Systems and methods for protecting information carried on a data network
First Claim
Patent Images
1. A method for securely storing information and transferring information between a client and a server, comprising at the server:
- a) receiving said information and a client request to perform a server action, b) responsive to receiving the client request, performing the server action and generating an encryption key assigned to the client, said encryption key being associated with a client identifier, c) encrypting at least a portion of said information using the encryption key, thereby forming an encrypted cookie, d) returning to the client said encrypted cookie, and e) deleting said information from a server database and storing on the server database only the encryption key associated with the client identifier.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for secure data transmission, data storage and data retrieval over a network is disclosed. The data containing, for example, sensitive information such as billing and shipping records in a commercial transaction, is encrypted and placed on one system, with the encryption/decryption key placed on another system. The only relationship between the systems is the fact that they have exchanged information. This system is difficult to breach because both systems need to be compromised in order to access the encrypted data.
75 Citations
15 Claims
-
1. A method for securely storing information and transferring information between a client and a server, comprising at the server:
-
a) receiving said information and a client request to perform a server action, b) responsive to receiving the client request, performing the server action and generating an encryption key assigned to the client, said encryption key being associated with a client identifier, c) encrypting at least a portion of said information using the encryption key, thereby forming an encrypted cookie, d) returning to the client said encrypted cookie, and e) deleting said information from a server database and storing on the server database only the encryption key associated with the client identifier. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for securely storing information and transferring information between a client and a server, comprising at the server:
-
a) receiving said information and a client request to perform a server action, b) responsive to receiving the client request, performing the server action and generating an encryption key assigned to the client, c) encrypting said information using the encryption key, thereby forming an encrypted cookie, and associating the encrypted information with a client identifier, d) returning to the client said encryption key, and e) deleting said encryption key a server database and storing on the server database only the encrypted information associated with the client identifier. - View Dependent Claims (11, 12, 13)
-
-
14. A computer program embodied in a computer readable medium, causing a computer, upon receiving via a network from a client sensitive information and a request to perform an action, to:
-
a) perform the server action and generate an encryption key assigned to the client, said encryption key being associated with a client identifier, b) encrypt said sensitive information using the encryption key, thereby forming an encrypted cookie, c) return to the client via the network said encrypted cookie, and d) delete said sensitive information from a computer database and storing on the computer database only the encryption key associated with the client identifier. - View Dependent Claims (15)
-
Specification