Used trusted co-servers to enhance security of web interaction

US 7,194,759 B1
Filed: 09/15/2000
Issued: 03/20/2007
Est. Priority Date: 09/15/2000
Status: Expired due to Fees

First Claim

Patent Images

1. A method, comprised of enhancing a computational service to each client of a plurality of clients, by:

moving a selected portion of a computation from a server into a trusted co-server executing inside a secure coprocessor;

allowing each client to interact with the server and the co-server; and

using the trusted co-server as a trusted third party to authenticate interactions between the client and the server; and

wherein the moving step includes the steps ofi) installing a device private/public key pair on the co-server,ii) installing co-server application software in the trusted co-server, said co-server application software having an ability to authenticate itself using said device key pair,iii) the co-server application software then generating an application key pair including a public key and a private key,iv) using the co-server application'"'"'s ability to authenticate itself with said device key pair to prove to a certificate authority that said application key pair belongs to an installation of said co-server application,v) the certificate authority then issuing a certificate attesting to the public key of said application key pair and the entity to which said public key belongs, andvi) the co-server application storing said certificate,the step of using the trusted co-server includes the steps ofi) establishing a session between the client and the co-server application, andii) indicating to the client that the co-server application demonstrates knowledge of the private key of said application key pair to provide assurance of the authenticity of communication from the trusted co-server.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A trusted co-server, and a method of using a trusted co-server, for a service provider. The co-server executes a program such that: for multiple parties P₀–P_n(where P_ois said co-server), each party P_imay (optionally) provide input I_i, and then said co-server carries out N functions: F_i(i_o. . . I_n) describes what the co-server returns to party P_i. The preferred embodiment of the invention raises the trust level of the computation and data storage at the server. For instance, this invention may be witness to authenticity of certain data coming back to the client. This data can include assertions from the trusted co-server about the server content and configuration. The invention, also, can provide privacy of data going back to the server, by keeping it encrypted between the client and the co-server, and then re-encrypting it before inserting it into the server. With this invention, the user can trust the integrity of the computation occurring at the co-server—even if the server operator might be motivated to subvert it. The co-server also provides a trusted haven for computation relevant to third parties who may also have an interest in the client-server interaction.

71 Citations

View as Search Results

42 Claims

1. A method, comprised of enhancing a computational service to each client of a plurality of clients, by:
- moving a selected portion of a computation from a server into a trusted co-server executing inside a secure coprocessor;
  
  allowing each client to interact with the server and the co-server; and
  
  using the trusted co-server as a trusted third party to authenticate interactions between the client and the server; and
  
  wherein the moving step includes the steps ofi) installing a device private/public key pair on the co-server,ii) installing co-server application software in the trusted co-server, said co-server application software having an ability to authenticate itself using said device key pair,iii) the co-server application software then generating an application key pair including a public key and a private key,iv) using the co-server application'"'"'s ability to authenticate itself with said device key pair to prove to a certificate authority that said application key pair belongs to an installation of said co-server application,v) the certificate authority then issuing a certificate attesting to the public key of said application key pair and the entity to which said public key belongs, andvi) the co-server application storing said certificate,the step of using the trusted co-server includes the steps ofi) establishing a session between the client and the co-server application, andii) indicating to the client that the co-server application demonstrates knowledge of the private key of said application key pair to provide assurance of the authenticity of communication from the trusted co-server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 2. A method as in claim 1, wherein the step of allowing includes providing a trusted third party at said server.
  - 3. A method as recited in claim 1, wherein said step of allowing includes enabling said each client an authenticated, private channel to said co-server.
  - 4. A method as in claim 3, wherein said step of enabling includes the said each client using the co-server'"'"'s certified application keypair to establish a shared symmetric key.
  - 5. A method as in claim 4, wherein said step of enabling includes employing the Secure Sockets Layer (SSL) protocol.
  - 6. A method as in claim 1, wherein said service is a Web service and said clients are remote users operating browsers.
  - 7. A method as in claim 1, wherein said step of moving includes integrating functions of said co-server in a same machine as said server.
  - 8. A method as in claim 1, wherein said enhancing includes providing a desired security and/or privacy property.
  - 9. A method as in claim 1, wherein said enhancing includes providing at least one security and/or privacy property to an application selected from the group including:
    - authentication of clients, nonrepudiation of client activity, nonrepudiation of server activity, credit card transaction security, taxes on e-commerce activity, re-selling of intellectual property, privacy of sensitive or proprietary web activity, correctness of web activity, enforcement of logo and/or “
      
      seal of approval”
      
