Data Certification Methods and Apparatus
First Claim
1. A method of providing an electronic signature to a server, the method comprising:
- receiving data for said server at a proxy system for said server;
reading said received data to identify a signature request;
obtaining a signature for a portion of data associated with said request, responsive to said request, andproviding said signature from said proxy system to said server.
2 Assignments
0 Petitions
Accused Products
Abstract
This invention generally relates methods, computer program code, data processing apparatus, and signals for certifying data, in particular by means of an electronic signature. Embodiments of the invention can be implemented on a user terminal without the need for dedicated hardware or software and may be termed “zero-footprint” data certification methods. A method of providing an electronic signature to-a-server; the method including receiving data for said server at a proxy system for said server; reading said received data to identify a signature request; obtaining a signature for a portion of said received data associated with said request responsive to said request, and providing said signature from said proxy system to said server. The use of a signature-enabled reverse proxy enables the use of a zero footprint user terminal, that is without the need to add additional functionality to the terminal for the purposes of signature creation in the context of a distributed application architecture.
119 Citations
62 Claims
-
1. A method of providing an electronic signature to a server, the method comprising:
-
receiving data for said server at a proxy system for said server; reading said received data to identify a signature request; obtaining a signature for a portion of data associated with said request, responsive to said request, and providing said signature from said proxy system to said server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 14, 15)
-
-
12. A method of providing an electronic signature to a server, the method comprising:
-
receiving data to be signed from said server at a proxy system; sending said data to be signed from said proxy system to a user; receiving a signature request for said data to be signed at said proxy system; obtaining a signature for said data to be signed responsive to said signature request, and providing said signature from said proxy system to said server.
-
-
13. (canceled)
-
16. (canceled)
-
17. A method of authenticating electronic data supplied by a user of a source device to a remote device, the method comprising:
-
receiving input data including data for authentication from the source device; identifying authentication request information in the input data; obtaining authentication data for said data for authentication responsive to said identifying, and outputting the authentication data for said remote device; wherein the authentication data authenticates that the supplier of the data is the user. - View Dependent Claims (18, 19, 20, 21, 23)
-
-
22. (canceled)
-
24. A data processing apparatus for processing electronic data supplied by a user of a source device to be signed, the apparatus comprising;
-
a communication interface for inputting and outputting data; a data memory operable to store data to be processed; an instruction memory storing processor implementable instructions; and a processor coupled to said data memory and to said instruction memory and operable to read and process the stored data in accordance with the instructions in the instruction memory; and wherein the instructions stored in the instruction memory comprise instructions for controlling the processor to; receive input data including data for authentication from a source device; identifying authentication request information in the input data; obtain authentication data for said data for authentication; and output the authentication data for a recipient device; wherein the authentication data authenticates that the supplier of the data is the user. - View Dependent Claims (25, 26, 27)
-
-
28. A method of supplying electronic data to a remote device for signing, the method comprising:
-
receiving data at a user terminal from a first remote device, said received data incorporating a request for user input data and signature request data; inputting user data in accordance with said request; and outputting to a second remote device data incorporating said user input data and said signature request data. - View Dependent Claims (29, 30)
-
-
31. (canceled)
-
32. A processing apparatus for processing electronic data to be signed, the apparatus comprising:
-
a communication interface for inputting and outputting data; a data memory operable to store data to be processed; an instruction memory storing processor implementable instructions; and a processor operable to read and process the stored data in accordance with the instructions in the instruction memory; and wherein the instructions stored in the instruction memory comprise instructions for controlling the processor to; receive from a first remote device data incorporating a request for user input data and signature request data; input user data in accordance with said request; and output to a second remote device data incorporating said user input data and said signature request data. - View Dependent Claims (33)
-
-
34. A reverse proxy device, the device comprising
means to authenticate an application to a user of a user terminal; -
means to obtain an authentication for said user of said user terminal; means to obtain a signature for user data; and means to receive from said terminal user data for signature and a signature request, and responsive to said signature request, to obtain a signature for said user data and forward said signature and said user data to said application. - View Dependent Claims (35, 36, 37, 38, 39, 40, 41, 42, 43, 45)
-
-
44. (canceled)
-
46. (canceled)
-
47. (canceled)
-
48. A method of protecting a link between a user terminal and an application server via a proxy system for said application server, the method comprising:
-
receiving data from said application server at said proxy system; determining whether said received data includes data for establishing a connection between said user terminal and an address to which connection is forbidden; and forwarding said received data to said user terminal responsive to said determining. - View Dependent Claims (49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60)
-
-
61. Data processing apparatus for protecting a link between a user terminal and an application server via a proxy system for said application server, the apparatus comprising:
-
a communication interface for inputting and outputting data; a data memory operable to store data to processed; an instruction memory storing processor implementable instructions; and a processor coupled to said data memory and to said instruction memory and operable to read and process the stored data in accordance with the instructions in the instruction memory; and wherein the instructions stored in the instruction memory comprise instructions for controlling the processor to; receive data from said application server via said proxy system; determine whether said received data includes data for establishing a connection between said user terminal and an address to which connection is forbidden; and forward said received data via said proxy system to said user terminal responsive to said determining. - View Dependent Claims (62)
-
Specification