METHOD AND APPARATUS FOR SECURE COMMUNICATION

US 20100275025A1
Filed: 02/02/2007
Published: 10/28/2010
Est. Priority Date: 02/02/2007
Status: Active Grant

First Claim

Patent Images

1. A method of secure communication between a client device and a server, the client device includes a browser for accessing a website provided by the server, the method comprising:

generating a key according to a cryptographic routine;

tagging the key with a marker associating the key with the website; and

storing the tagged key in a memory associated with the browser.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In a device, method and/or computer-readable medium for secure communication between a client device and a server, the client device includes a browser for accessing a website provided by the server, the client device generates a key according to a key generating cryptographic routine; tags the key with a marker associating the key with the website; and stores the tagged key in a memory associated with the browser.

Citations

24 Claims

1. A method of secure communication between a client device and a server, the client device includes a browser for accessing a website provided by the server, the method comprising:
- generating a key according to a cryptographic routine;
  
  tagging the key with a marker associating the key with the website; and
  
  storing the tagged key in a memory associated with the browser.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein the marker includes information from a certificate associated with the website.
  - 3. The method of claim 1, further comprising:
    - generating cryptographic data based upon the tagged key;
      
      associating the cryptographic data with the tagged key; and
      
      storing the cryptographic data in the memory.
  - 4. The method of claim 1, further comprising:
    - receiving a cryptographic operation request from another website provided by another server to generate cryptographic data based upon the tagged key; and
      
      generating the cryptographic data based upon the tagged key if the marker of the tagged key is associated with the another website.
  - 5. The method of claim 1, further comprising:
    - performing a cryptographic data routine to generate cryptographic data based upon the tagged key, wherein the cryptographic data routine includes one of a digital signature generation routine, a data encryption routine, a data decryption routine and a digital signature verification routine;
      
      associating the cryptographic data with the tagged key; and
      
      storing the cryptographic data in the memory.

6. A method of secure communication between a server and a client device, the client device including a browser, the browser accessing a website provided by the server, the browser interpreting a script provided during the access to the website, the method comprising:
- generating a key in response to the interpreting the script during the access to the website;
  
  tagging the key with a marker associating the key with the website; and
  
  storing the tagged key in a memory associated with the browser.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 7. The method of claim 6, wherein the marker includes information from a certificate associated with the website.
  - 8. The method of claim 6, further comprising tagging the key with key export privileges that define conditions for permitting export of data generated based upon the tagged key.
  - 9. The method of claim 6, further comprising:
    - generating cryptographic data based upon the tagged key;
      
      tagging the cryptographic data with the marker; and
      
      storing the cryptographic data in the memory.
  - 10. The method of claim 6, further comprising:
    - generating cryptographic data based upon the tagged key;
      
      tagging the cryptographic data with the marker; and
      
      transmitting the cryptographic data to the server providing the website.
  - 11. The method of claim 6, further comprising:
    - generating cryptographic data based upon the tagged key; and
      
      transmitting the cryptographic data to the server providing the website.
  - 12. The method of claim 6, further comprising:
    - receiving a cryptographic operation request from another website provided by another server to generate cryptographic data based upon the tagged key; and
      
      generating the cryptographic data based upon the tagged key if the marker of the tagged key is associated with identification data of the another website.
  - 13. The method of claim 6, further comprising:
    - generating cryptographic data based upon the tagged key; and
      
      transmitting the cryptographic data to another server providing another website if the marker of the tagged key from which the cryptographic data was generated is associated with the another website.
  - 14. The method of claim 6, further comprising:
    - performing one of digital signature generation, data encryption, data decryption and digital signature verification based upon the tagged key to generate cryptographic data; and
      
      storing the cryptographic data in the memory.
  - 15. The method of claim 6, further comprising:
    - tagging the key with key export privileges that define conditions for permitting export of data generated based upon the tagged key;
      
      performing one of digital signature generation, data encryption, data decryption and digital signature verification based upon the tagged key to generate cryptographic data; and
      
      exporting the cryptographic data to another server providing another website if the key export privileges of the tagged key from which the cryptographic data was generated permit export of the data and if the marker of the tagged key is associated with the another website.

16. A client device for secure communication with a server, the client device including a browser for accessing a website provided by the server, the website including a script, the client device comprising:
- an interface for connecting with the server; and
  
  a processor coupled to the interface, the processor configured to;
  
  generate a key while interpreting the script;
  
  tag the key with a marker associating the tagged key with the website; and
  
  store the tagged key in a memory associated with the browser.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
- - 17. The client device of claim 16, wherein the processor is further configured to:
    - generate cryptographic data based upon the tagged key; and
      
      export the cryptographic data to the server if the marker of the tagged key is associated with the website provided by the server.
  - 18. The client device of claim 16, wherein the processor is further configured to:
    - generate cryptographic data based upon the tagged key in response to another script of another website provided by another server if the marker of the tagged key is associated with the another website; and
      
      export the cryptographic data to the another server.
  - 19. The client device of claim 16, wherein the marker for tagging the key includes identification data of the website of the interpreted script to define the server providing the website as an entity to which data generated based upon the tagged key can be exported.
  - 20. The client device of claim 16, wherein the marker for tagging the key includes information from a certificate associated with the website of the interpreted script, wherein the information from the certificate includes identification data of one or more trusted entities, wherein data generated based upon the tagged key can be exported to the one or more trusted entities.
  - 21. The client device of claim 16, wherein the marker for tagging the key includes a domain, and wherein websites associated with the domain are defined as entities to which data generated based upon the tagged key can be exported.
  - 22. The client device of claim 16, wherein the processor is further configured to perform one of data encryption, data decryption, digital signature generation and digital signature verification to generate cryptographic data based upon the tagged key.
  - 23. The client device of claim 16, wherein the marker further includes a tag variable identifying one or more websites and an export_mode variable defining conditions for permitting export of data generated based upon the tagged key.

24. An article of manufacture comprising:
- a computer readable medium; and
  
  instructions contained on the medium, the instructions readable by a processor for causing the processor to;
  
  generate a key in response to an interpreted first script provided by a first website;
  
  tag the key with a marker associating the key with the first website;
  
  store the tagged key in a memory associated with the browser;
  
  generate cryptographic data based upon the tagged key in response to interpreted second script provided by a second website if the second website is associated is associated with the marker of the tagged key; and
  
  export the cryptographic data to a second server providing the second website if the tagged key is associated with the second website.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Red Hat, Inc. (International Business Machines Corporation)
Original Assignee
Red Hat, Inc. (International Business Machines Corporation)
Inventors
PARKINSON, Steven William

Granted Patent

US 8,291,227 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/176
CPC Class Codes

H04L 9/0894 Escrow, recovery or storing...

H04L 9/3247 involving digital signatures

METHOD AND APPARATUS FOR SECURE COMMUNICATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND APPARATUS FOR SECURE COMMUNICATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links