Data network-based system

US 20040088582A1
Filed: 11/26/2003
Published: 05/06/2004
Est. Priority Date: 11/24/2000
Status: Abandoned Application

First Claim

Patent Images

1. A data network-based system adapted for data communication and comprising a number of users belonging to a first category and a number of users belonging to a second category, wherein a first user, belonging to a first category, is adapted to use a chosen security protocol for establishing a secure session with a second user, belonging to a second category, and after positive authentication to allow data communication passage through a firewall, characterized in that a means pre-coupled to said firewall is adapted to establish the identity of the first user through the medium of a handshake procedure belonging to said security protocol and in response to authentication accepted by said means to forward messages, belonging to said secure session, from the first user to the second user.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention relates to a data network-based system (1′) which is adapted for data communication and which includes a number of users (2) belong-ing to a first category and a number of users (3) belonging to a second category. A first user (2) belonging to the first category is adapted to use a chosen security protocol (20, 21) to establish a secure session with a second user (3) belonging to said second category, and subsequent to positive authentication allow data com-munication to pass through a firewall (6). A means (8) pre-coupled to the firewall (6) is adapted to establish the identity of the first user through the medium of a handshake procedure (21) belonging to the security protocol (20), and to allow messages to be forwarded from the first user to the second user belonging to said secure session in response to accepted authentication.

Citations

17 Claims

1. A data network-based system adapted for data communication and comprising a number of users belonging to a first category and a number of users belonging to a second category, wherein a first user, belonging to a first category, is adapted to use a chosen security protocol for establishing a secure session with a second user, belonging to a second category, and after positive authentication to allow data communication passage through a firewall, characterized in that a means pre-coupled to said firewall is adapted to establish the identity of the first user through the medium of a handshake procedure belonging to said security protocol and in response to authentication accepted by said means to forward messages, belonging to said secure session, from the first user to the second user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. A system according to claim 1, characterized in that the first user is a WAP user.
  - 3. A system according to claim 1 or 2, characterized in that said second user is a piece of computer equipment, such as a company-owned web server.
  - 4. A system according to claim 1, 2 or 3, characterized in that a portion of said handshake procedure is exchanged between the first user and said means;
    - in that the means sends to the second user in response to accepted authentication messages received from the first user; and
      
      in that the second user is adapted to then finalise said handshake procedure with the first user.
  - 5. A system according to any one of the preceding claims, characterized in that the pre-coupled means is adapted to allow messages to be forwarded to the second user through the firewall.
  - 6. A system according to any one of the preceding claims, characterized in that the firewall is configured to enable said means and said second user to communicate freely through the firewall.
  - 7. A system according to any one of the preceding claims, characterized in that said means is located in a firewall-related demilitarised zone.
  - 8. A system according to any one of the preceding claims, characterized in that authentication of said first user is effected by using a client certificate.
  - 9. A system according to any one of claims 1-7, characterized in that authentication of said first user is effected by using a one-time password.
  - 10. A system according to any one of the preceding claims, characterized in that said security protocol is selected from a number of accessible security protocols.
  - 11. A system according to any one of the preceding claims, characterized in that the security protocol is a WTLS protocol.
  - 12. A system according to any one of claims 1-9, characterized in that said security protocol is an SSL protocol or a TLS protocol.
  - 13. A system according to any one of claims 1-9, characterized in that said security protocol is an IP-Sec protocol.
  - 14. A computer program product, characterized in that said product includes a computer program code which, when executed by a computer unit, performs the functions assigned to a means according to any one of claims 1 to 13.
  - 15. A computer readable medium, characterized in that said medium includes a computer program product in which a computer program code according to claim 14 is stored.
  - 16. A computer program product according to claim 14, characterized in that the product includes a computer program code which, when executed by a computer which is user-accessible and is adapted to carry out the stages concerning user communication with a means.
  - 17. A carrier medium, characterized in that said medium carries a computer program code required in accordance with one or more of claims 14 or 16.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lars Resenius, Torbjorn Hovmark
Original Assignee
Lars Resenius, Torbjorn Hovmark
Inventors
Resenius, Lars, Hovmark, Torbjorn

Application Number

US10/432,541
Publication Number

US 20040088582A1
Time in Patent Office

Days
Field of Search
US Class Current

713/201
CPC Class Codes

H04L 63/0209   Architectural arrangements,...

H04L 63/0823   using certificates cryptogr...

H04L 67/04   specially adapted for termi...

Data network-based system

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Data network-based system

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links