time duration is selected, the controller 60 may set a default time value. Thus, the data uploaded to the server 60 is stored in the corresponding database for the recipient client for a selected time period, during which the recipient client is able to access and retrieve (download) the data.
  • the data transmission request includes at least one recipient client, for example, the client 12 (recipient-client B), and the data transmitted from client 10 is stored in the database 64 associated with the client 12 (recipient client B).
  • the stored data is remain encrypted and includes the server certificate containing the client certificate information.
  • the client 12 retrieves and decrypts the data, the client 12 is able to confirm the client 10 is the sender-client A.
  • the controller 50 may include a memory access controller 72 coupled with the authenticator 52 and the memory 60 to perform the above-described memory operation. That is, the memory access controller 72 receives a data transmission request from the client 10 (sender-client A), and stores the encrypted data from the client 10 in the database 64 associated with client 12 (recipient-client B), which is specified in the data transmission request. When the client 12 requests access to the associated database 64 and data retrieval therefrom, the access controller 72 allows the stored data to be transmitted to the client 12 after the client 12 is authenticated by the authenticator 52.
  • the authenticator 52 authenticates the client 12 in the same manner as it authenticates the client 10.
  • the server 16 may include a protocol monitor 74 controlled by the controller 50.
  • the protocol monitor 74 monitors an operation sequence of the server 16 for any deviation from predetermined specific protocols. If the timing or operation sequence deviates from the specific protocols, it may indicate the process is being attacked or hacked, or some disguised client/user is attempting to access to the server 16. In such a case, the certification process and/or the subsequent data transmission is halted by the controller 50, and the entire process is started over. This provides an additionally layer of security.
  • the server 16 may be a commercial server and not an intermediate server as described above.
  • each of the databases 62, 64, etc. may be a client's account records maintaining a respective client's financial information, purchase information, or associated personal information.
  • the controller 50 or the memory access controller 72 may control each client's access to its own account records, rather than maintaining the data for a specific time period.
  • the authenticator 52, the certificate transmitter 54, the connection message transmitter 56, the connection message receiver 58, and the protocol monitor 74 may be implemented in the commercial server in a similar manner as the intermediate server.
  • a series of client connection messages (mi, m 2 , m 3 , ...) are sent to the server, and a series of server connection messages (Mi, M 2 , M 3 , ...) are sent to the client as background communications between the server and the client as shown in FIG. 5.
  • Two or more series of connection messages may be employed in either direction for additional security.
  • Each of the connection message may be a small data packet containing the source, destination, and sequence information as described above.
  • the encrypted data being transmitted are protected by a bidirectional flow of the client and server connection messages along the communication path.
  • FIG. 6 schematically illustrates a method for securely transmitting data between a client and a server over a communications network, in accordance with one embodiment of the present invention.
  • the client includes a data exchange module capable of communicating with the server.
  • the data exchange module is configured for a specific client, which is configured for a specific user to have the identification information of the user.
  • an application program is installed onto the client so as to configure the data exchange module, including assigning a client certificate, setting client/server connection message function, and other specific protocols.
  • the client and server may be the client 11 and server 16 described in the above embodiments.
  • a user attempting to transmit data using the client is prompted to enter the user identification (ID) information.
  • ID information is compared with the stored ID information of the authorized user (202). For example, any combination of a username, a password, personal information, a hardware-based security key, biometric information of the user, and the like can be used to authenticate the user. If the required user ID information matches each other, the user is authorized (204) to use the data exchange/transmission system.
  • the user makes a request, for example, a data transmission request.
  • a client certificate and a data transmission (upload) request is sent to the server (206).
  • the data transmission request specifies at least one recipient client/user.
  • the server receives the client certificate (208), and determines if the client certificate matches one of registered client certificates (210).
  • the server authenticates the client (212) if the client certificate matches, and generates a server certificate (214) based on the client certificate.
  • the server transmits the server certificate to the client (216).
  • the server certificate includes information of the client certificate. In authenticating the client, other client identification such as a password or serial number may also be used for additional security.
  • the client receives the server certificate (218). By exchanging the respective certificates between the client and the server, the client is authenticated, and also the client can confirm the identity of the server from the server certificate.
  • the client is typically logged on to the server.
  • the client and the server may start sending their respective connection messages (220, 222).
  • a series of client connection messages are transmitted from the client to the server, and a series of server connection messages are transmitted from the server to the client, at least while the encrypted data is being transmitted.
  • the client and server may stop transmitting their connection messages when the client logs off from the server.
  • the client attaches the received server certificate to the data to be transmitted, and encrypted them together (224).
  • the SSL protocols are be used for encryption.
  • the encrypted data (including the server certificate) is sent to the server (226).
