Novel method and system of Network Integrity via Digital Authorization (NIDA) for enhanced internet security

US 20080066163A1
Filed: 08/21/2007
Published: 03/13/2008
Est. Priority Date: 09/07/2006
Status: Active Grant

First Claim

Patent Images

1. A method and system of online transactions on the World Wide Web for guaranteeing network integrity via digital authorization of the transaction, comprising of a graphic representation of the identity of the authorized remote server on the visible portion of the web page served by that remote server, such graphic representation is capable of being scanned, read and allowed access, only if resolved to the identity of the authorized remote server every time that web page is requested by another authorized computer connected to the Internet.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A novel method for online authentication of an authorized website is described to prevent the circulation of forged web pages on the World Wide Web. The novel feature of the instant invention is encryption-independent method of securing online transactions by authenticating the server to the client and client to the server. In the instant invention the approach is deployed in curbing the menace of spoofed websites on the World Wide Web by allowing the delivery of only those web pages that are authentic and hosted on an authorized remote server. The method comprises of a graphic representation of the identity of the authorized remote server on the visible portion of the web page served by that remote server. Such graphic representation is capable of being scanned, read and allowed access, only if resolved to the identity of the authorized remote server every time that web page is requested by another authorized computer connected to the Internet.

19 Citations

View as Search Results

20 Claims

1. A method and system of online transactions on the World Wide Web for guaranteeing network integrity via digital authorization of the transaction, comprising of a graphic representation of the identity of the authorized remote server on the visible portion of the web page served by that remote server, such graphic representation is capable of being scanned, read and allowed access, only if resolved to the identity of the authorized remote server every time that web page is requested by another authorized computer connected to the Internet.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the graphic representation is a barcode encoding the 12 digits of the IP address as identity of the authorized remote server.
  - 3. The method of claim 1, wherein the graphic representation of the identity of remote server is encoded in a non-linear, two dimensional symbology comprising of bars of variable height and breadth encoding each digit of the numbers from 1 through 0.
  - 4. The method of claim 1, wherein the graphic representation of the identity of remote server is encoded in a non-linear, two dimensional symbology comprising of a patterns of pixel distribution representing the known alphanumeric digits.
  - 5. The method of claim 1, wherein the graphically coded pages of the authorized remote server are scanned, read and resolved to the identity of the remote server by an intervening computer located at the ISP before being delivered to the client computer who requests the page.
  - 6. The method of claim 1, wherein the graphically coded pages of the authorized remote server are scanned, read and resolved to the identity of the remote server by the client computer before accepted for display.
  - 7. The method of claim 1, wherein the web pages that cannot be resolved to an authorized remote server'"'"'s identity are identified as spoofed, denied access and reported to law enforcement authorities.

8. A method of barring movement of spoofed or forged websites on the World Wide Web, comprising of a network of the following nodes, a. Node 1 is the first remote server hosting the Web page bearing a Network Integrity Digital Authorization (NIDA) seal incorporating a page specific graphic representation encoding the 12 digit IP address of that specific remote server. b. Node 2 is a client computer. c. Node 3 is the second remote server located at client'"'"'s Internet Service Provider, running the NIDA seal Auditor software application for authenticating the requested Web page by resolving the NIDA seal to the authorized node 1 IP address.
- View Dependent Claims (9, 10, 11)
- - 9. The method of claim 8, wherein the NIDA seal is a barcode deploying two dimensional symobology.
  - 10. The method of claim 8, wherein the client dispatches a URL request from Node 2 to Node 1, for display of the authorized Web page on the client computer, in response to which the NIDA Auditor Application at Node 3 ISP server, verifies and audits any incoming Web page with NIDA seal by resolving the NIDA seal to its authorized IP address, and allows the requested Web page to be delivered to the client only if the NIDA seal resolves to the authentic IP address of the authorized host of that Web page, while rejecting the client request if the NIDA seal does not resolve to the authentic IP address.
  - 11. The method of claim 8, wherein Node 4 is a computer terminal located at a law enforcement or victim company location, which receives an alphanumeric incident report description of the victim company, the victim ISP, the victim user and the fraudster from the node the Node 3 NIDA Auditor Application.

12. A method of securing access to an authorized remote server on the World Wide Web by an authorized client via an authorized Internet Service Provider (ISP), comprising of a network of the following nodes, wherein:
- a. Node 1 is the first remote server hosting the Web page bearing a Network Integrity Digital Authorization (NIDA) seal incorporating a page specific code encoding not less than 12 and not more than 36 digit numeric network dependant dynamic identification of the served page. b. Node 2 is a client interface NIDA seal Scanner application. c. Node 3 is the second remote server running the NIDA seal Auditor software application for authenticating the Node 1 Web page to the Node 2 client, and the Node 2 client to the Node 1 server by resolving the dynamic NIDA seal code to the authorized IP addresses of Node 1 and Node 2.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
- - 13. The method of claim 12, wherein the NIDA seal is a dynamic graphic representation encoding a dynamic 36-digit numeric identification comprising of a 12 digit constant segment representing IP address of the Node 1 Web server, 12-digit variable segment representing the IP address of an intervening server such as the ISP server, and a 12-digit hypervariable segment representing the IP address of the client computer.
  - 14. The method of claim 12, wherein the NIDA seal comprise of 36 random numeral digits encoding a 36 digit numeric identity comprising of a 12 digit constant segment representing IP address of the Node 1 Web server, 12-digit variable segment representing the IP address of an intervening server such as the ISP server, and a 12-digit hypervariable segment representing the IP address of the client computer.
  - 15. The method of claim 12, wherein the Node 2 NIDA seal scanner is a software application either independent or integrated within a Web browser operating on the client computer for capturing the dynamic NIDA seal for decoding.
  - 16. The method of claim 12, wherein the Node 2 NIDA seal scanner is a mobile/cellular phone equipped with a digital camera with the ability to take a snap shot of the NIDA seal and transmit it to the Node 3 remote server running the decoder software application.
  - 17. The method of claim 12, wherein the Node 2 NIDA seal scanner is platform independent JAVA application running from another Web page requested by the Node 2 client computer to capture and decode the dynamic NIDA seal.
  - 18. The method of claim 12, wherein the Node 3 NIDA seal Auditor software application is integrated within the Node 2 NIDA seal scanner.
  - 19. The method of claim 12, wherein, the Node 3 NIDA seal Auditor software application delivers to the client computer a “
    - FORGED PAGE ALERT”
      
      message if the requested Web page NIDA seal description does not resolve to the authorized IP address, and “
      
      ACCESS DENIED”
      
      message if the user is not an authorized user.
  - 20. The method of claim 12, wherein an additional Node 4 is located at a law enforcement terminal, which receives an alphanumeric incident report description of the victim company, the victim ISP, the victim user and the fraudster from the node the Node 3 NIDA Auditor Application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Fazal Raheman
Original Assignee
Fazal Raheman
Inventors
Raheman, Fazal

Granted Patent

US 8,397,279 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/4
CPC Class Codes

H04L 63/0869 for achieving mutual authen...

Novel method and system of Network Integrity via Digital Authorization (NIDA) for enhanced internet security

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

19 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Novel method and system of Network Integrity via Digital Authorization (NIDA) for enhanced internet security

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

19 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links