      licenses, safety of downloadable content, authenticity of downloadable content, integrity of server machine, and any combination of these.
  - 10. A method as in claim 1, wherein:
    - input from said client is prompt from server for the user'"'"'s private authentication data, input from said server is this authentication data, and a co-server algorithm that generates output to a client based on said current co-server state and said inputs indicates whether or not the authentication data is correct for this user.
  - 11. A method as in claim 10, where the co-server algorithm that generates output to said client based on a current co-server state and inputs includes a signed statement, using a private key known to the co-server, attesting, for the server, that the client engaged in an interaction satisfying certain properties.
  - 12. A method as in claim 10, where the co-server algorithm that generates output to said client based on a current co-server state and inputs includes a signed statement, using a privacy key known to the co-server, attesting, for the client, that the server engaged in an interaction satisfying certain properties.
  - 13. A method as in claim 10, wherein:
    - the input from said client includes a credit card number (CCN), the output co-server algorithm that generates output to said client based on a current co-server state and inputs includes the CCN, encrypted so that the server cannot read the CCN but an acquirer can.
  - 14. A method as in claim 13, wherein:
    - the input from said server includes a transaction amount, the output co-server algorithm that generates output to said client based on a current co-server state and inputs includes the transaction amount, cryptographically bound to the encrypted CCN so that the server cannot alter the transaction amount.
  - 15. A method as in claim 10, where:
    - the input from said client includes a credit card number (CCN), the input from said server includes a transaction amount, the co-server encrypts this CCN so that the server cannot read the CCN but an acquirer can, and cryptographically binds the transaction amount to this encrypted CCN, then, at some point during or after the interaction, transmits this data to the acquirer in such a manner so that the acquirer can receive this transaction exactly once.
  - 16. A method as in claim 10, where:
    - a remote party is an owner of intellectual property, the input from the server includes part of this property, encrypted so that only the co-server can decrypt said part, the co-server algorithm that generates output to said client based on a current co-server state and inputs include a portion of a decryption of input from said client.
  - 17. A method as in claim 10, where the co-server algorithm that generates output to said client based on said current co-server state and said inputs includes a transformation of a portion of a decryption of input from said server, where said transformation includes adding a watermark.
  - 18. A method as in claim 10, where the co-server algorithm includes a transformation of a portion of a decryption of input from said server, where said transformation includes reducing the quality of the plaintext.
  - 19. A method as in claim 10, where the co-server algorithm includes a portion of a decryption of input from said server, re-encrypted in a manner that a secure coprocessor at the client site can decrypt said server.
  - 20. A method as in claim 1, wherein:
    - the interactions include a transaction amount A, co-server input includes an accumulated total, a function co-server algorithm that generates a new co-server state based on a current co-server state and inputs updates the accumulated total by adding T(A), where T is a predefined function, and at some point during or after this interaction, the co-server produces an authenticated statement of the current value of the accumulated total.
  - 21. A method as in claim 1, wherein:
    - the establishing step includes the step of the client providing input including a choice of which record R in a set of records the client would like to receive, the co-server includes this record R in its response to the client, however, the co-server obtains R in such a way as the server does not know which record was the one selected.
  - 22. A method as in claim 1, wherein:
    - a remote party establishes a content evaluation scheme, consisting of an evaluation function mapping content to some set of indicators, and as part of computing the client output co-server algorithm, the co-server calculates, or verifies an external calculation, of the evaluation function and includes the result in the client output.
  - 23. A method as in claim 22, where the evaluation function is parameterized by a “
    - signature file” and
      
      where the output to the client includes an identification of which signature file was used in this interaction.
  - 24. A method as in claim 22, where the remote party has injected the evaluation function and/or some of its parameters into the co-server through a private channel, so that the server cannot know the details of the evaluation function execution occurring on the co-server.
  - 25. A method as in claim 22, where input from the server includes both content and a signature on the content, and the evaluation function includes testing whether the signature is valid.
  - 26. A method as in claim 1, where:
    - a remote party establishes a content evaluation scheme, consisting of an evaluation mapping content to some set of indicators, and as part of computing the server output co-server algorithm, the co-server calculates, or verifies an external calculation, of the evaluation function and includes the result in the output.
  - 27. A method as in claim 1, where:
    - the co-server has the ability to carry out security-enhancing actions against the server, and output returned to the client indicates which of these actions have been carried out, and how recently.
  - 28. A method as in claim 1, where:
    - the client can specify whether the interaction is a read interaction or a write interaction;
      
      for a write interaction;
      
      the client input includes a message M and a specification S of the appropriate entities who can read this message;
      
      the co-server retains M and S by storing them in some combination across the co-server and server via an algorithm that generates new co-server state based on said current co-server state and said inputs, the internal state in the co-server and co-server algorithm that generates output to said server based on a current co-server state and inputs;
      
      in said write interaction;
      
