Method and system to securely update files via a network

US 20030188160A1
Filed: 02/12/2003
Published: 10/02/2003
Est. Priority Date: 08/02/2001
Status: Abandoned Application

First Claim

Patent Images

1. A method of updating a client file in a multi-party access environment including a plurality of web servers, the method including:

generating at least one customized client update file, the client update file being customized for a client application of at least one of a plurality of users in the multi-party access environment;

generating a secured signature file associated with the client update file;

communicating the secured signature file and the client update file to the plurality of web servers;

downloading the secured signature file and the client update file;

verifying the secured signature file; and

selectively installing the client update file in response to the verification.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system are provided of updating a client file of a client application in a multi-party access environment including a plurality of service providers. The method includes generating at least one customized client update file, the client update file being customized for a client application of at least one of a plurality of users in the multi-party environment. Thereafter a secured signature file associated with the client update file is generated and communicated with the client update file to the plurality of web servers. At various points around the globe, the secured signature file and the client file update may be downloaded to update the client application. The secured signature file may be verified before installing the client update file.

Citations

45 Claims

1. A method of updating a client file in a multi-party access environment including a plurality of web servers, the method including:
- generating at least one customized client update file, the client update file being customized for a client application of at least one of a plurality of users in the multi-party access environment;
  
  generating a secured signature file associated with the client update file;
  
  communicating the secured signature file and the client update file to the plurality of web servers;
  
  downloading the secured signature file and the client update file;
  
  verifying the secured signature file; and
  
  selectively installing the client update file in response to the verification.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, wherein generating the secured signature file includes:
    - passing the client update file through a hashing algorithm to produce a server-side hash; and
      
      encrypting the server-side hash with a private key thereby to define the secured signature file associated with the client update file.
  - 3. The method of claim 1, wherein the client update file includes at least one of an Executable file, a Dynamic Link Library (DLL), a phonebook file, a configuration file, a file defining connection action executables, a device driver, a logo file, and a Windows Service executable file.
  - 4. The method of claim 1, wherein the client file is for a connection application for connecting a client machine to a service access provider.

5. A method of updating a customized client application of at least one of a plurality of users in a multi-party environment, the method including:
- generating at least one customized client update file, the client update file being provided to remotely update the customized client application;
  
  obtaining a private/public key pair;
  
  securing the client update file with a private key of the key pair; and
  
  communicating the secured client update file to the customized client.
- View Dependent Claims (6, 7, 8, 9, 10, 11, 12)
- - 6. The method of claim 5, in which securing the client update file includes:
    - generating a secured signature file associated with the client update file; and
      
      communicating the secured signature file and the client update file to the customized client application.
  - 7. The method of claim 6, in which generating the secured signature file includes:
    - passing the update file through a hashing algorithm to generate a server-side hash; and
      
      encrypting the server-side hash with the private key to provide the secured signature file associated with the client update file.
  - 8. The method of claim 7, in which the client update file includes at least one of a public key, an Executable file, a Dynamic Link Library (DLL), a phonebook file, a configuration file, a file defining connection action executables, a device driver, a logo file, and a Windows Service executable file.
  - 9. The method of claim 6, in which the client application is a connection application to provide roaming Internet access to the user.
  - 10. The method of claim 6, which includes replicating the client update file and the secured signature file from behind a firewall to a plurality of web servers—
    - that are accessible to the public.
  - 11. The method of claim 6, wherein the public key defines an old public key, the method including:
    - providing an updated public key in the form of the client update file; and
      
      generating a secure signature file which is encrypted with the private key corresponding to the old public key.
  - 12. The method of claim 11, which includes generating a plurality of signature files that are all associated with the client update file providing the updated public key, each update file being encrypted with a different old version of a private key corresponding to an old version of the public key.

