Securing computer network communication using a proxy server
First Claim
1. A system for authenticating a user, the system comprising:
- a sending system connected to a network and comprising a processor connected to a storage device, one or more input/output devices, and a port for communicating through the network wherein the processor is configured to send a digital certificate, a password associated with a user identity, and a hardware identifier that is associated with the sending system over the network to a server system and to execute software using a secure layer protocol located between an application layer and a transport layer, and the server system connected to the network to receive the digital certificate, a password associated with a user identity, and a hardware identifier, the server system comprising a processor configured to execute software located between the application layer and the transport layer capable of authenticating, based on the received digital certificate and the received password, a user identity of the sending system and authenticating, based on the received the hardware identifier, the sending system.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques are provided for using an authentication proxy server for a destination server to authenticate the identity of the user of a client system based on a digital certificate and a user password. The authentication proxy server also cryptographically associates a digital signature with hardware of a particular client system and later authenticates the hardware of the client system based on the digital signature associated with the hardware. When these techniques are combined with authenticating the destination server based on a digital certificate and authentication the encryption of communications between a browser of the a client system and the a destination server, an authenticated identity for an application user may be provided to the application and the need for the application to request and authenticate a user identifier and password is eliminated.
-
Citations
7 Claims
-
1. A system for authenticating a user, the system comprising:
-
a sending system connected to a network and comprising a processor connected to a storage device, one or more input/output devices, and a port for communicating through the network wherein the processor is configured to send a digital certificate, a password associated with a user identity, and a hardware identifier that is associated with the sending system over the network to a server system and to execute software using a secure layer protocol located between an application layer and a transport layer, and the server system connected to the network to receive the digital certificate, a password associated with a user identity, and a hardware identifier, the server system comprising a processor configured to execute software located between the application layer and the transport layer capable of authenticating, based on the received digital certificate and the received password, a user identity of the sending system and authenticating, based on the received the hardware identifier, the sending system. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
Specification