      any portion of M sent via co-server algorithm that generates output to said server based on said current co-server state and said inputs is encrypted, so that the server cannot access the plaintext;
      
      and mechanisms are used to ensure that, when the co-server later retrieves any of this data from the server, that the data has not been changed;
      
      for a read interaction;
      
      the client input specifies which message M the client would like to read, the co-server retrieves S;
      
      if the client satisfies S, then the co-server sends M back to the client, after first retrieving and decrypting M.
  - 29. A method according to claim 1, wherein:
    - the moving step includes the step of an operator of the server using a secure coprocessor platform to install and certify the trusted co-server, including the steps ofi) the server operator obtaining a secure coprocessor platform,ii) the server operator installing the co-server application software into the secure coprocessor platform,the establishing step includes the steps ofi) establishing an SSL session between the client and the trusted co-server, andii) the client using a Web browser to initiate an SSL session with the co-server application within the secure co-processor at a Web site maintained by the server operators, andthe indicating step includes the step of said Web browser indicating to the client that the co-server application demonstrates knowledge of the private key of said generated application key pair.
  - 30. A method according to claim 29, wherein the using step includes the further steps of:
    - the client opening an SSL session to the trusted co-server, said trusted co-server being configured with a payment application, including the steps ofi) the server forwarding a price to the co-server,ii) the co-server then displaying said price and accepting private credit card information of the client,iii) the co-server signing and encrypting said price and said private credit card information, andiv) the server operator then injecting said encrypted price and credit card information into a payment system;
      
      the client opening an SSL session with a trusted co-server configured with a server status application, including the step of the co-server displaying authenticated information to the client about the server and providing a link by which the client can connect to the server; and
      
      the client opening an SSL session with the trusted co-server, said trusted co-server being configured with an authentication application, including the steps ofi) the co-server prompting the client for client authentication information, including a user id and password,ii) the client providing said authentication information,iii) the co-server verifying the authenticity of said information, then directing the client to the server, and providing the server with an authentication token indicating that the client has properly authenticated.

31. A method for enhancing a service to provide security and/or privacy to each client of a plurality of clients, said service including computation on a server controlled by an operator, the method comprising:
- moving a selected portion of said computation from a server controlled by said operator into a trusted co-server executing inside a secure coprocessor;
  
  allowing clients to interact with the server through the co-server; and
  
  using the trusted co-server as a trusted third party to authenticate interactions between the client and the server; and
  
  wherein the moving step includes the steps ofi) installing a device private/public key pair on the co-server,ii) installing co-server application software in the trusted co-server, said co-server application software having an ability to authenticate itself with said device key pair,iii) the co-server application software then generating an application key pair including a public key and a private key,iv) using the co-server application'"'"'s ability to authenticate itself with said device key pair to prove to a certificate authority that said application key pair belongs to an installation of said co-server application,v) the certificate authority then issuing a certificate attesting to the public key of said application key pair and the entity to which said public key belongs, andvi) the co-server application storing said certificate, the step of using the trusted co-server includes the steps ofi) establishing a session between the client and the co-server application, andii) indicating to the client that the co-server application demonstrates knowledge of the private key of said application key pair to provide assurance of the authenticity of communication from the trusted co-server.
- View Dependent Claims (32)
- - 32. A method as recited in claim 31 wherein the secure coprocessor is installed at the server.

33. A method for enhancing a service including computation on a server controlled by an operator, the method comprising:
- providing at least one security and privacy property to at least one client of a plurality of clients by;
  
  moving a selected portion of said computation from a server controlled by said operator into a trusted co-server executing inside a secure coprocessor;
  
  enabling clients to interact with the server and the co-server; and
  
  using the trusted co-server as a trusted third party to authenticate interactions between the client and the server; and
  
  wherein the moving step includes the steps ofi) installing a device private/public key pair on the co-server,ii) installing co-server application software in the trusted co-server, said co-server application software having an ability to authenticate itself using said device key pair,iii) the co-server application software then generating an application key pair including a public key and a private key,iv) using the co-server application'"'"'s ability to authenticate itself with said device key pair to prove to a certificate authority that said application key pair belongs to an installation of said co-server application,v) the certificate authority then issuing a certificate attesting to the public key of said application key pair and the entity to which said public key belongs, andvi) the co-server application storing said certificate,the step of using the trusted co-server includes the steps ofi) establishing a session between the client and the co-server application, andii) indicating to the client that the co-server application demonstrates knowledge of the private key of said application key pair to provide assurance of the authenticity of communication from the trusted co-server.

