System and Method for Secure Remote Access
First Claim
1. A method of directing a client to establish a secure connection with a server providing remote customer services across a network, the server and the client having exchanged a server authentication public key, a client authentication public key, and a remote service unique identifier during a registration process, the method comprising:
- (a) transmitting from the client to the server a client information package including the unique identifier and a client challenge information package encrypted with the server authentication public key, wherein the unique identifier uniquely identifies a remote service customer;
(b) receiving at the client from the server a server information package having the unique identifier and a server challenge information package encrypted with the client authentication public key;
(c) decrypting and verifying the server challenge information package with the client authentication private key; and
(d) transmitting from the client to the server an encrypted portion of the received server challenge information to facilitate access by the client to the remote customer services.
4 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for directing a client to establish a secure connection with a server across a public network. The server and the client exchange a Server Authentication Public Key, a Client Authentication Public Key, and a Remote Service Unique Identifier (RSUID) during a registration process. In one embodiment, the method includes the client transmitting to the server a client information package having the RSUID and a client challenge information package encrypted with the Server Authentication Public Key, the client receiving from the server a server information package having the RSUID and a server challenge information package and a portion of the received client challenge information encrypted with the Client Authentication Public Key, the client decrypting and verifying the server challenge information package with the Client Authentication Private Key, and, the client transmitting to the server an encrypted portion of the received client challenge information.
-
Citations
22 Claims
-
1. A method of directing a client to establish a secure connection with a server providing remote customer services across a network, the server and the client having exchanged a server authentication public key, a client authentication public key, and a remote service unique identifier during a registration process, the method comprising:
-
(a) transmitting from the client to the server a client information package including the unique identifier and a client challenge information package encrypted with the server authentication public key, wherein the unique identifier uniquely identifies a remote service customer;
(b) receiving at the client from the server a server information package having the unique identifier and a server challenge information package encrypted with the client authentication public key;
(c) decrypting and verifying the server challenge information package with the client authentication private key; and
(d) transmitting from the client to the server an encrypted portion of the received server challenge information to facilitate access by the client to the remote customer services. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A program product apparatus having a computer readable medium with computer program logic recorded thereon for directing a client to establish a secure connection with a server providing remote customer services across a network, the server and the client having exchanged a server authentication public key, a client authentication public key, and a remote service unique identifier during a registration process, said program product apparatus comprising:
-
an initiation module to transmit from the client to the server a client information package including the unique identifier and a client challenge information package encrypted with the server authentication public key, wherein the unique identifier uniquely identifies a remote service customer;
a reception module to receive at the client from the server a server information package having the unique identifier and a server challenge information package encrypted with the client authentication public key;
a decryption module to decrypt and verify the server challenge information package with the client authentication private key; and
a response module to transmit from the client to the server an encrypted portion of the received server challenge information to facilitate access by the client to the remote customer services. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A method for directing a server providing remote customer services to establish a secure connection with a client across a network, the server and the client having exchanged a server authentication public key, a client authentication public key, and a remote service unique identifier during a registration process, the method comprising:
-
(a) receiving at the server from the client a client information package having the unique identifier and a client challenge information package encrypted with the server authentication public key, wherein the unique identifier uniquely identifies a remote service customer;
(b) retrieving an associated server authentication private key utilizing the received unique identifier as an index;
(c) decrypting and verifying the client challenge information package with the server authentication private key;
(d) transmitting from the server to the client a server information package including the unique identifier and a server challenge information package encrypted with the client authentication public key; and
(e) enabling access by the client to the remote customer services in accordance with an appropriate response from the client. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A program product apparatus having a computer readable medium with computer program logic recorded thereon for directing a server providing remote customer services to establish a secure connection with a client across a network, the server and the client having exchanged a server authentication public key, a client authentication public key, and a remote service unique identifier during a registration process, said program product apparatus comprising:
-
a reception module at the server to receive from the client a client information package having the unique identifier and a client challenge information package encrypted with the server authentication public key, wherein the unique identifier uniquely identifies a remote service customer;
an index module at the server to retrieve an associated server authentication private key utilizing the received unique identifier as an index;
a validation module at the server to decrypt and verify the client challenge information package with the server authentication private key;
a transmission module at the server to transmit to the client a server information package including the unique identifier and a server challenge information package encrypted with the client authentication public key; and
an access module at the server to enable access by the client to the remote customer services in accordance with an appropriate response from the client. - View Dependent Claims (17, 18, 19, 20)
-
-
21. A system to establish a secure connection between a server computer system providing remote customer services and a client across a network, the server computer system and the client having exchanged a server authentication public key, a client authentication public key, and a remote service unique identifier during a registration process, the system comprising:
-
a server computer system in communication with a client via a network;
a reception module at the server computer system to receive from the client a client information package having the unique identifier and a client challenge information package encrypted with the server authentication public key, wherein the unique identifier uniquely identifies a remote service customer;
an index module at the server computer system to retrieve an associated server authentication private key utilizing the received unique identifier as an index;
a validation module at the server computer system to decrypt and verify the client challenge information package with the server authentication private key; and
a transmission module at the server computer system to transmit to the client a server information package including the unique identifier and a server challenge information package encrypted with the client authentication public key; and
an access module at the server computer system to enable access by the client to the remote customer services in accordance with an appropriate response from the client. - View Dependent Claims (22)
-
Specification