Security assurance method for computer and medium recording program thereof
First Claim
Patent Images
1. A method for assuring security between a server and a client, comprising:
- a step of the client requesting a session to the server;
a step of the server authenticating said session request;
a step of the server transmitting a corresponding application to the requesting source client;
a step of the client authenticating said transmitted application;
a step of the client enabling the execution of said application and deciding whether the command which was input to said application is permitted;
a step of the client rejecting said command when the command is not permitted;
a step of the client executing said command and transmitting the message to the server when the command is permitted;
a step of the server deciding whether said transmitted message is valid;
a step of the server rejecting said message when the message is not valid;
a step of the server executing said message and transmitting a result message thereof to the client when the message is valid;
a step of the client authenticating said transmitted result message; and
a step of the client providing said result message to the user.
2 Assignments
0 Petitions
Accused Products
Abstract
The present invention allows assuring security of processing by the application itself without depending on the operating system. When a plurality of clients perform joint operation via a common server, the processing permitted for each server to perform to the server is predetermined, and when a user requests a processing which is not permitted, the client rejects this request. By this, the security among a plurality of clients can be assured without depending on the server.
-
Citations
9 Claims
-
1. A method for assuring security between a server and a client, comprising:
-
a step of the client requesting a session to the server;
a step of the server authenticating said session request;
a step of the server transmitting a corresponding application to the requesting source client;
a step of the client authenticating said transmitted application;
a step of the client enabling the execution of said application and deciding whether the command which was input to said application is permitted;
a step of the client rejecting said command when the command is not permitted;
a step of the client executing said command and transmitting the message to the server when the command is permitted;
a step of the server deciding whether said transmitted message is valid;
a step of the server rejecting said message when the message is not valid;
a step of the server executing said message and transmitting a result message thereof to the client when the message is valid;
a step of the client authenticating said transmitted result message; and
a step of the client providing said result message to the user. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for assuring security between an operating system (OS) and an application, comprising:
-
a step of the application requesting processing to the OS;
a step of the OS authenticating said processing request;
a step of the OS transmitting a program corresponding to the processing to the requesting source application;
a step of the application enabling execution of said program and deciding whether the command which was input to said program is permitted;
a step of the application rejecting said command when the command is not permitted;
a step of the application executing said command and transmitting the message to the OS when the command is permitted;
a step of the OS deciding whether said transmitted message is valid;
a step of the OS rejecting said message when the message is not valid;
a step of the OS executing said message and transmitting a result message thereof to the application when the message is valid; and
a step of the application providing said result message to the user.
-
-
8. A medium recording a program for computer to execute a method for assuring security between a server and a client, said method comprising:
-
a step of the client requesting a session to the server;
a step of the server authenticating said session request;
a step of the server transmitting a corresponding application to the requesting source client;
a step of the client authenticating said transmitted application;
a step of the client enabling execution of said application and deciding whether the command which was input to said application is permitted;
a step of the client rejecting said command when the command is not permitted;
a step of the client executing said command and transmitting the message to the server when the command is permitted;
a step of the server deciding whether said transmitted message is valid;
a step of the server rejecting said message when the message is not valid;
a step of the server executing said message and transmitting a result message thereof to the client when the message is valid;
a step of the client authenticating said transmitted result message; and
a step of the client providing said result message to the user.
-
-
9. A medium recording a program for a computer to execute a method for assuring security between an OS and an application, said method comprising:
-
a step of the application requesting processing to the OS;
a step of the OS authenticating said processing request;
a step of the OS transmitting a program corresponding to the processing to the requesting source application;
a step of the application enabling execution of said program and deciding whether a command which was input to said program is permitted;
a step of the application rejecting said command when the command is not permitted;
a step of the application executing said command and transmitting the message to the OS when the command is permitted;
a step of the OS deciding whether said transmitted message is valid;
a step of the OS rejecting said message when the message is not valid;
a step of the OS executing said message and transmitting the result message thereof to the application when the message is valid; and
a step of the application providing said result message to the user.
-
Specification