  • the server receives and stores the encrypted data in a database associated with a recipient (228). If the data transmission request from the client specifies more than one recipient, the transmitted data is stored in each database corresponding to the respective recipient.
  • FIG. 7 schematically illustrates the mechanism of protecting the data transmission path using the connection messages in accordance with one embodiment of the present invention.
  • the client and the server may start sending their respective connection messages (220, 222 in FIG. 6) to each other, and continue sending them until the client logs off from the server.
  • the transmission of the connection messages is performed in parallel with the "main" data transmission between the client and the server, and the connection messages are exchanged between the client and server to "cover" at least the time period from the start of the data transmission until the completion thereof.
  • the series of client connection messages have a client-specific sequence or pattern
  • the series of server connection messages have a specific sequence or pattern.
  • the client connection messages are received and monitored at the server (230), and if a disturbance is found in the client connection messages (232), the server stops the on-going data transmission (234).
  • a disturbance includes missing connection message(s), switched order, unexpected delay, and the like.
  • the server may send an error message to the client (236).
  • the client the data exchange module therein stops transmitting the data and starts over the client authentication process.
  • the client receives and monitors the server connection messages (240), and if a disturbance is found in the server connection messages (242), the client terminates the on-going data transmission (244).
  • the client's process returns to the client authentication process (206, FIG. 6), and the client certificate is re-transmitted to the server. After the client/server certificates are successfully exchanged, the client re-transmitted the data to the server.
  • the termination (discontinuation) of the data transmission, re-authentication of the client, and re-transmission of the data may be automatically performed by the data exchange module of the client and the server without any user intervention.
  • the system ensures the safe and secure data transmission even if the user is unaware of the "retry" processes.
  • the data exchange module may issue a warning message to the user.
  • the client is authenticated in the certificate exchange process.
  • an initial authentication process may be provided before exchanging the client and server certificates.
  • the client may send the username and password to log on to the server, and then exchange certificates before transmitting data.
  • Sending the client/server connection messages may be started before exchanging the certificates, or after exchanging the certificates before the data transmission.
  • a specific procedure and timing of the authentication, certificate exchange, and correction message transmission can be set as a client-specific protocol, and can be used to detect any external interference with the client-server communication by monitoring the operation sequence of processes. If a deviation from the specific protocol is found in the operation sequence, the client and/or the server may terminate the process, re-authenticate the client, and re-transmit the encrypted data from the client to the server.
  • FIG. & schematically illustrates a data retrieval process by a recipient (another client) in accordance with one embodiment of the present invention.
  • a user of the recipient attempts to retrieve the data from the server, the user may be authorized (252, 254) in the same manner as described above (202, 204 in FIG. 6).
  • the user makes a data retrieval request, in response to which a data retrieval (download) request and a client certificate are sent to the server (256).
  • the server receives the client certificate (258), and determines if the client certificate matches one of registered client certificates (260).
  • the server authenticate the client (262) if the client certificate matches, and allow the client to log on to the server.
  • the server may generate a server certificate based on the client certificate and transmits the server certificate to the client (not shown in FIG. 8). Since in a data retrieval transaction the recipient-client does not transmit data to the server, it is not necessary to return the server certificate to the client. However, the server certificate may be used to confirm the server identity at the client.
  • the client may send another request for data transmission to the server in the same session.
  • the client certificate may be re-sent with the data transmission request and the sever may generate and return the server certificate in response to receiving the client certificate, in the same manner as described above.
  • the server may store the client certificate initially received form the client during the session.
  • the client (the data exchange module therein) may automatically (without user intervention) attach the client certificate every time the client makes a new request to the server during the same session, such that the server has additional opportunity to confirm the client identity (in addition to receiving the client connection messages).
  • the client and the server start sending their respective connection messages (264, 266).
  • the client is allowed access to the database associated with itself (268), and the encrypted data (including the server certificate) stored therein is transmitted from the server to the client (270).
  • the recipient-client decrypt the retrieved data. From the server certificate which includes the sender-client information, the recipient may confirm the sender.
  • the monitoring of the client/server connection messages and re-authentication/retransmission, if any, are performed in the same manner as that described in FIG. 7.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer And Data Communications (AREA)
  • Storage Device Security (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
PCT/US2006/023838 2005-06-23 2006-06-19 Secure transmission of data between clients over communications network Ceased WO2007001998A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
JP2008518283A JP4601706B2 (ja) 2005-06-23 2006-06-19 通信ネットワーク上でのクライアントとサーバ間の安全なデータ通信
EP06773558A EP1897274A1 (en) 2005-06-23 2006-06-19 Secure transmission of data between clients over communications network

