System and method for facilitating secure online transactions
First Claim
1. A method for mutually authenticating a client and a server, the method comprising:
- transmitting a token from the server to the client;
establishing a secure data transfer link between the server and the client, a server certificate being transmitted to the client during the establishment of the secure data transfer link;
transmitting to the server a response packet including a full requested Uniform Resource Locator (URL) identifier, a client certificate, the server certificate, the token, and an authenticity identifier corresponding to a private client key, the private client key being associated with the client certificate; and
validating the response packet.
8 Assignments
0 Petitions
Accused Products
Abstract
A method and system for mutually authenticating a client and a server is provided in accordance with an aspect of the present invention. The method commences with transmitting a token from the server to the client. Thereafter, the method continues with establishing a secure data transfer link between the server and the client. A server certificate is transmitted to the client during the establishment of the secure data transfer link. The method continues with transmitting a response packet to the server, which is validated thereby upon receipt. The system includes a client authentication module that initiates the secure data transfer link and transmits the response packet, and a server authentication module that transmits the token and validates the response packet.
61 Citations
32 Claims
-
1. A method for mutually authenticating a client and a server, the method comprising:
-
transmitting a token from the server to the client;
establishing a secure data transfer link between the server and the client, a server certificate being transmitted to the client during the establishment of the secure data transfer link;
transmitting to the server a response packet including a full requested Uniform Resource Locator (URL) identifier, a client certificate, the server certificate, the token, and an authenticity identifier corresponding to a private client key, the private client key being associated with the client certificate; and
validating the response packet. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for authenticating a client to a server, the method comprising:
-
receiving a token from the server;
establishing a secure data transfer link between the server and the client, a server certificate being received from the server during the establishment of the secure data transfer link; and
transmitting to the server a response packet including a full requested Uniform Resource Locator (URL) identifier, a client certificate, the server certificate, the token, and an authenticity identifier corresponding to a private client key, the private client key being associated with the client certificate. - View Dependent Claims (14, 15, 16, 17, 18)
-
-
19. A method for authenticating a server to a client, the method comprising:
-
transmitting a token from the server to the client;
establishing a secure data transfer link between the server and the client, a server certificate being transmitted to the client during the establishment of the secure data transfer link; and
transmitting to the server a response packet including a full requested Uniform Resource Locator (URL) identifier, a client certificate, the server certificate, the token, and an authenticity identifier corresponding to a private client key, the private client key being associated with the client certificate. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. A system for bi-directionally authenticating a client and a server comprising:
-
a server authentication module associated with the server and including a memory for storing a server certificate and a token, the server authentication module being operative to transmit the token and the server certificate to the client; and
a client authentication module associated with the client and including a memory for storing a client certificate, the token, a full requested URL identifier, and the server certificate, the client authentication module being operative to transmit an authentication packet including the server certificate, the token, and the full requested URL identifier. - View Dependent Claims (29, 30, 31)
-
-
32. An article of manufacture comprising a program storage medium readable by a computer, the medium tangibly embodying one or more programs of instructions executable by the computer to perform a method for mutually authenticating a client and a server, the method comprising:
-
transmitting a token from the server to the client;
establishing a secure data transfer link between the server and the client, a server certificate being transmitted to the client during the establishment of the secure data transfer link; and
transmitting to the server a response packet including a full requested Uniform Resource Locator (URL) identifier, a client certificate, the server certificate, the token, and an authenticity identifier corresponding to a private client key, the private client key being associated with the client certificate. validating the response packet.
-
Specification