13. A method of updating a client application on a client machine, the method including:
- establishing a connection with an access server of an access service provider;
  
  determining if a client update file associated with the client application is provided by the access server;
  
  selectively downloading the client update file from the access server when the client update file is present;
  
  verifying the validity of the client update file; and
  
  selectively installing the client update file on the client machine.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The method of claim 13, in which verifying the validity of the client update file includes:
    - downloading a secured signature file associated with the client update file; and
      
      verifying the validity of the secured signature file thereby to verify the validity of the client update file.
  - 15. The method of claim 14, in which verifying the signature file includes:
    - passing the client update file through a hashing algorithm corresponding to a server-side hashing algorithm thereby to generate a client-side hash;
      
      decrypting the secured signature file using a public key to obtain a server-side hash; and
      
      comparing the client-side hash with the server-side hash.
  - 16. The method of claim 15, which includes installing the update file if the client-side hash and the server-side hash match.
  - 17. The method of claim 15, which includes checking for an update file associated with a new public key when the client-side hash and the server-side hash do not match.
  - 18. The method of claim 15, which includes:
    - identifying a secured signature file that has been encrypted with a private key corresponding to the public key of the client application; and
      
      replacing the public key of the client application with an updated public key provided in the client update file if the client-side hash and the server-side hash match.
  - 19. The method of claim 13, wherein the client application is a connection application and the update file is one of an Executable file, a Dynamic Link Library (DLL), a phonebook file, a configuration file, a file defining connection action executables, a device driver, a logo file, and a Windows Service executable file.
  - 20. The method of claim 13, wherein the client application is a connection application to provide roaming Internet access to a user.

21. A machine-readable medium embodying a sequence of instructions that, when executed by a machine cause the machine to execute a method of updating a customized client application of at least one of a plurality of users in a multi-party environment, the method including:
- generating at least one customized client update file, the client update file being provided to remotely update the customized client application;
  
  obtaining a private/public key pair;
  
  securing the client update file with a private key of the key pair; and
  
  communicating the secured client update file to a plurality of web servers for downloading by a user.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28)
- - 22. The machine-readable medium of claim 21, in which securing the client update file includes:
    - generating a secured signature file associated with the client update file; and
      
      communicating the secured signature file and the client update file to the plurality of web servers.
  - 23. The machine-readable medium of claim 22, in which generating the secured signature file includes;
    - passing the update file through a hashing algorithm to generate a server-side hash; and
      
      encrypting the server-side hash with the private key to provide the secured signature file associated with the client update file.
  - 24. The machine-readable medium of claim 23, in which the client update file includes at least one of a public key, a Executable file, a Dynamic Link Library (DLL), a phonebook file, a configuration file, a file defining connection action executables, a device driver, a logo file, and a Windows Service executable file.
  - 25. The machine-readable medium of claim 22, in which the client application is a connection application to provide roaming Internet access to the user.
  - 26. The machine-readable medium of claim 22, in which the method includes replicating the client update file and the secured signature file from behind a firewall to the plurality of web servers.
  - 27. The machine-readable medium of claim 22, wherein the public key defines an old public key, the method including:
    - providing an updated public key in the form of the client update file; and
      
      generating a secure signature file which is encrypted with the old public key.
  - 28. The machine-readable medium of claim 27, wherein the method includes generating a plurality of signature files that are all associated with the client update file providing the updated public key, each update file being encrypted with a different old version of a private key corresponding to an old version of the public key.

29. A machine-readable medium embodying a sequence of instructions that, when executed by a machine, cause the machine to execute a method of updating a client application on a client machine, the method including:
- establishing a connection with an access server of an access service provider;
  
  identifying if a client update file associated with the client application is provided by the access server;
  
  selectively downloading the client update file from the access server when the client update file is present;
  
  verifying the validity of the client update file; and
  
  selectively installing the client update file on the client machine.
- View Dependent Claims (30, 31, 32, 33, 34, 35, 36)
- - 30. The machine-readable medium of claim 29, in which verifying the validity of the client update file includes:
    - downloading a secured signature file associated with the client update file; and
      
