Server-side digital signature system
First Claim
1. In a processing system including a server capable of communicating with a client via a communications channel, a method of authenticating a data object, the method comprising the steps of, in the server, (1) receiving the data object transmitted from the client to the server via the communications channel;
- (2) generating a signature by processing the data object;
(3) associating the signature with the data object to create a signed object; and
(4) authenticating the signed object, subsequently upon request, by;
(a) deriving from the signed object information representative of the data object and the signature, (b) generating a comparison value using the information representative of the data object, (c) determining whether the comparison value and at least a portion of the signature meet a pre-determined criteria.
1 Assignment
0 Petitions
Accused Products
Abstract
A digital signature system is provided on a server for use by remote clients, such as by using a browser. The server generates and maintains all of the users'"'"' keys used for producing a digital signature. A user sends a data object to the server, and the server generates a digital signature for the data object using the private key stored at the server. The server then sends the digital signature to the client. A client can, at a later time, send the signature back to the server for verification.
209 Citations
103 Claims
-
1. In a processing system including a server capable of communicating with a client via a communications channel, a method of authenticating a data object, the method comprising the steps of, in the server,
(1) receiving the data object transmitted from the client to the server via the communications channel; -
(2) generating a signature by processing the data object;
(3) associating the signature with the data object to create a signed object; and
(4) authenticating the signed object, subsequently upon request, by;
(a) deriving from the signed object information representative of the data object and the signature, (b) generating a comparison value using the information representative of the data object, (c) determining whether the comparison value and at least a portion of the signature meet a pre-determined criteria. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. In a processing system comprising a server capable of communicating with a client via a communications channel, a method of generating a digital signature, the method comprising the steps of, in the server:
-
receiving a data object transmitted from the client to the server via the communications channel;
assigning to the data object a descriptor containing a property field, the property field containing a signature field;
assigning a private key, stored at the server, to the client;
processing the data object using a pre-determined hash function and the private key to generate a signature; and
attaching the signature to the signature field associated with the data object to create a signed object. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
-
-
34. A method of transmitting transaction objects between a client and a server capable of communicating with the client via a communications channel, the method comprising the steps of:
-
receiving at the client, from the server, an HTML object having a header record and an HTML form tag distinct from the header record, the HTML form tag having an outformat field representative of an outgoing transmission cryptographic protocol, receiving, at the client, input form data corresponding to the HTML form tag, generating secure form data by applying the specified outgoing transmission security cryptographic protocol of the HTML form tag to the input form data, and transmitting to the server a return message including the secure form data.
-
-
35. A computer implemented method of providing a digital signature system on a server for use by a remote client, the method comprising:
-
generating on the server a private key for a user on the client;
storing on the server the private key for the user;
generating a digital signature using the stored private key for a data object provided by the user; and
sending the digital signature to the client. - View Dependent Claims (36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55)
-
-
56. A digital signature system including:
-
a server capable of communicating with a client via a communications channel, and means for authenticating a data object, further comprising;
(1) means for receiving the data object transmitted from the client to the server via the communications channel;
(2) means for generating a signature by processing the data object;
(3) means for associating the signature with the data object to create a signed object; and
(4) means for authenticating the signed object, subsequently upon request, by;
(a) deriving from the signed object information representative of the data object and the signature,(b) generating a comparison value using the information representative of the data object, (c) determining whether the comparison value and at least a portion of the signature meet a pre-determined criteria. - View Dependent Claims (57, 58, 59, 60, 61, 62, 63, 64)
-
-
65. A processing system comprising:
-
a server capable of communicating with a client via a communications channel, processing means in the server for generating a digital signature, further comprising;
means for receiving a data object transmitted from the client to the server via the communications channel;
means for assigning to the data object a descriptor containing a property field, the property field containing a signature field;
means for assigning a private key, stored at the server, to the client;
means for processing the data object using a pre-determined hash function and the private key to generate a signature; and
means for attaching the signature to the signature field associated with the data object to create a signed object. - View Dependent Claims (66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82)
-
-
83. A digital signature system for use by a remote client, the system comprising:
-
a server computer;
processing means on the server for generating a private key for a user on the client;
storing means on the server for storing the private key for the user;
processing means for generating a digital signature using the stored private key for a data object provided by the user; and
transmitting means for sending the digital signature from the server to the client. - View Dependent Claims (84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102, 103)
-
Specification