34. A trusted co-server, executing a program such that:
- for multiple parties, including a Web server, a remote client and said co-server, each party provides input, and then the co-server carries out for each party, a function on all these inputs, and output to said each party; and
  
  wherein the co-server executes so as to authenticate interactions between the client and the Web server so that said parties can authenticate and trust the correct execution of the co-server, in interactions between the client and the co-server, despite attempts by the Web server to subvert said execution; and
  
  wherein a device private/public key pair and co-server application software is installed in the trusted co-server, said co-server application software having an ability to authenticate itself using said device key pair, and said co-server application software generates an application key pair including a public key and a private key, said co-server authenticates itself using said device key pair to prove to a certificate authority that said application key pair belongs to an installation of said co-server application, the certificate authority then issues a certificate attesting to the public key of said application key pair and the entity to which said public key pair belongs, and the co-server application stores said certificate, and when a session is established between the client and the co-server application, the client is informed that the co-server application has knowledge of the private key of said key pair to provide assurance of the authenticity of communications from the trusted co-server.
- View Dependent Claims (35, 36)
- - 35. A trusted co-server according to claim 34, wherein the co-server executes inside a tamper respondent secure coprocessor.
  - 36. A trusted co-server according to claim 34, wherein the secure coprocessor is co-located at said server.

37. A method of enhancing the security of a Web based transaction utilizing a server, the method comprising the steps:
- providing the server with a trusted co-server; and
  
  using the trusted co-server to execute a program such that;
  
  for multiple parties,each party provides input and then said co-server carries out for each party, a function on all these inputs to authenticate interactions between the party and the server and the parties trust interactions between the parties and the servers andwherein a device private/public key pair and co-server application software is installed in the trusted co-server, said co-server application software having an ability to authenticate itself using said device key pair, and said co-server application software generates a key pair including a public key and a private key, said co-server authenticates itself using said device key pair to prove to a certificate authority that said application key pair belongs to an installation of said co-server application, the certificate authority then issues a certificate attesting to the public key of said application key pair and the entity to which said public key pair belongs, and the co-server application stores said certificate, and when a session is established between the client and the co-server application, the client is informed that the co-server application has knowledge of the private key of said key pair to provide assurance of the authenticity of communications from the trusted co-server.
- View Dependent Claims (38, 39)
- - 38. A method according to claim 37, where:
    - one party is a Web server and another party is a remote client.
  - 39. A method according to claim 37, where:
    - the client authenticates the co-server, the client sends its input to the co-server over a private channel, and the co-server sends its output to said another party over a private channel.

40. A program storage device readable by machine, tangibly embodying a program of instructions executable by the machine to perform method steps for enhancing a computational service to at least one client of a plurality of clients, said method steps comprising:
- moving a selected portion of a computation from a server into a trusted co-server executing inside a secure coprocessor;
  
  allowing each client to interact with the server and the co-server; and
  
  using the trusted co-server as a trusted third party to authenticate interactions between the client and the server; and
  
  wherein the moving step includes the steps of;
  
  i) installing a device private/public key pair on the co-server,ii) installing co-server application software in the trusted co-server, said co-server application software having an ability to authenticate itself using said device key pair,iii) the co-server application software then generating an application key pair including a public key and a private key,iv) using the co-server application'"'"'s ability to authenticate itself with said device key pair to prove to a certificate authority that said application key pair belongs to an installation of said co-server application,v) the certificate authority then issuing a certificate attesting to the public key of said application key pair and the entity to which said public key belongs, andvi) the co-server application storing said certificate, the step of using the trusted co-server includes the steps ofi) establishing a session between the client and the co-server application, andii) indicating to the client that the co-server application demonstrates knowledge of the private key of said application key pair to provide assurance of the authenticity of communication from the trusted co-server.
- View Dependent Claims (41, 42)
- - 41. A program storage device according to claim 40, wherein the step of allowing includes providing a trusted third party at said server.
  - 42. A program storage device according to claim 41, wherein the step of allowing includes enabling said each client an authenticated, private channel to said co-server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Perez, Ronald, Chess, David M., Smith, Sean William, Palmer, Elaine Rivette, Itoi, Naomaru, Kravitz, Jeff, Dyer, Joan
Primary Examiner(s)
Moazzami; Nasser
Assistant Examiner(s)
Colin; Carl G.

Application Number

US09/663,664
Time in Patent Office

2,377 Days
Field of Search

713/201, 380/25, 380/49, 705/1, 709/228, 709/203
US Class Current

726/2
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/608   Watermarking

H04L 2463/102   applying security measure f...

H04L 63/062   for key distribution, e.g. ...

H04L 63/0823   using certificates cryptogr...

H04L 63/166   at the transport layer

H04L 9/321   involving a third party or ...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

Used trusted co-servers to enhance security of web interaction

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

71 Citations

42 Claims

Specification

Solutions

Use Cases

Quick Links

Used trusted co-servers to enhance security of web interaction

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

71 Citations

42 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links