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/166,524 US7707417B2 (en) 2005-06-23 2005-06-23 Secure transmission of data between clients over communications network
US11/166,524 2005-06-23

Publications (1)

Publication Number Publication Date
WO2007001998A1 true WO2007001998A1 (en) 2007-01-04

Family

ID=37085727

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2006/023838 Ceased WO2007001998A1 (en) 2005-06-23 2006-06-19 Secure transmission of data between clients over communications network

Country Status (4)

Country Link
US (1) US7707417B2 (enExample)
EP (1) EP1897274A1 (enExample)
JP (1) JP4601706B2 (enExample)
WO (1) WO2007001998A1 (enExample)

Families Citing this family (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2024894A4 (en) * 2006-05-12 2016-09-21 Samsung Electronics Co Ltd DEVICE AND METHOD FOR MANAGING SAFETY DATA
US7653576B2 (en) * 2006-08-01 2010-01-26 International Business Machines Corporation Method for pricing items
US8327142B2 (en) 2006-09-27 2012-12-04 Secureauth Corporation System and method for facilitating secure online transactions
WO2008039227A1 (en) * 2006-09-27 2008-04-03 Multifactor Corporation System and method for facilitating secure online transactions
US8126491B1 (en) * 2007-01-19 2012-02-28 At&T Mobility Ii Llc Automatic redial after call establishment failure
US20080195860A1 (en) * 2007-02-14 2008-08-14 Motorola, Inc. Method and apparatus for detecting a compromised node in a network
US10079864B2 (en) * 2012-01-06 2018-09-18 Microsoft Technology Licensing, Llc Communicating media data
US10049233B2 (en) * 2014-10-09 2018-08-14 Canon Denshi Kabushiki Kaisha Information processing apparatus, security management method and information processing system that switches from one monitoring unit to another in accordance with operating mode
JP6644037B2 (ja) 2017-09-08 2020-02-12 株式会社東芝 通信制御システム
JP2020108070A (ja) 2018-12-28 2020-07-09 株式会社東芝 通信制御装置および通信制御システム
JP7321414B2 (ja) * 2019-06-20 2023-08-07 日本電信電話株式会社 送信制御方法、およびプログラム
JP7502618B2 (ja) * 2020-07-20 2024-06-19 富士通株式会社 通信プログラム、通信装置、及び通信方法
CN114154171A (zh) * 2022-02-07 2022-03-08 浙江省人力资源和社会保障信息中心 社保自助机程序安装方法、系统、电子设备及计算机介质
CN114844720B (zh) * 2022-06-06 2023-06-02 湖南五凌电力科技有限公司 一种物联数据加密传输方法、系统、服务端及客户端

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0588519A2 (en) * 1992-08-31 1994-03-23 AT&T Corp. Continuous authentication using an in-band or out-of-band side channel
US20040025057A1 (en) * 2000-06-15 2004-02-05 Zix Corporation, A Texas Corporation Secure message forwarding system detecting user's preferences including security preferences
US20040059909A1 (en) * 2002-09-24 2004-03-25 Jean-Francois Le Pennec Method of gaining secure access to intranet resources
US6760752B1 (en) * 1999-06-28 2004-07-06 Zix Corporation Secure transmission system

