Method and system for securely displaying and confirming request to perform operation on host computer
First Claim
1. A method for a client user remotely connected to a host computer by a client workstation to have securely displayed and to securely confirm that a request to perform an operation on the host computer was actually requested by the client user, the method comprising the steps of:
- (1) in response to the request, generating a challenge that includes what operation to be performed on the host computer was requested, a nonce, and a query as to whether the client user made the request;
(2) encrypting the challenge;
(3) transmitting the encrypted challenge to a secure environment that contains the client user'"'"'s private key;
(4) decrypting the challenge in the secure environment and securely displaying the decrypted challenge;
(5) waiting for confirmation from the client user that securely confirms either that the client user did or did not make the request to perform the operation on the host computer;
(6) if the client user confirms that;
(a) the client user did not make the request, transmitting a reply encrypted with the host computer'"'"'s public key to the host computer that contains a negative response and the nonce;
or (b) client user did make the request, transmitting a reply encrypted with the host computer'"'"'s public key to the host computer that contains a positive response and the nonce.
5 Assignments
0 Petitions
Accused Products
Abstract
A method and system for a client user remotely connected to a server computer by a client workstation such as a client personal computer to have securely displayed and to securely confirm that a request to access a resource on the server computer was actually requested by the client user, even if the security of the client computer has been compromised. This method and system can use conventional intelligent security tokens such as smart cards and associated smart card readers as a more secure environment to prompt for, and determine, the client user'"'"'s intent to access the requested resource. A display securely accessible from the reader, smart card or both displays the resource (or resources) apparently being requested by client user. The client user is prompted to indicate whether it was their intention to access a resource by an input device associated with the reader or smart card.
183 Citations
20 Claims
-
1. A method for a client user remotely connected to a host computer by a client workstation to have securely displayed and to securely confirm that a request to perform an operation on the host computer was actually requested by the client user, the method comprising the steps of:
-
(1) in response to the request, generating a challenge that includes what operation to be performed on the host computer was requested, a nonce, and a query as to whether the client user made the request;
(2) encrypting the challenge;
(3) transmitting the encrypted challenge to a secure environment that contains the client user'"'"'s private key;
(4) decrypting the challenge in the secure environment and securely displaying the decrypted challenge;
(5) waiting for confirmation from the client user that securely confirms either that the client user did or did not make the request to perform the operation on the host computer;
(6) if the client user confirms that;
(a) the client user did not make the request, transmitting a reply encrypted with the host computer'"'"'s public key to the host computer that contains a negative response and the nonce;
or(b) client user did make the request, transmitting a reply encrypted with the host computer'"'"'s public key to the host computer that contains a positive response and the nonce. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for securely displaying and securely confirming that a request to access a resource on a server computer was actually requested by the client user, the system comprising:
-
(a) a server computer having at least one resource;
(b) server computer software residing on the server computer that is capable of generating an encrypted challenge to a request for the at least one resource that includes what the at least one resource requested was, a nonce, and a query as to whether the client user made the request, and that is capable of decrypting an encrypted reply transmitted from the secure environment;
(c) a client computer in communication with the server computer;
(d) client computer software residing on the client computer that is capable of passing an encrypted challenge to the secure environment without modification and passing an encrypted reply from the secure environment without modification to the server computer;
(e) a secure environment that includes;
(1) a smart card reader in communication with the client computer;
(2) a smart card that is capable of communicating with the reader and that contains the client user'"'"'s private key;
(3) reader computer software residing on the reader that is capable, in association with the smart card, of decrypting an encrypted challenge, transmitting the decrypted challenge to a secure display unit, receiving a reply from a secure input device, encrypting the reply received from the input device and transmitting the encrypted reply to the client computer;
(4) a secure display unit capable of securely displaying a decrypted challenge from the reader such that an intruder or computer virus potentially having access to the client computer cannot modify what is displayed;
(5) a secure input device associated with the reader that is capable of responding to a reply from the client user as to whether or not the request for access to the at least one resource was actually requested by the client user and is configured such that an intruder or computer virus potentially having access to the client computer cannot modify input received by the input device. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. Software for use in a system for securely displaying and securely confirming that a request to perform an operation on a server computer was actually requested by the client user, the system including a server computer, a client computer in communication with the server computer, and a secure environment that has a smart card reader in communication with the client computer, a smart card that is capable of communicating with the reader and that contains the client user'"'"'s private key, a secure display unit capable of securely displaying a decrypted challenge from the reader such that an intruder or computer virus potentially having access to the client computer cannot modify what is displayed and a secure input device associated with the reader that is capable of responding to a reply from the client user as to whether or not the request to perform the operation was actually requested by the client user and is configured such that an intruder or computer virus potentially having access to the client computer cannot modify input received by the input device, the software comprising:
-
(a) a server computer software component that can reside on the server computer and is capable of generating an encrypted challenge to a request to perform the operation that includes what operation to be performed on the server computer was requested, a nonce, and a query as to whether the client user made the request, and that is capable of decrypting an encrypted reply transmitted from the secure environment;
(b) a client computer software component that can reside on the client computer and is capable of passing an encrypted challenge to the secure environment without modification and passing an encrypted reply from the secure environment without modification to the server computer; and
(c) a computer software component that can reside on the reader or the smart card, and that is capable, in association with the smart card, of decrypting an encrypted challenge, transmitting the decrypted challenge to a secure display unit, receiving a reply from the secure input device, encrypting the reply received from the input device and transmitting the encrypted reply to the client computer. - View Dependent Claims (17, 18, 19, 20)
-
Specification