Transaction security in electronic commerce

US 20030236985A1
Filed: 05/20/2003
Published: 12/25/2003
Est. Priority Date: 11/24/2000
Status: Abandoned Application

First Claim

Patent Images

1. A trust server connectable to a gateway server controlling access to a remote server, the trust server comprising a validator operable to validate data received from said gateway server and to store said data in data storage such that said data is retrievable by said gateway server, wherein the validator is operable to identify time-critical and non time-critical validations of said data and to deliver status information relating to each said validation to said gateway appropriately.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A device, system and method are described for parsing and propagating end user identity received from a terminal (1) involved in a wireless session to an application in a gateway server (13). The PLMN (7) of which terminal (1) forms part provides access to external networks including a PSTN (9). In addition to conventional telephone operations, the terminal (1) provides its user with access to the internet (11) via the gateway server (13). The gateway server (13) may be operated by a service provider or perhaps a particular organisation such as a bank which for security reasons wishes to keep control of the gateway server (13). Software through which the transactions are carried out is provided by various so-called back-end applications resident on an applications server (17). A trust server (30) is provided which is connectable to the gateway server (13) controlling access to the application server (17).

54 Citations

View as Search Results

89 Claims

1. A trust server connectable to a gateway server controlling access to a remote server, the trust server comprising a validator operable to validate data received from said gateway server and to store said data in data storage such that said data is retrievable by said gateway server, wherein the validator is operable to identify time-critical and non time-critical validations of said data and to deliver status information relating to each said validation to said gateway appropriately.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. A trust server as claimed in claim 1, wherein the remote server provides access to one or more applications.
  - 3. A trust server as claimed in claim 1, wherein the data is received from a terminal.
  - 4. A trust server as claimed in claim 3, wherein the terminal is a mobile station.
  - 5. A trust server as claimed in claim 1, wherein the data is received from an application.
  - 6. A trust server as claimed in claim 1, wherein the data comprises a public key certificate.
  - 7. A trust server as claimed in claim 1 wherein the data is received from a terminal, the data comprises a public key certificate and the private key corresponding to said public key certificate is stored on said terminal.
  - 8. A trust server as claimed in claim 7, wherein the private key is stored within a token.
  - 9. A trust server as claimed in claim 1, wherein said time critical and non time-critical validations are performed, prior and subsequent to establishment of said session, respectively.

10. A transaction security device for connection to a network including at least one terminal, the device comprising a server operable to validate data provided by a terminal over said connection in order to establish a secure session, wherein said server is operable to carry out time critical and non time-critical validations of said data and to deliver status information relating to each said validation to said device appropriately.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. A device as claimed in claim 10, including storage for said data.
  - 12. A device as claimed in claim 11, wherein the device is operable to respond to a request from said terminal to access an application by obtaining said previously validated data from said server.
  - 13. A device as claimed in claim 10 , wherein the data comprises a public key certificate.
  - 14. A device as claimed in claim 13, wherein the private key corresponding to said public key certificate is stored on said terminal.
  - 15. A device as claimed in claim 14, wherein the private key is stored within a token.
  - 16. A device as claimed in claim 10, wherein the terminal is a mobile station.
  - 17. A device as claimed in claim 10, wherein said time critical and non time-critical validations are performed, prior and subsequent to establishment of said session, respectively.

18. A transaction security system comprising a gateway server connected to a network including at least one terminal and a trust server connected to said gateway server, the trust server being operable to validate data received from said gateway server as provided by a terminal over said connection in order to establish a secure session between said terminal and gateway server, wherein the validator is operable to carry out time-critical and non time-critical validations of said data and to deliver status information relating to each said validation to said gateway server appropriately.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25)
- - 19. A system as claimed in claim 18, wherein said trust server is responsive to a request from said gateway server to provide said validated data thereto.
  - 20. A system as claimed in claim 18, wherein said trust server is operable to deliver status information relating to said non time-critical validation during said secure session.
  - 21. A system as claimed in claim 18, wherein the data comprises a public key certificate.
  - 22. A system as claimed in claim 21, wherein the private key corresponding to said public key certificate is stored on said terminal.
  - 23. A system as claimed in claim 22, wherein the private key is stored within a token.
  - 24. A system as claimed in claim 18, wherein the terminal is a mobile station.
  - 25. A system as claimed in claim 18, wherein said time critical and non time-critical validations are performed, prior and subsequent to establishment of said session, respectively.

