Arrangement of and method for secure data transmission
3 Assignments
0 Petitions
Accused Products
Abstract
A method of and system for secure data transmission between a client and a third party computer arrangement. The method includes authenticating a user of the client by a security server via a communication session; making available a key pair by the security server, the key pair including a public key and a private key; and performing the secure data transmission between the client and the third party computer arrangement while using the key pair. The key pair having a limited life time defined by: a predetermined duration in time, a predetermined number of communication sessions, or a predetermined number of actions.
-
Citations
62 Claims
-
1-30. -30. (canceled)
-
31. A method of secure data transmission in a communication session between a client and a third party computer arrangement, comprising:
-
a) setting up an initial secure, encrypted communication session between said client and a security server via a public communication network that is connecting said client and said security server; b) in said initial secure, encrypted communication session, authenticating a user of said client in an authentication process controlled by said security server while using an authentication protocol with a predetermined security level; c) in said initial secure, encrypted communication session, making available a digital certificate comprising a public key and one or more attributes, and a private key associated with said public key, said digital certificate and said private key being associated with said client; d) in said initial secure, encrypted communication session, automatically installing said digital certificate and private key on said client; e) performing said secure data transmission in said communication session between said client and said third party computer arrangement while using said public key and said private key; wherein said digital certificate has a limited life time defined by at least one attribute, said at least one attribute defining at least one of a predetermined duration in time, a predetermined number of communication sessions, a predetermined number of actions. - View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46)
-
-
47. A system comprising a client, a security server and a third party computer arrangement in which:
-
a) said client and said security server are arranged to set up an initial secure, encrypted communication session between them via a public communication network that is connecting said client and said security server; b) said security server is arranged to control in said initial secure, encrypted communication session, authentication of a user of said client while using an authentication protocol with a predetermined security level; c) said security server is arranged to make available in said initial secure, encrypted communication session, a digital certificate comprising a public key and one or more attributes, and a private key associated with said public key, said digital certificate and said private key being associated with said client; d) said client being arranged to automatically install in said initial secure, encrypted communication session, said digital certificate and private key; e) said client and said third party computer arrangement are arranged to perform a secure data transmission in a communication session between them while using said public key and said private key; wherein said system comprises a processor for identifying that said digital certificate has a limited life time defined by at least one attribute and removing said digital certificate upon expiry of said lifetime, said at least one attribute defining at least one of a predetermined duration in time, a predetermined number of communication sessions, a predetermined number of actions. - View Dependent Claims (48, 49, 50, 51, 52)
-
-
53. A security server comprising a processor and memory, the memory storing data and instructions to let said processor run a predetermined computer program, said program allowing said security server to:
-
a) set up an initial secure, encrypted communication session with a client via a public communication network that is connecting said client and said security server; b) in said initial secure, encrypted communication session, authenticate a user of said client while using an authentication protocol with a predetermined security level; c) in said initial secure, encrypted communication session, make available a digital certificate comprising a public key and one or more attributes, and a private key associated with said public key, said digital certificate and said private key being associated with said client; wherein said digital certificate has a limited life time defined by at least one attribute, said at least one attribute defining at least one of a predetermined duration in time, a predetermined number of communication sessions, a predetermined number of actions.
-
-
54. A client comprising a processor and memory, the memory storing data and instructions to let said processor run a predetermined computer program, said program allowing said client to:
-
a) set up an initial secure, encrypted communication session with a security server via a public communication network that is connecting said client and said security server; b) after being authenticated with a predetermined security level, receive, in said initial secure, encrypted communication session, a digital certificate comprising a public key and one or more attributes, and receive a private key associated with said public key; c) automatically install in said initial secure, encrypted communication session, said digital certificate and private key; d) perform a secure data transmission in a communication session between said client and a third party computer arrangement while using said public key and said private key; wherein said client comprises a processor for identifying that said digital certificate has a limited life time defined by at least one attribute and removing said digital certificate upon expiry of said lifetime, said at least one attribute defining at least one of a predetermined duration in time, a predetermined number of communication sessions, a predetermined number of actions.
-
-
55. A method of performing a secure data transmission in a communication session between a client and a third party computer arrangement, comprising in said client:
-
a) setting up an initial secure, encrypted communication session with a security server via a public communication network that is connecting said client and said security server; b) after being authenticated with a predetermined security level, receiving, in said initial secure, encrypted communication session, a digital certificate comprising a public key and one or more attributes, and receiving a private key associated with said public key; c) automatically installing in said initial secure, encrypted communication session, said digital certificate and private key; d) performing a secure data transmission in a communication session between said client and a third party computer arrangement while using said public key and said private key; e) identifying that said digital certificate has a limited life time defined by at least one attribute and removing said digital certificate upon expiry of said lifetime, said at least one attribute defining at least one of a predetermined duration in time, a predetermined number of communication sessions, a predetermined number of actions. - View Dependent Claims (56, 57)
-
-
58. A system for preventing at least one of phishing and pharming threats, said system comprising a server and a client, said server comprising a server processor and server memory, said server memory storing data and instructions to let said server processor perform a predetermined server program and storing data as to possible phishing and pharming threats by one or more websites, said client comprising a client processor and client memory, said client memory storing data and instructions to let said client processor perform a predetermined client program, as well as a web browser, said predetermined client processor being arranged for, as instructed by said predetermined client program:
-
detecting said web browser to start; setting up a connection with said server; retrieving from said server said data as to possible phishing and pharming threats by said one or more websites; and informing said web browser of said data as to possible phishing and pharming threats by said one or more websites so as to allow said web browser at least one of blocking access to said one or more websites and informing a user of said client.
-
-
59. A client comprising a client processor and client memory, said client memory storing data and instructions to let said client processor perform a predetermined client program, as well as a web browser, said predetermined client processor being arranged for, as instructed by said predetermined client program:
-
detecting said web browser to start; setting up a connection with a server; retrieving from said server data as to possible phishing and pharming threats by one or more websites; and informing said web browser of said data as to possible phishing and pharming threats by said one or more websites so as to allow said web browser at least one of blocking access to said one or more websites and informing a user of said client.
-
-
60. A method performed on a client, comprising:
-
detecting a web browser to start on said client; setting up a connection with a server; retrieving from said server data as to possible phishing and pharming threats by one or more websites; and informing said web browser of said data as to possible phishing and pharming threats by said one or more websites so as to allow said web browser at least one of blocking access to said one or more websites and informing a user of said client. - View Dependent Claims (61, 62)
-
Specification