      verifying the validity of the secured signature file thereby to verify the validity of the client update file.
  - 31. The machine-readable medium of claim 30, in which verifying the signature file includes:
    - passing the client update file through a hashing algorithm corresponding to a server-side hashing algorithm thereby to generate a client-side hash;
      
      decrypting the secured signature file using a public key to obtain a server-side hash; and
      
      comparing the client-side hash with the server-side hash.
  - 32. The machine-readable medium of claim 31, wherein the method includes installing the update file if the client-side hash and the server-side hash match.
  - 33. The machine-readable medium of claim 31, wherein the method includes checking for an update file associated with a new public key when the client-side hash and the server-side hash do not match.
  - 34. The machine-readable medium of claim 31, wherein the method includes:
    - identifying a secured signature file that has been encrypted with a private key corresponding to the public key of the client application; and
      
      replacing the public key of the client application with an updated public key provided in the client update file if the client-side hash and the server-side hash match.
  - 35. The machine-readable medium of claim 29, wherein the client application is a connection application and the update file is one of an Executable file, a Dynamic Link Library (DLL), a phonebook file, a configuration file, a file defining connection action executables, a device driver, a logo file, and a Windows Service executable file.
  - 36. The machine-readable medium of claim 29, wherein the client application is a connection application to provide roaming Internet access to a user.

37. A computer system to update a customized client application of at least one of a plurality of users in a multi-party environment, the system including:
- an update server to generate at least one customized client update file, the client update file being provided to remotely update the customized client application, the client update file being secured with a private key of the a private/public key pair; and
  
  a communication server to communicate the secured client update file to a plurality of web servers for downloading by a user.
- View Dependent Claims (38, 39, 40, 41, 42, 43, 44)
- - 38. The system of claim 37, in which the client update file is secured by generating a secured signature file associated with the client update file, the communication server communicating the secured signature file and the client update file to the plurality of web servers.
  - 39. The system of claim 38, in which the secured signature file is generated by passing the update file through a hashing algorithm to generate a server-side hash, and encrypting the server-side hash with the private key to provide the secured signature file associated with the client update file.
  - 40. The system of claim 39, wherein the client update file includes at least one of a public key, an Executable file, a Dynamic Link Library (DLL), a phonebook file, a configuration file, a file defining connection action executables, a device driver, a logo file, and a Windows Service executable file.
  - 41. The system of claim 38, wherein the client application is a connection application to provide roaming Internet access to the user.
  - 42. The system of claim 38, in which the communication server replicates the client update file and the secured signature file from behind a firewall to the plurality of web servers that are accessible to the public.
  - 43. The system of claim 38, wherein the public key defines an old public key, the update server providing an updated public key in the form of the client update file, and generating a secure signature file which is encrypted with the old public key.
  - 44. The system of claim 43, wherein the update server generates a plurality of signature files that are all associated with the client update file providing the updated public key, each update file being encrypted with a different old version of a private key corresponding to an old version of the public key.

45. A computer system to update a customized client application of at least one of a plurality of users in a multi-party environment, the system including:
- means to generate at least one customized client update file, the client update file being provided to remotely update the customized client application, the client update file being secured with a private key of the private/public key pair; and
  
  means to communicate the secured client update file to a plurality of web servers for downloading by a user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ipass Incorporated (Pareteum Corp.)
Original Assignee
Ipass Incorporated (Pareteum Corp.)
Inventors
Sunder, Singam, Edgett, Jeff

Application Number

US10/366,071
Publication Number

US 20030188160A1
Time in Patent Office

Days
Field of Search
US Class Current

713/165
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 8/65   Updates security arrangemen...

H04L 63/12   Applying verification of th...

H04L 67/306   User profiles

H04L 67/34   involving the movement of s...

H04L 69/329   in the application layer [O...

Method and system to securely update files via a network

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

45 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system to securely update files via a network

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

45 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links