26. A transaction security method for a server connected to a network, the method comprising receiving a request to establish a secure session over a network connection and enabling said secure session in response to successful validation of data accompanying said request and following the establishment of said session, selectively performing a further validation of said data such that said session is terminated following an unsuccessful such further validation.
- View Dependent Claims (27, 28, 29, 30, 31, 32, 33)
- - 27. A method as claimed in claim 26, including generating said secure session request in a terminal connected to said network.
  - 28. A method as claimed in claim 26, wherein the data comprises a public key certificate.
  - 29. A method as claimed in claim 27, wherein the data comprises a public key certificate, and a private key corresponding to said public key certificate is stored on said terminal.
  - 30. A method as claimed in claim 29, wherein the private key is stored within a token.
  - 31. A method as claimed in claim 27, wherein the terminal is a mobile station.
  - 32. A computer program comprising executable code for execution when loaded on a computer, wherein the computer is operable in accordance with said code to carry out the method according to claim 26.
  - 33. A program as claimed in claim 32, stored on a computer readable medium.

34. A transaction security device for connection to a network including at least one terminal, the device comprising a server operable to validate data provided by a terminal over said connection in order to establish a secure session and a controller providing access to at least one application over said secure session, the device being operable to respond to a request from said terminal to access an application by obtaining at least part of said previously validated data from said server and forwarding said data to said controller, wherein access to an application is determined by said controller in accordance with said data.
- View Dependent Claims (35, 36, 37, 38, 39)
- - 35. A device as claimed in claim 34, wherein said controller is operable to select an application for access by said terminal in accordance with said data.
  - 36. A device as claimed in claim 34, wherein the data comprises a public key certificate.
  - 37. A device as claimed in claim 36, wherein the private key corresponding to said public key certificate is stored on said terminal.
  - 38. A device as claimed in claim 37, wherein the private key is stored within a token.
  - 39. A device as claimed in claim 34, wherein the terminal is a mobile station.

40. A transaction security system comprising a server connected to a network including at least one terminal, the server being operable to validate data provided by a terminal over said connection in order to establish a secure session therewith, said server being further operable to respond to a request from said terminal for access to an application by providing at least part of said validated data to a controller, such that a determination on whether to permit access by said terminal is made by said controller in response to said validated data.
- View Dependent Claims (41, 42, 43, 44, 45)
- - 41. A system as claimed in claim 40, wherein said controller is operable to select an application for access by said terminal in accordance with said data.
  - 42. A system as claimed in claim 40, wherein the data comprises a public key certificate.
  - 43. A system as claimed in claim 42, wherein the private key corresponding to said public key certificate is stored on said terminal.
  - 44. A system as claimed in claim 43, wherein the private key is stored within a token.
  - 45. A system as claimed in claim 40, wherein the terminal is a mobile station.

46. A transaction security method for a server connected to a network, the method comprising the server acting on a request to establish a secure session over a network connection by validating data received in said request and, following establishment of said session, determining whether to allow a request to access an application by reference to at least part of said previously validated data.
- View Dependent Claims (47, 48, 49, 50, 51, 52, 53, 54)
- - 47. A method as claimed in claim 46, including generating said secure session request in a terminal connected to said network.
  - 48. A method as claimed in claim 46, including generating said application access request in a terminal connected to said network.
  - 49. A method as claimed in claim 46, wherein the data comprises a public key certificate.
  - 50. A method as claimed in claim 48, wherein the data comprises a public key certificate, and a private key corresponding to said public key certificate is stored on said terminal.
  - 51. A method as claimed in claim 50, wherein the private key is stored within a token.
  - 52. A method as claimed in claim 46, wherein the terminal is a mobile station.
  - 53. A computer program comprising executable code for execution when loaded on a computer, wherein the computer is operable in accordance with said code to carry out the method according to claim 46.
  - 54. A program as claimed in claim 53, stored on a computer readable medium.

55. A trust server connectable to a gateway server controlling access to a remote server, the trust server comprising a validator, and data storage, wherein the validator is responsive to a first request from said gateway server to deliver status information relating to data received by said gateway server and to store said data in said storage such that said data is retrievable by said gateway server, said gateway server being operable to determine from said retrieved data and status information whether to allow a request to access said remote server.
- View Dependent Claims (56, 57, 58, 59, 60, 61, 62)
- - 56. A trust server as claimed in claim 55, wherein the remote server provides access to one or more applications.
  - 57. A trust server as claimed in claim 55, wherein the data is received from a terminal.
  - 58. A trust server as claimed in claim 57, wherein the terminal is a mobile station.
  - 59. A trust server as claimed in claim 55, wherein the data is received from an application.
  - 60. A trust server as claimed in claim 55, wherein the data comprises a public key certificate.
  - 61. A trust server as claimed in claim 57, wherein the data comprises a public key certificate, and a private key corresponding to said public key certificate is stored on said terminal.
  - 62. A trust server as claimed in claim 61, wherein the private key is stored within a token.

