System and method for extensible positive client identification
First Claim
1. A method for positively identifying a valid client terminal communicating with a host machine, comprising the steps of:
- creating a system signature for the valid client terminal, the system signature including configuration information sufficiently detailed to be unique to that valid client terminal;
generating a first client identification key containing the system signature and storing the first client identification key;
re-evaluating the system signature each time a communication is sent to the host machine requesting information and represented as being from the valid client terminal by creating a new system signature unique to a sending client terminal and comparing it with the system signature stored with the first client identification key, re-evaluating the system signature comprising using pseudo identifiers to request information from the host machine, wherein the host machine treats the pseudo identifiers not as addresses but as lists of tasks to be performed; and
generating a second client identification key containing an indicator that informs the host machine whether the sending client terminal is the same as the valid client terminal.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method that provides electronic security over a network through an extensible positive client identifier (EPCI), working with a positive information profiling system (PIPS), pseudo uniform resource locators (PURLs) to assist in providing data integrity, a virtual page publication system (VPPS), and an active security responder, (ASR). The extensible positive client identifier (EPCI) creates a unique client identification key and continually self-evaluates the key based on unique system signature data. The positive information profiling system implements account profiles for all content and clients so that pages of information can be generated and matched to the data requested as well as the requester. The virtual page publication system VPPS of the invention does not store pages permanently in the root directory of the site but instead creates temporary web pages dynamically containing the level of information resulting from the client identification, PIPS, and PURL evaluations. The virtual page is sent, (in encrypted form if this option has been selected or if this option is required by the PIPS profile), to the requestor and exists only for the time necessary to send it. The active security responder (ASR) controls the overall operation of the present invention.
-
Citations
34 Claims
-
1. A method for positively identifying a valid client terminal communicating with a host machine, comprising the steps of:
-
creating a system signature for the valid client terminal, the system signature including configuration information sufficiently detailed to be unique to that valid client terminal;
generating a first client identification key containing the system signature and storing the first client identification key;
re-evaluating the system signature each time a communication is sent to the host machine requesting information and represented as being from the valid client terminal by creating a new system signature unique to a sending client terminal and comparing it with the system signature stored with the first client identification key, re-evaluating the system signature comprising using pseudo identifiers to request information from the host machine, wherein the host machine treats the pseudo identifiers not as addresses but as lists of tasks to be performed; and
generating a second client identification key containing an indicator that informs the host machine whether the sending client terminal is the same as the valid client terminal. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. An apparatus for positively identifying a valid client terminal communicating with a host machine, comprising:
-
client software for creating a system signature for the valid client terminal, the system signature including configuration information sufficiently detailed to be unique to that valid client terminal;
the host machine for generating a first client identification key containing the system signature, the first client identification key being stored; and
a sending client terminal for re-evaluating the system signature each time a communication is sent to the host machine requesting information and represented as being from the valid client terminal by creating a new system signature unique to the sending client terminal and comparing it with the system signature stored with the first client identification key, wherein the sending client terminal uses pseudo identifiers to request information from the host machine, wherein the host machine treats the pseudo identifiers not as addresses but as lists of tasks to be performed;
wherein the host machine and the sending client terminal cooperate to generate a second client identification key at the sending client terminal containing an indicator that informs the host machine whether the sending terminal is the same as the valid client terminal. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
-
-
33. A method for positively identifying a valid client terminal communicating with a host machine, comprising the steps of:
-
creating a system signature for the valid client terminal, the system signature including configuration information sufficiently detailed to be unique to that valid client terminal;
generating a first client identification key containing the system signature and storing the first client identification key;
re-evaluating the system signature each time a communication is sent to the host machine requesting information and represented as being from the valid client terminal by creating a new system signature unique to a sending client terminal and comparing it with the system signature stored with the first client identification key, re-evaluating the system signature comprising creating information profiles for the user at a client terminal and protected information stored at the host machine, so that only the appropriate levels of access are provided, and creating virtual pages at the host machine to provide substitute information if the profiles indicate the sending terminal is not authorized to receive the protected information stored at the host machine; and
generating a second client identification key containing an indicator that informs the host machine whether the sending client terminal is the same as the valid client terminal.
-
-
34. An apparatus for positively identifying a valid client terminal communicating with a host machine, comprising:
-
client software for creating a system signature for the valid client terminal, the system signature including configuration information sufficiently detailed to be unique to that valid client terminal;
the host machine for generating a first client identification key containing the system signature, the first client identification key being stored; and
a sending client terminal for re-evaluating the system signature each time a communication is sent to the host machine requesting information and represented as being from the valid client terminal by creating a new system signature unique to the sending client terminal and comparing it with the system signature stored with the first client identification key, wherein the sending client terminal creates information profiles for the user and protected information stored at the host machine, so that only the appropriate levels of access are provided;
wherein the host machine and the sending client terminal cooperate to generate a second client identification key at the sending client terminal containing an indicator that informs the host machine whether the sending terminal is the same as the valid client terminal, wherein the host machine creates virtual pages to provide substitute information if the profiles indicate the sending client terminal is not authorized to receive the protected information stored at the host machine.
-
Specification