Secure internet applications with mobile code
First Claim
1. A system for establishing secured communications pathways across an open unsecured network using mobile code, comprising:
- an authentication server;
at least one application server arranged to be connected to the authentication server by a secured pathway; and
at least one platform-independent mobile code authentication and encryption program, wherein said authentication server is arranged to supply said platform-independent mobile code authentication and encryption program to a user'"'"'s computing device upon authentication of the user, wherein said platform-independent authentication and encryption program is arranged to authenticate itself to the authentication server to establish a secure communications pathway without requiring pre-installation of authentication and encryption client software on the user'"'"'s computing device, and wherein said platform-independent mobile code authentication and encryption program is arranged to the transmit data from the user'"'"'s computing device to an application server by encrypting the data and transmitting the data to the authentication server for forwarding to the application server, and by decrypting data originating from the application server and transmitted via the authentication server.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method for securing pathways to a remote application server involves a gateway or authentication server, and a mobile code authentication and encryption client available for download from the gateway or authentication server. Upon connection of a user'"'"'s computing device to the authentication server over the open network, the authentication server requests authentication information, such as a password, from the user, and upon authentication of the user by the authentication server, the authentication server downloads the mobile code authentication and encryption client to the user'"'"'s computing device. The authentication and encryption client then authenticates itself to authentication server, after which a secure communications channel between the user'"'"'s computing device and the authentication server is opened, the secure communications channel permitting transfer of data between the user'"'"'s computing device and an application server. The system and method do not require pre-installation or any certificates or other authentication and encryption software on the user'"'"'s computing device, enabling the system and method to be used with thin-client and mobile computing devices, as well as with conventional computers.
-
Citations
6 Claims
-
1. A system for establishing secured communications pathways across an open unsecured network using mobile code, comprising:
-
an authentication server;
at least one application server arranged to be connected to the authentication server by a secured pathway; and
at least one platform-independent mobile code authentication and encryption program, wherein said authentication server is arranged to supply said platform-independent mobile code authentication and encryption program to a user'"'"'s computing device upon authentication of the user, wherein said platform-independent authentication and encryption program is arranged to authenticate itself to the authentication server to establish a secure communications pathway without requiring pre-installation of authentication and encryption client software on the user'"'"'s computing device, and wherein said platform-independent mobile code authentication and encryption program is arranged to the transmit data from the user'"'"'s computing device to an application server by encrypting the data and transmitting the data to the authentication server for forwarding to the application server, and by decrypting data originating from the application server and transmitted via the authentication server. - View Dependent Claims (2, 3, 5, 6)
-
-
4. A method of establishing secured communications pathways across an open unsecured network using mobile code, comprising the steps of:
-
upon connection of a user'"'"'s computing device to an authentication server over an open network, requesting authentication information from the user;
upon authentication of the user by the authentication server, downloading mobile code including an authentication and encryption client from the authentication server to the user'"'"'s computing device;
causing the authentication and encryption client to authenticate itself to the authentication server;
upon authentication of the authentication and encryption client, opening a secure communications channel between the user'"'"'s computing device and the authentication server, said secure communications channel permitting transfer of data between the user'"'"'s computing device and an application server.
-
Specification