System and method for securing a credential via user and server verification
First Claim
1. A method for securing a credential during an attempt to access a service hosted on a server, comprising:
- (a) receiving, in a secure processor, the credential from an authentication token;
(b) verifying the identity of an individual attempting to use the authentication token to access the service;
(c) cryptographically verifying the server hosting the service; and
(d) releasing the credential for transmission to the server if the identity of the individual is successfully verified and the server is successfully verified.
5 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for securing a credential generated by or stored in an authentication token during an attempt to access a service, application, or resource are provided. A secure processor receives a credential from an authentication token and securely stores the credential. The secure processor then verifies the identity of the individual attempting to use the authentication token and cryptographically verifies the identity of the server being accessed. The credential is only released for transmission to the server if both the identity of the individual and the identity of the server are successfully verified. Alternatively, a secure connection is established between the secure processor and the server being accessed and a secure connection is established between the secure processor and a computing device. The establishment of the secure connections verifies the identity of the server. After the secure connections are established, the identity of the user is verified.
-
Citations
21 Claims
-
1. A method for securing a credential during an attempt to access a service hosted on a server, comprising:
-
(a) receiving, in a secure processor, the credential from an authentication token;
(b) verifying the identity of an individual attempting to use the authentication token to access the service;
(c) cryptographically verifying the server hosting the service; and
(d) releasing the credential for transmission to the server if the identity of the individual is successfully verified and the server is successfully verified. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for securing a credential during an attempt to access a service hosted on a server, comprising:
-
(a) establishing a secure connection between a secure processor and the server;
(b) establishing a secure connection between the secure processor and a computing device;
(c) receiving, in the secure processor, a credential from an authentication token; and
(d) verifying the identity of an individual attempting to use the authentication token to access the service. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21)
-
Specification