Family Cites Families (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5894547A (en) * 1991-06-27 1999-04-13 International Business Machines Corporation Virtual route synchronization
US5276735A (en) * 1992-04-17 1994-01-04 Secure Computing Corporation Data enclave and trusted path system
JP3717176B2 (ja) * 1993-09-29 2005-11-16 株式会社パンプキンハウス 暗号化/復号装置および方法
JPH07131449A (ja) * 1993-11-04 1995-05-19 Nippon Telegr & Teleph Corp <Ntt> ディジタル情報通信システム
JPH09200198A (ja) * 1996-01-17 1997-07-31 Nec Corp メッセージ認証システム
WO1997029416A2 (en) * 1996-02-09 1997-08-14 Integrated Technologies Of America, Inc. Access control/crypto system
US6226687B1 (en) * 1996-09-05 2001-05-01 Nortel Networks Limited Method and apparatus for maintaining an order of data packets
US6085324A (en) * 1997-02-05 2000-07-04 Ogram; Mark E. Monitoring and regulatory system for the internet
JP3799757B2 (ja) * 1997-07-18 2006-07-19 富士ゼロックス株式会社 被検証データ生成装置、及び被検証データ生成プログラムを記録したコンピュータ読み取り可能な記録媒体
US6092196A (en) * 1997-11-25 2000-07-18 Nortel Networks Limited HTTP distributed remote user authentication system
US6263446B1 (en) * 1997-12-23 2001-07-17 Arcot Systems, Inc. Method and apparatus for secure distribution of authentication credentials to roaming users
US6732277B1 (en) * 1998-10-08 2004-05-04 Entrust Technologies Ltd. Method and apparatus for dynamically accessing security credentials and related information
US6499107B1 (en) * 1998-12-29 2002-12-24 Cisco Technology, Inc. Method and system for adaptive network security using intelligent packet analysis
US6412007B1 (en) * 1999-01-14 2002-06-25 Cisco Technology, Inc. Mechanism for authorizing a data communication session between a client and a server
US6487666B1 (en) * 1999-01-15 2002-11-26 Cisco Technology, Inc. Intrusion detection signature analysis using regular expressions and logical operators
US6804778B1 (en) * 1999-04-15 2004-10-12 Gilian Technologies, Ltd. Data quality assurance
US6754214B1 (en) * 1999-07-19 2004-06-22 Dunti, Llc Communication network having packetized security codes and a system for detecting security breach locations within the network
US6760844B1 (en) * 1999-07-30 2004-07-06 Unisys Corporation Secure transactions sessions
US20030002676A1 (en) * 2001-06-29 2003-01-02 Stachura Thomas L. Method and apparatus to secure network communications
JP2004194196A (ja) * 2002-12-13 2004-07-08 Ntt Docomo Inc パケット通信認証システム、通信制御装置及び通信端末
JP2004363739A (ja) * 2003-06-03 2004-12-24 Hitachi Ltd 改竄検知可能な、共通鍵暗号の暗号化装置または復号化装置

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0588519A2 (en) * 1992-08-31 1994-03-23 AT&T Corp. Continuous authentication using an in-band or out-of-band side channel
US6760752B1 (en) * 1999-06-28 2004-07-06 Zix Corporation Secure transmission system
US20040025057A1 (en) * 2000-06-15 2004-02-05 Zix Corporation, A Texas Corporation Secure message forwarding system detecting user's preferences including security preferences
US20040059909A1 (en) * 2002-09-24 2004-03-25 Jean-Francois Le Pennec Method of gaining secure access to intranet resources

Also Published As

Publication number Publication date
JP2008544405A (ja) 2008-12-04
JP4601706B2 (ja) 2010-12-22
US20060294367A1 (en) 2006-12-28
US7707417B2 (en) 2010-04-27
EP1897274A1 (en) 2008-03-12

Similar Documents

Publication Publication Date Title
US7062781B2 (en) Method for providing simultaneous parallel secure command execution on multiple remote hosts
US7469343B2 (en) Dynamic substitution of USB data for on-the-fly encryption/decryption
US7886346B2 (en) Flexible and adjustable authentication in cyberspace
EP0683907B1 (en) Method for providing mutual authentication of a user and a server on a network
US7100054B2 (en) Computer network security system
US6532543B1 (en) System and method for installing an auditable secure network
US5692124A (en) Support of limited write downs through trustworthy predictions in multilevel security of computer network communications
US7831722B2 (en) Portable communications device with enhanced security
US8838965B2 (en) Secure remote support automation process
US6198824B1 (en) System for providing secure remote command execution network
KR100994666B1 (ko) 네트워크 기반 디바이스를 위한 액세스 및 제어 시스템
US7707417B2 (en) Secure transmission of data between clients over communications network
US20060005008A1 (en) Security gateway utilizing ssl protocol protection and related method
EP0573248A1 (en) One-time logon means and methods for distributed computing systems
US20070067620A1 (en) Systems and methods for third-party authentication
WO1998032254A1 (en) Security process for public networks
CN115250203A (zh) 一种控制设备准入的方法、装置及相关产品
US8578173B2 (en) Apparatus and method for providing secure communication on a network
WO2001013201A2 (en) Peer-to-peer network user authentication protocol
CN111669746B (zh) 一种用于物联网信息安全的防护系统
US20080060060A1 (en) Automated Security privilege setting for remote system users
WO2007030517A2 (en) Systems and methods for third-party authentication
EP1149483A1 (en) Simplified addressing for private communications
EP1203479A2 (en) Peer-to-peer network user authentication protocol
Kaplan et al. Implementing Kerberos in Distributed Systems

Legal Events

Date Code Title Description
DPE2 Request for preliminary examination filed before expiration of 19th month from priority date (pct application filed from 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2006773558

Country of ref document: EP

ENP Entry into the national phase

Ref document number: 2008518283

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE