Securing electronic transactions over public networks
First Claim
1. A networked system for accessing information, comprising:
- a first network station, representing a first network entity, configured to control access to information stored on a network for a third network entity, and to encrypt a first component message with a first crypto-key associated with the first network entity;
a second network station, representing a second network entity, configured to control access to the network by the third network entity, to encrypt a second component message with a second crypto-key, to combine the encrypted first and the encrypted second component messages, and to transmit the combined messages over the network; and
a third network station, representing the third network entity, configured to receive the transmitted combined messages and to further transmit the received combined messages over the network in order to obtain access to the stored information;
wherein the first network station is further configured to receive the further transmitted combined messages, to decrypt the encrypted first and the encrypted second component messages in the received further transmitted combined messages, and to control access by the third network station to the stored information based on the decrypted first and second component messages.
2 Assignments
0 Petitions
Accused Products
Abstract
An electronic message for transmission over a network, such as the Internet, is created by encrypting a first component with a first crypto-key, which is associated with a first network entity, such that the encrypted first component can be decrypted by only the first network entity. The first crypto-key could, for example, be a symmetric crypto-key known only to the first network entity or the public non-symmetric crypto-key of a private-public non-symmetric key pair, where the private non-symmetric crypto key is known only to the first network entity. A second component, which is different than the first component, is encrypted with a second crypto-key, which is associated with a second network entity, such that the encrypted second component can also be decrypted by the first network entity. The second crypto-key could, for example, be a symmetric crypto-key known to both the first and second network entities or the private non-symmetric crypto-key of a private-public non-symmetric key pair of the second network entity, where the public non-symmetric crypto key is known to the first network entity. The encrypted first and second components are combined to create the electronic message.
145 Citations
38 Claims
-
1. A networked system for accessing information, comprising:
-
a first network station, representing a first network entity, configured to control access to information stored on a network for a third network entity, and to encrypt a first component message with a first crypto-key associated with the first network entity; a second network station, representing a second network entity, configured to control access to the network by the third network entity, to encrypt a second component message with a second crypto-key, to combine the encrypted first and the encrypted second component messages, and to transmit the combined messages over the network; and a third network station, representing the third network entity, configured to receive the transmitted combined messages and to further transmit the received combined messages over the network in order to obtain access to the stored information; wherein the first network station is further configured to receive the further transmitted combined messages, to decrypt the encrypted first and the encrypted second component messages in the received further transmitted combined messages, and to control access by the third network station to the stored information based on the decrypted first and second component messages. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method of creating an electronic message for transmission over a network, comprising the steps of:
-
encrypting a first component with a first crypto-key, associated with a first network entity, such that the encrypted first component can be decrypted by only the first network entity; encrypting a second component with a second crypto-key, associated with a second network entity, such that the encrypted second component can be decrypted by the first network station; and transmitting the encrypted first component and the encrypted second component as a combined message. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A method for generating a multi-component electronic message, comprising:
storing (i) a first component created by a first network entity and encrypted with a first crypto-key, associated with the first network entity, such that the encrypted first component can be decrypted by only the first entity and (ii) a second component created by a second network entity, and encrypted with a second crypto-key, such that the encrypted second component can be decrypted by the first network entity; and
combining the stored first component with the stored second component to generate a multi-component message.- View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
Specification