System, Device and Method for Secure Handling of Key Credential Information Within Network Servers

US 20130110729A1
Filed: 06/17/2011
Published: 05/02/2013
Est. Priority Date: 06/18/2010
Status: Abandoned Application

First Claim

Patent Images

1. A method for secure handling by a server of credential information for performing a transaction wherein the credential information is received through a network interface of the server from a remote client over a communications network, the method comprising:

a) before passage of the received credential information to the processor of the server, detecting the received credential information;

b) after detecting the received credential information, preventing any passage of the credential information to the processor of the server;

c) comparing the credential information to previously stored credentials information of a credentials memory and determining an authorization outcome from the comparing; and

,d) supplying to the processor of the server the authorization outcome.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method comprising, providing a server accessing a network through a network interface card, the network interface card receiving a message from a remote client, the message comprising credentials for performing a request, in response to the network interface card receiving the message, the network interface card preventing the credentials from being provided to the server and checking the credentials against those previously stored in a directly attached memory; and the network interface card indicating to the server the outcome of attempting to perform the request, wherein the credentials remain inaccessible to the server during the method.

13 Citations

View as Search Results

14 Claims

1. A method for secure handling by a server of credential information for performing a transaction wherein the credential information is received through a network interface of the server from a remote client over a communications network, the method comprising:
- a) before passage of the received credential information to the processor of the server, detecting the received credential information;
  
  b) after detecting the received credential information, preventing any passage of the credential information to the processor of the server;
  
  c) comparing the credential information to previously stored credentials information of a credentials memory and determining an authorization outcome from the comparing; and
  
  ,d) supplying to the processor of the server the authorization outcome.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 whereby remote client identification information and information identifying the transaction are detected with the credential information and the supplying includes supplying the remote client identification information and information identifying the transaction to the processor of the server.
  - 3. The method of claim 1 or 2 whereby the transaction is a payment transaction, the credential information comprises payment information and the credentials memory comprises previously stored payment services information, the method further comprising:
    - i) performing the transaction with a payment service of the previously stored payment services information using the payment information of the received credential information; and
      
      , ii) supplying to the processor of the server a payment reply.
  - 4. The method of claim 2 wherein the transaction comprises one or more of a group comprising a request for access, an initial credentials set-up and a payment transaction.
  - 5. The method of any of claims 1 to 3 further comprising providing to the credentials memory for storage a log of payment information for the performed transaction.
  - 6. The method of claim 5 whereby the payment information includes a purchase amount for the performed transaction.
  - 7. The method of any of preceding claims 1 to 6 whereby the received credential information is encrypting and the method further comprising decrypting the received credential information.

8. A system for use with a server for secure handling of credential information for performing a transaction wherein the credential information is received through a network interface of the server from a remote client over a communications network, the system comprising:
- (a) secure handling circuitry connected to the network interface and configured for;
  
  I) communicating with a credentials memory;
  
  II) before passage of the received credential information to the processor of the server, detecting the received credential information;
  
  III) after detecting the received credential information, preventing any passage of the credential information to a processor of the server;
  
  IV) comparing the credential information to previously stored credentials information of a credentials memory;
  
  V) determining an authorization outcome from the comparing; and
  
  , VI) supplying to the processor of the server the authorization outcome; and
  
  ,(b) credentials memory connected to the secure handling circuitry and comprising the previously stored credentials information.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8 wherein the transaction is a payment transaction, the credential information comprises payment information and the credentials memory comprises previously stored payment services information, the secure handling circuitry further configured for performing the transaction with a payment service of the previously stored payment services information using the payment information of the received credential information;
    - and, ii) supplying to the processor of the server a payment reply.
  - 10. The system of claim 8 or 9 whereby the transaction comprises one or more of a group comprising a request for access, an initial credentials set-up and a payment transaction.
  - 11. The system of any of claims 8 to 10 whereby the secure handling circuitry is further configured for providing to the credentials memory for storage a log of payment information for the performed transaction.
  - 12. The system of claim 11 whereby the payment information includes a purchase amount for the performed transaction.
  - 13. The system of any of claims 8 to 12 whereby the credentials memory is removable from the secure logic circuitry.
  - 14. The system of any of claims 8 to 13 whereby the credential information is encrypted and the secure handling circuitry is further configured for decrypting the credential information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
James A. Mcalear
Original Assignee
James A. Mcalear
Inventors
Mcalear, James A.

Application Number

US13/704,624
Publication Number

US 20130110729A1
Time in Patent Office

Days
Field of Search
US Class Current

705/76
CPC Class Codes

G06F 21/31   User authentication

G06F 21/85   interconnection devices, e....

G06Q 20/3821   Electronic credentials

H04L 2209/56   Financial cryptography, e.g...

H04L 2463/102   applying security measure f...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/10   for controlling access to d...

H04L 9/3226   using a predetermined code,...

System, Device and Method for Secure Handling of Key Credential Information Within Network Servers

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

13 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

System, Device and Method for Secure Handling of Key Credential Information Within Network Servers

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links