Method and apparatus for authenticating users on a network using a smart card

US 6,226,744 B1
Filed: 10/09/1997
Issued: 05/01/2001
Est. Priority Date: 10/09/1997
Status: Expired due to Term

First Claim

Patent Images

1. A method for authenticating a user over a network, with the network having a client computer and a server computer, and the client computer having a smart card reader for receiving a smart card, comprising the steps of:

receiving a request from the client to access restricted information stored by the server;

sending a smart card interface program from the server to the client;

receiving an access code from the user to access the smart card;

accessing user information stored on the smart card utilizing said program and said access code;

comparing said user information with authentication information available to the server; and

granting the client access to said restricted information if said user information matches said authentication information.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for authenticating a user over a network, with the network having a client computer and a server computer, and the client computer having a smart card and a smart card reader. The client sends a request to the server to access restricted information stored by the server. The server sends a smart card interface module to the client. The server requests an access code from the user to access the smart card. Once the server receives the access code, the server accesses user information stored on the smart card utilizing the program and the access code. The server compares the user information with authentication information available to the server but not the client. If the user information matches the authentication information, the server grants the client access to the restricted information.

Citations

23 Claims

1. A method for authenticating a user over a network, with the network having a client computer and a server computer, and the client computer having a smart card reader for receiving a smart card, comprising the steps of:
- receiving a request from the client to access restricted information stored by the server;
  
  sending a smart card interface program from the server to the client;
  
  receiving an access code from the user to access the smart card;
  
  accessing user information stored on the smart card utilizing said program and said access code;
  
  comparing said user information with authentication information available to the server; and
  
  granting the client access to said restricted information if said user information matches said authentication information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein said smart card interface module utilizes Active X controls.
  - 3. The method of claim 1, wherein said access code is a personal identification number.
  - 4. The method of claim 1, wherein said step of comparing comprises the steps of:
5. The method of claim 4, wherein said database is stored on the server.
6. The method of claim 4, wherein said database is stored on a database computer.
7. The method of claim 1, wherein said restricted information is stored on the server.
8. The method of claim 1, wherein said restricted information is stored on another server.

9. A method for authenticating a user over a network, with the network having a client computer and a server computer, and the client computer having a smart card reader for receiving a smart card, comprising the steps of:
- sending smart card interface program from the server to the client;
  
  receiving a request to store user data on the smart card;
  
  prompting a user for a key to access the smart card;
  
  initializing the smart card;
  
  formatting instructions to the smart card;
  
  accessing the smart card using said key;
  
  prompting the user for said user data;
  
  storing the user data to a file; and
  
  verifying the stored user data for the user.

10. An apparatus authenticating a user over a network, with the network having a client computer and a server computer, and the client computer having a smart card reader for receiving a smart card, comprising:
- means for receiving a request from the client to access restricted information stored by the server;
  
  means for sending a computer program from the server to the client;
  
  means for receiving an access code from the user to access the smart card;
  
  means for accessing user information stored on the smart card utilizing said program and said access code;
  
  means for comparing said user information with authentication information available to the server; and
  
  means for granting the client access to said restricted information if said user information matches said authentication information.
- View Dependent Claims (11)
- - 11. The apparatus of claim 10, wherein said means for comparing comprises:

12. An apparatus for authenticating a user over a network, with the network having a client computer and a server computer, and the client computer having a smart card reader for receiving a smart card, comprising:
- means for sending a smart card interface program from the server to the client;
  
  means for receiving a request to store user data on the smart card;
  
  means for prompting a user for a key to access the smart card;
  
  means for initializing the smart card;
  
  means for formatting instructions to the smart card;
  
  means for accessing the smart card using said key;
  
  means for prompting the user for said user data; and
  
  means for storing the user data to a file.
- View Dependent Claims (13)
- - 13. The apparatus of claim 12, further comprising means for verifying the stored user data for the user.

14. A computer for authenticating a user over a network, comprising:
- a memory containing;
  
  a smart card interface program received from a server computer over the network having functions for accessing a smart card over the network to authenticate a user;
  
  a client computer program for invoking one of the functions of the server computer program; and
  
  a processor for running said smart card interface program and said client computer program.

15. A computer readable medium having stored thereon instructions which, when executed by a processor, cause the processor to perform steps for authenticating a user over a network using a smart card, said steps comprising:
- receiving a request from a client computer to access restricted information stored by a server computer;
  
  sending a smart card interface program from said server to said client;
  
  receiving an access code from the user to access the smart card;
  
  accessing user information stored on the smart card utilizing said program and said access code;
  
  comparing said user information with authentication information available to said server; and
  
  granting said client access to said restricted information if said user information matches said authentication information.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22)
- - 16. The computer-readable medium of claim 15, wherein said smart card interface program utilizes Active X controls.
  - 17. The computer-readable medium of claim 15, wherein said access code is a personal identification number.
  - 18. The computer-readable medium of claim 15, wherein said step of comparing comprises the steps of:
19. The computer-readable medium of claim 18, wherein said database is stored on said server.
20. The computer-readable medium of claim 18, wherein said database is stored on a database computer.
21. The computer-readable medium of claim 15, wherein said restricted information is stored on said server.
22. The computer-readable medium of claim 15, wherein said restricted information is stored on another server.

23. An apparatus authenticating a user over a network, comprising:
- a smart card having authentication information stored therein;
  
  a smart card reader coupled to said smart card;
  
  a client computer coupled to said smart card reader;
  
  a server computer in communication with said client computer over the network, said server computer controlling access to restricted information;
  
  means for reading authentication information from said smart card, and writing authentication information to said smart card, by said server; and
  
  means for authenticating the user by said server using authentication information stored on said smart card, and if authenticated, permitting access to said restricted information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Corporation (AT&T, Inc.)
Original Assignee
AT&T Corporation (AT&T, Inc.)
Inventors
Murphy, Michael V., West, Earle H.
Primary Examiner(s)
Trammell, James P.
Assistant Examiner(s)
Elisca, Pierre E.

Application Number

US08/947,616
Time in Patent Office

1,300 Days
Field of Search

380/4, 380/21, 380/25, 380/30, 380/49, 380/204, 380/223, 713/200, 713/201, 713/202, 709/229
US Class Current

726/5
CPC Class Codes

G06F 21/34 involving the use of extern...

H04L 63/0853 using an additional device,...

Method and apparatus for authenticating users on a network using a smart card

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for authenticating users on a network using a smart card

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links