WO2012166669A3 - Methods and apparatus for preventing crimeware attacks - Google Patents

Methods and apparatus for preventing crimeware attacks Download PDF

Info

Publication number
WO2012166669A3
WO2012166669A3 PCT/US2012/039734 US2012039734W WO2012166669A3 WO 2012166669 A3 WO2012166669 A3 WO 2012166669A3 US 2012039734 W US2012039734 W US 2012039734W WO 2012166669 A3 WO2012166669 A3 WO 2012166669A3
Authority
WO
WIPO (PCT)
Prior art keywords
communication session
central server
communications
devices
user
Prior art date
Application number
PCT/US2012/039734
Other languages
French (fr)
Other versions
WO2012166669A2 (en
Inventor
David W. Kravitz
Donald H. Graham Iii
Josselyn Boudett
Original Assignee
T-Central, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by T-Central, Inc. filed Critical T-Central, Inc.
Publication of WO2012166669A2 publication Critical patent/WO2012166669A2/en
Publication of WO2012166669A3 publication Critical patent/WO2012166669A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0421Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0464Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload using hop-by-hop encryption, i.e. wherein an intermediate entity decrypts the information and re-encrypts it before forwarding it
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/166Implementing security features at a particular protocol layer at the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer And Data Communications (AREA)
  • Telephonic Communication Services (AREA)

Abstract

A central server configured to mediate communications including establishing secure online sessions between user-controlled devices and 3rd party devices, such as a 3rd party device hosting a financial site. The methods and apparatus used to instantiate and carry out the mediated communications can be designed to thwart crimeware. To enable communications between the user-controlled devices and the 3rd party devices, the central server can be configured to instantiate a first secure communication session between the central server and the user-controlled device and a second secure communication session between the central server and the 3rd party device. If desired, separate encryption keys can be used for the first communication session and the second communication session where only the central server possesses the encryption keys for both the first communication session and the second communication session. Optionally, after the communications are established between the devices, the server can withdraw from the communications.
PCT/US2012/039734 2011-05-27 2012-05-25 Methods and apparatus for preventing crimeware attacks WO2012166669A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201161490952P 2011-05-27 2011-05-27
US61/490,952 2011-05-27

Publications (2)

Publication Number Publication Date
WO2012166669A2 WO2012166669A2 (en) 2012-12-06
WO2012166669A3 true WO2012166669A3 (en) 2013-03-21

Family

ID=47260233

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2012/039734 WO2012166669A2 (en) 2011-05-27 2012-05-25 Methods and apparatus for preventing crimeware attacks

Country Status (1)

Country Link
WO (1) WO2012166669A2 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170243013A1 (en) * 2016-02-18 2017-08-24 USAN, Inc. Multi-modal online transactional processing system
IT202000006343A1 (en) * 2020-03-25 2021-09-25 Cleafy Spa Method for monitoring and protecting access to an online service

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070253553A1 (en) * 2004-07-12 2007-11-01 Abdul Rahman Syed Ibrahim A H System, Method of Generation and Use of Bilaterally Generated Variable Instant Passwords.
US20080222736A1 (en) * 2007-03-07 2008-09-11 Trusteer Ltd. Scrambling HTML to prevent CSRF attacks and transactional crimeware attacks

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070253553A1 (en) * 2004-07-12 2007-11-01 Abdul Rahman Syed Ibrahim A H System, Method of Generation and Use of Bilaterally Generated Variable Instant Passwords.
US20080222736A1 (en) * 2007-03-07 2008-09-11 Trusteer Ltd. Scrambling HTML to prevent CSRF attacks and transactional crimeware attacks

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
CHRISTOS XENAKIS ET AL.: "Security in third Generation Mobile Netwo rks", COMPUTER COMMUNICATIONS, vol. 27, 2004, pages 638 - 650 *

Also Published As

Publication number Publication date
WO2012166669A2 (en) 2012-12-06

Similar Documents

Publication Publication Date Title
MX2011010221A (en) Methods and apparatus for providing secure logon to a gaming machine using a mobile device.
WO2009073812A3 (en) Apparatus and method for directing a communication session to a communication device of a group of devices having a common registration identity
GB201309025D0 (en) Data communication
EP2574009A3 (en) Network apparatus based on content name, method of generating and authenticating content name
WO2008103988A3 (en) Method and apparatus to create or join gaming sessions based on proximity
WO2015179849A3 (en) Network authentication system with dynamic key generation
WO2011094096A3 (en) Establishing, at least in part, secure communication channel between nodes so as to permit inspection, at least in part, of encrypted communication carried out, at least in part, between the nodes
WO2011140235A3 (en) Apparatus and method for establishing a peer-to-peer communication session with a host device
WO2014020496A3 (en) Additive content and related client devices
WO2012051047A3 (en) System and method for a reverse invitation in a hybrid peer-to-peer environment
PT2011301E (en) Arrangement of and method for secure data transmission.
WO2012069263A3 (en) Method for authorizing access to protected content
WO2011049712A3 (en) Low-latency peer session establishment
WO2007134263A3 (en) System and method for concurrent sessions in a peer-to-peer hybrid communications network
GB2496212B (en) Method and apparatus for traffic offloading between devices
BR112013032879A2 (en) method for managing login credentials and communication sessions, and session manager
WO2012015234A3 (en) Apparatus and method for controlling session connection in communication system
WO2015139630A3 (en) Fast authentication for inter-domain handovers
WO2014062620A3 (en) Reduction of chaining in conference sessions
EP2139294A4 (en) Multi-terminal session method, communication system and related devices
WO2011140242A3 (en) Apparatus and method for establishing a peer-to-peer communication session with a client device
MX2015002053A (en) Call method, apparatus and system.
MX2017009563A (en) Reducing start-up delay in streaming media sessions.
WO2010008666A3 (en) Secure network portal
SG194674A1 (en) Methods providing public reachability and related systems and devices

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12792367

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12792367

Country of ref document: EP

Kind code of ref document: A2