63. A trust server connectable to a gateway server controlling access to a remote server, the trust server comprising a validator and data storage, wherein the validator is responsive to a first request from said gateway server to deliver status information relating to data received by said gateway server and to store said data in said storage such that said data is retrievable by said gateway server for inclusion in a request to said remote server.
- View Dependent Claims (64, 65, 66, 67, 68, 69, 70)
- - 64. A trust server as claimed in claim 63, wherein the remote server provides access to one or more applications.
  - 65. A trust server as claimed in claim 63, wherein the data is received from a terminal.
  - 66. A trust server as claimed in claim 65, wherein the terminal is a mobile station.
  - 67. A trust server as claimed in claim 63, wherein the data is received from an application.
  - 68. A trust server as claimed in claim 63, wherein the data comprises a public key certificate.
  - 69. A trust server as claimed in claim 65 and claim 68, wherein the private key corresponding to said public key certificate is stored on said terminal.
  - 70. A trust server as claimed in claim 69, wherein the private key is stored within a token.

71. A transaction security device for connection to a network including at least one terminal, the device comprising a server operable to validate data provided by a terminal over said connection in order to establish a secure session, the device being operable to respond to a request from said terminal to access an application by obtaining said previously validated data from said server and forwarding said data to said application along with said request.
- View Dependent Claims (72, 73, 74, 75)
- - 72. A device as claimed in claim 71, wherein the data comprises a public key certificate.
  - 73. A device as claimed in claim 72, wherein the private key corresponding to said public key certificate is stored on said terminal.
  - 74. A device as claimed in claim 73, wherein the private key is stored within a token.
  - 75. A device as claimed in claim 71, wherein the terminal is a mobile station.

76. A transaction security system comprising a server connected to a network including at least one terminal, the server being operable to validate data provided by a terminal over said connection in order to establish a secure session therewith, said server being further operable to respond to a request from said terminal for access to an application by providing said validated data to said application, such that a determination on whether to permit access by said terminal is made by said application in response to said validated data.
- View Dependent Claims (77, 78, 79, 80)
- - 77. A system as claimed in claim 76, wherein the data comprises a public key certificate.
  - 78. A system as claimed in claim 77, wherein the private key corresponding to said public key certificate is stored on said terminal.
  - 79. A system as claimed in claim 78, wherein the private key is stored within a token.
  - 80. A system as claimed in claim 76, wherein the terminal is a mobile station.

81. A transaction security method for a server connected to a network, the method comprising acting on a request to establish a secure session over a network connection including validating data received in said request and following establishment of said session acting on a further request to access an application by providing at least part of said previously validated data to said application for authentication and/or encryption purposes.
- View Dependent Claims (82, 83, 84, 85, 86, 87, 88, 89)
- - 82. A method as claimed in claim 81, including generating said secure session request in a terminal connected to said network.
  - 83. A method as claimed in claim 81, including generating said application access request in a terminal connected to said network.
  - 84. A method as claimed in claim 81, wherein the data comprises a public key certificate.
  - 85. A method as claimed in claim 82, wherein the data comprises a public key certificate, and a private key corresponding to said public key certificate is stored on said terminal.
  - 86. A method as claimed in claim 85, wherein the private key is stored within a token.
  - 87. A method as claimed in claim 82, wherein the terminal is a mobile station.
  - 88. A computer program comprising executable code for execution when loaded on a computer, wherein the computer is operable in accordance with said code to carry out the method according to claim 81.
  - 89. A program as claimed in claim 88, stored on a computer readable medium.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Corporation
Original Assignee
Nokia Corporation
Inventors
Ruuth, Anna-Leena

Application Number

US10/442,321
Publication Number

US 20030236985A1
Time in Patent Office

Days
Field of Search
US Class Current

713/173
CPC Class Codes

G06F 21/35   communicating wirelessly

G06F 21/606   by securing the transmissio...

G06Q 30/06   Buying, selling or leasing ...

H04L 2463/102   applying security measure f...

H04L 63/0823   using certificates cryptogr...

H04L 63/0853   using an additional device,...

H04L 63/0884   by delegation of authentica...

H04L 67/04   specially adapted for termi...

H04W 12/069   using certificates or pre-s...

Transaction security in electronic commerce

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

54 Citations

89 Claims

Specification

Solutions

Use Cases

Quick Links

Transaction security in electronic commerce

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

54 Citations

89 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links