Secure communication system and method of operation for conducting electronic commerce using remote vault agents interacting with a vault controller
First Claim
1. Apparatus for use in establishing a secure exchange of information between an end user and a secure server in a distributed network environment, the apparatus comprising:
- An agent accessible by the end user and remote from the secure server, wherein the secure server enables storage of data in one or more storage areas accessible by one or more authenticated users and enables execution of at least one process, the remote agent operative to;
(i) interact with the at least one process, enabled by said secure server, on a non-network basis; and
(ii) obtain data associated with the at least one process for use by the end user in establishing a secure exchange of information between the end user and the secure server.
0 Assignments
0 Petitions
Accused Products
Abstract
A secure end-to-end communications system provides end users access to vault-based custom applications of an organization for purposes of conducting electronic commerce. The system includes a web-based vault controller running an application, e.g. a registrations application in a vault cryptographically linked to a database and a Certificate Management System (CMS) for generating digital certificates, and at least one remote vault agent coupled to the vault controller for providing vault-based custom applications to end users. An X.500 directory is coupled to the CMS and cryptographically linked to the remote vault agents for storing end user data. The remote vault agent is an application which comprises a collection of Application Programming Interfaces (APIs) which provide a secure interface to the vault controller; a Lightweight Data Access Protocol (LDAP) used to access the X.500 directory; a secure depositor coupled to vault-based custom applications of an organization. The secure depositor includes APIs to perform cryptographic functions in passing communications between vaults used by the vault agent and vaults used by the vault controller or vaults used by other vault agent applications and a secure depositor library which uses functions in the LDAP to access the X.500 directory. The remote vault agent accesses the web based vault controller on a non-web basis to enable remote custom applications to communicate securely with vault-based applications, such as a registration application that administers digital certificates.
55 Citations
25 Claims
-
1. Apparatus for use in establishing a secure exchange of information between an end user and a secure server in a distributed network environment, the apparatus comprising:
An agent accessible by the end user and remote from the secure server, wherein the secure server enables storage of data in one or more storage areas accessible by one or more authenticated users and enables execution of at least one process, the remote agent operative to;
(i) interact with the at least one process, enabled by said secure server, on a non-network basis; and
(ii) obtain data associated with the at least one process for use by the end user in establishing a secure exchange of information between the end user and the secure server.- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
13. A method for use in establishing a secure exchange of information between an end user and a secure server in a distributed network environment, the method comprising the steps of:
-
in accordance with an agent accessible by the end user and remote from the secure server, wherein the secure server enables storage of data in one or more storage areas accessible by one or more authenticated users and enables execution of at least one process, the remote agent;
interacting with the at least one process, enabled by said secure server, on a non-network basis; and
obtaining data associated with the at least one process for use by the end user in establishing a secure exchange of information between the end user and the secure server. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. An article of manufacture for use in establishing a secure exchange of information between an end user and a secure server in a distributed network environment, comprising a machine readable medium containing one or more programs which when executed implement the steps of:
-
in accordance with an agent accessible by the end user and remote from the secure server, wherein the secure server enables storage of data in one or more storage areas accessible by one or more authenticated users and enables execution of at least one process, the remote agent;
interacting with the at least one process, enabled by said secure server, on a non-network basis; and
obtaining data associated with the at least one process for use by the end user in establishing a secure exchange of information between the end user and the secure server.
-
Specification