Security system for computer transactions
First Claim
1. A security system for computer transactions with a central computer having data and software applications stored thereon comprising:
- a remote terminal accessible to a network through which transactions to said central computer can be accomplished, said remote terminal having a USB port and being utilized by a remote user;
a USB Security Key embedded with a personal digital certificate unique to said remote user, said USB Security Key being insertable into said USB port on said remote terminal, said USB Security Key requiring the inputting of a personal identification number to enable access of said personal digital certificate by said remote terminal; and
a secure access appliance positioned to intercept communications from said remote terminal before reaching said central computer, said secure access appliance requiring authentication of said personal digital certificate before permitting access from said remote terminal to said central computer.
1 Assignment
0 Petitions
Accused Products
Abstract
A Security system for computer transactions incorporates a USB Security Key, a remote terminal and a secure access appliance to provide Security for a central computer. The USB Security Key is coded with a personal digital certificate and is required to be inserted into the remote terminal, along with the input of a personal identification number, before communications with the secure access appliance can be authenticated. The remote terminal is provided only with a central processing unit, random access memory, and restricted access, non-volatile flash memory storage device, which when used with a central computer, eliminates the need to store data on a permanent memory storage device. Software applications can be downloaded from the central computer for operation by the remote terminal. Since the IP address/name of the central computer is hidden by the secure access appliance, the central computer remains secure from unauthorized access and provides an audit trail.
75 Citations
25 Claims
-
1. A security system for computer transactions with a central computer having data and software applications stored thereon comprising:
-
a remote terminal accessible to a network through which transactions to said central computer can be accomplished, said remote terminal having a USB port and being utilized by a remote user;
a USB Security Key embedded with a personal digital certificate unique to said remote user, said USB Security Key being insertable into said USB port on said remote terminal, said USB Security Key requiring the inputting of a personal identification number to enable access of said personal digital certificate by said remote terminal; and
a secure access appliance positioned to intercept communications from said remote terminal before reaching said central computer, said secure access appliance requiring authentication of said personal digital certificate before permitting access from said remote terminal to said central computer. - View Dependent Claims (2, 3)
-
-
4. A method of securing transactions between a remote terminal and a central computer on which data is stored, comprising the steps of:
-
inserting a USB Security Key into a USB port on said remote terminal, said USB Security Key having a personal digital certificate embedded therein;
inputting a personal identification number into said remote terminal;
matching said personal identification number against a resident identification number stored in said USB Security Key;
if said inputted personal identification number matched the resident identification number on the USB Security Key, extracting the personal digital certificate from said USB Security Key into said remote terminal;
forwarding said personal digital certificate to an intermediate secure access appliance;
authenticating said personal digital certificate against a known Certificate Authority; and
if said personal digital certificate is authenticated, permitting access to said central computer from said remote terminal through said secure access appliance. - View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method of authenticating a user of a computer terminal having a USB port and an Internet connection, comprising the steps of:
-
inserting a USB Security Key into said USB port in said computer terminal, said USB Security Key having embedded therein a personal digital certificate and a resident identification number;
inputting into said computer terminal a personal identification number;
comparing said inputted personal identification number with said resident identification number in said USB Security Key;
if said personal identification number and said resident identification number match, extracting said personal digital certificate from said USB Security Key into said computer terminal; and
validating said personal digital certificate with a remote Certificate Authority over the Internet. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
-
21. A method of securing a central computer having data stored thereon from unauthorized access from a user of a remote computer terminal, comprising the steps of:
-
providing a secure access appliance to receive all communications to and transactions with said central computer to shield said remote computer terminal from an IP address of said central computer; and
requiring authentication of said user before granting access to said central computer through said secure access appliance. - View Dependent Claims (22, 23, 24, 25)
-
Specification