Secure data transfer method and system
First Claim
Patent Images
1. A method for securely transferring data between an agent and an application server through a non-secure node comprising:
- (a) establishing a session key between the agent and the application server by utilizing a public key of the application server;
wherein the public key of the application server is embedded in the agent to enable the agent to derive the session key; and
(b) establishing an end-to-end secure connection between the agent and the application server by using the session key and by establishing a communication link between the application server and the non-secure node by using a relay module.
5 Assignments
0 Petitions
Accused Products
Abstract
A method and system for securely transferring data between an application server and an agent of the application server through a non-secure node. First, a session key between the agent and the application server is established by utilizing a public key of the application server that is embedded in the code of the agent. Next, an end-to-end secure connection is established between the agent and the application server by using the session key and by establishing a communication link between the application server and the non-secure node by using a relay module.
-
Citations
25 Claims
-
1. A method for securely transferring data between an agent and an application server through a non-secure node comprising:
-
(a) establishing a session key between the agent and the application server by utilizing a public key of the application server;
wherein the public key of the application server is embedded in the agent to enable the agent to derive the session key; and(b) establishing an end-to-end secure connection between the agent and the application server by using the session key and by establishing a communication link between the application server and the non-secure node by using a relay module. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. The method of securely transferring data between an application server and an agent of the application server through a non-secure environment having a web-server and the agent, the method comprising:
-
a) a user accessing the web-server to download the agent therefrom;
wherein the agent includes a public key of the application server;b) the agent deriving a shared session key with the application server by using the public key of the application server, the shared session key for use in encrypting and decrypting data to be transferred between the agent and the application server; c) the application server establishing a connection to the web-server; and d) the agent contacting the web server by using a first protocol to send data encrypted by the session key to the application server over the connection between the web-server and the application server. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A secure data transfer system for connecting a non-secure node to an application server behind a firewall comprising:
-
a) a web-server in the non-secure node; b) a relay in the non-secure node that is dynamically instantiated by the application server, the relay being configured by the application server to have a first port for listening for a connection from the application server; wherein the application server connects to the relay on the first port and reads data from the first port. - View Dependent Claims (18, 19)
-
-
20. A secure data transfer system for establishing an end-to-end secure connection between an agent and an application server behind a firewall through a non-secure node comprising:
-
a) a web-server residing in the non-secure node, the web-server having the agent that includes a public key of the application server; b) a browser in communication with the web-server for downloading the agent from the web-server; c) a secure transfer module residing in the non-secure node; and d) an application server in a secure zone for initiating a connection to the web-server via the secure transfer module. - View Dependent Claims (21)
-
-
22. A method, comprising:
-
embedding in code of an agent a public key of an application server that is behind a firewall; downloading the code of the agent and the public key into a browser; verifying the agent to authenticate the public key of the application server; establishing a communication link between the application server and a relay module that is in a non-secure environment and between the browser and the relay module; and securely transferring data from the browser through the relay module to the application server without requiring a trusted intermediate party. - View Dependent Claims (23, 24, 25)
-
Specification