SECURITY SERVER FOR CLOUD COMPUTING

US 20130061310A1
Filed: 12/07/2011
Published: 03/07/2013
Est. Priority Date: 09/06/2011
Status: Abandoned Application

First Claim

Patent Images

1. A security system for cloud computing comprising:

a computing resource available over a network;

an authentication permitting use of said computing resource;

hardware connected to the network by an access connection enabling a user to access said computing resource, said hardware having a hardware processor;

a security server in communication with both said hardware and said computing resource over the network, said security server having a server processor, said security server not sharing administrative or physical security control with either of said hardware or said computing resource;

software executing on the hardware processor for encrypting said authentication and for transmitting it to said security server; and

software executing on the server processor for decrypting said authentication and for transmitting it to said computing resource,whereby the risk of transmitting said authentication over an insecure access connection to the network is reduced.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method, and server improving the security of accessing Internetworked computer resources, especially over public access connections, without requiring additional servers from either the resource provider or the authenticating user. User authentications are transmitted over data access connections over which users do not have administrative rights and/or physical security control. A resource request which includes user authentications can be encrypted on a user computer and transmitted over the internet or other data network over which the user has no administrative access or physical control. A security server receives the encrypted resource request, decrypts it, and forwards the resource request to a cloud computing resource.

35 Citations

View as Search Results

26 Claims

1. A security system for cloud computing comprising:
- a computing resource available over a network;
  
  an authentication permitting use of said computing resource;
  
  hardware connected to the network by an access connection enabling a user to access said computing resource, said hardware having a hardware processor;
  
  a security server in communication with both said hardware and said computing resource over the network, said security server having a server processor, said security server not sharing administrative or physical security control with either of said hardware or said computing resource;
  
  software executing on the hardware processor for encrypting said authentication and for transmitting it to said security server; and
  
  software executing on the server processor for decrypting said authentication and for transmitting it to said computing resource,whereby the risk of transmitting said authentication over an insecure access connection to the network is reduced.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The security system of claim 1 including software executing on said hardware for analyzing security of the access connection.
  - 3. The security system of claim 2 in which the analyzing software is antivirus software.
  - 4. The security system of claim 2 in which the analyzing software is port scanning software.
  - 5. The security system of claim 4 in which the scanning software wirelessly scans the access connection.
  - 6. The security system of claim 2 in which said encrypting and transmitting software executes only after the analyzing software confirms security of the access connection to a predetermined level.
  - 7. The security system of claim 6 in which the analyzing software accepts the access connection as trusted if a user indicates administrative control over the access connection.
  - 8. The security system of claim 6 in which said analyzing software accepts the access connection as trusted if a user indicates physical security control over the access connection.
  - 9. The security system of claim 2 in which said analyzing software is provided on an external memory device connectable to said hardware.
  - 10. The security system of claim 9 in which the external memory device includes said authentication.
  - 11. The security system of claim 9 in which the external memory device includes said encrypting and transmitting software.

12. A security system for cloud computing comprising:
- a computing resource available over a network;
  
  an authentication permitting use of said computing resource;
  
  hardware for use by a user to access said computing resource, said hardware having a hardware processor;
  
  an access connection connecting said hardware to said computing resource;
  
  a security server in communication with both said hardware over said access connection and said computing resource over the network, said security server having a server processor, said security server not sharing administrative or physical security control with either of said hardware or said computing resource;
  
  software executing on the hardware processor for encrypting said authentication and for transmitting it to said security server; and
  
  software executing on the server processor for decrypting said authentication and for transmitting it to said computing resource,whereby the risk of transmitting said authentication over an insecure access connection to the network is reduced.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
- - 13. The security system of claim 12 in which the access connection to the network does not share administrative or physical security control with either of said hardware or said computing resource.
  - 14. The security system of claim 12 in which said authentication includes a multifactor in addition to username and password.
  - 15. The security system of claim 14 in which said multifactor is biometric.
  - 16. The security system of claim 15 in which said multifactor is provided on an external memory device connectable to said hardware.
  - 17. The security system of claim 12 in which said computing resource includes data.
  - 18. The security system of claim 17 in which the data was previously stored on the network by the user.
  - 19. The security system of claim 18 in which the data was previously processed on said computing resource.

20. A method of secure computer communications comprising the steps of:
- providing a computing resource available over a network, the computing resource requiring an authentication for use;
  
  providing hardware for use by a user to access the computing resource, the hardware having a hardware processor, and encryption software executing on the hardware processor;
  
  providing an access connection which connects the hardware to the computing resource over the network;
  
  providing a security server having a server processor, and decryption software executing on the server processor, the security server not sharing administrative or physical security control with the hardware or the computing resource;
  
  issuing a request for the authentication from the computing resource to the hardware;
  
  connecting the security server with the hardware over the access connection;
  
  encrypting the authentication using the encryption software and transmitting the authentication as encrypted to the security server;
  
  connecting the security server with the computing resource over the network;
  
  decrypting the authentication using the decryption software and transmitting the authentication to the computing resource.
- View Dependent Claims (21, 22, 23, 24)
- - 21. The method of claim 20 in which the network is the Internet.
  - 22. The method of claim 20 in which said hardware is a public computer.
  - 23. The method of claim 20 in which said hardware is a mobile phone.
  - 24. method of claim 20 in which said hardware is a tablet.

25. A method of secure computer communications comprising the steps of:
- providing a computing resource available over a network, the computing resource requiring an authentication for use;
  
  providing hardware for use by a user to access the computing resource, the hardware having a hardware processor,providing a hardware token connected to the hardware and encryption software executing on the hardware token;
  
  providing an access connection which connects the hardware to the computing resource over the network;
  
  providing a security server having a server processor, and decryption software executing on the server processor, the security server not sharing administrative or physical security control with the hardware or the computing resource;
  
  issuing a request for the authentication from the computing resource to the hardware;
  
  connecting the security server with the hardware over the access connection;
  
  encrypting the authentication using the encryption software and transmitting the authentication as encrypted to the security server;
  
  connecting the security server with the computing resource over the network; and
  
  ,decrypting the authentication using the decryption software and transmitting the authentication to the computing resource.
- View Dependent Claims (26)
- - 26. The method of claim 25, further comprisingproviding analyzing software executing on the hardware processor which permits encrypting and transmitting said authentication only after the analyzing software confirms security of the access connection to a predetermined level.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Wesley W Whitmyer Jr (Wesley W. Whitmyer)
Original Assignee
Wesley W Whitmyer Jr (Wesley W. Whitmyer)
Inventors
Whitmyer, Wesley W. Jr.

Application Number

US13/313,856
Publication Number

US 20130061310A1
Time in Patent Office

Days
Field of Search
US Class Current

726/9
CPC Class Codes

G06F 21/31   User authentication

G06F 21/34   involving the use of extern...

G06F 21/577   Assessing vulnerabilities a...

G06F 21/606   by securing the transmissio...

G06F 2221/2115   Third party

G06F 2221/2153   Using hardware token as a s...

H04L 2463/082   applying multi-factor authe...

H04L 63/0281   Proxies

H04L 63/04   for providing a confidentia...

H04L 63/08   for authentication of entit...

SECURITY SERVER FOR CLOUD COMPUTING

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

35 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

SECURITY SERVER FOR CLOUD COMPUTING

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

35 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links