Network communication authentication
First Claim
1. A communication system, for use with a communications network, comprising:
- a client configured to communicate with a server via the network and comprising;
an input configured to receive a communication from the server via the network;
memory that includes a data set with identifiable portions, wherein the data set comprises executable code stored in the client prior to receipt of the communication; and
an apparatus coupled to the memory and the input and coupled and configured to select a portion of the executable code of the data set identified by information received at the input, the apparatus being further configured to use the selected portion of the executable code of the data set and a portion of the communication as inputs to an authentication function to produce an authentication result;
wherein the apparatus is further configured to compare the authentication result with an authentication portion of the communication; and
wherein the selected portion of the executable code of the data set is configured to be executed to serve a function independent of being used in accordance with the authentication function.
8 Assignments
0 Petitions
Accused Products
Abstract
A communication system, for use with a communications network, includes a client configured to communicate with the server via the network. The client includes an input configured to receive a communication from a server via the network, a data set with identifiable portions, and an apparatus coupled to the interface and coupled and configured to select a portion of the data set, the apparatus being further configured to process the selected portion of the data set and a portion of the communication in accordance with an authentication function to produce an authentication result, where the selected portion of the data set is configured to serve a function independent of being used in accordance with the authentication function.
42 Citations
24 Claims
-
1. A communication system, for use with a communications network, comprising:
a client configured to communicate with a server via the network and comprising; an input configured to receive a communication from the server via the network; memory that includes a data set with identifiable portions, wherein the data set comprises executable code stored in the client prior to receipt of the communication; and an apparatus coupled to the memory and the input and coupled and configured to select a portion of the executable code of the data set identified by information received at the input, the apparatus being further configured to use the selected portion of the executable code of the data set and a portion of the communication as inputs to an authentication function to produce an authentication result; wherein the apparatus is further configured to compare the authentication result with an authentication portion of the communication; and wherein the selected portion of the executable code of the data set is configured to be executed to serve a function independent of being used in accordance with the authentication function. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
15. A communication server, for use with a communication network and a communication client, comprising:
-
a memory that stores shared information, including executable code, that is also stored by the client, the shared information being stored in addressed portions; a server processor coupled to the memory and configured to select a portion of the executable code of the shared information, to obtain communication data for a communication, to apply an authentication function to the selected portion of the executable code of the shared information and the communication data to produce an expected authentication result, and to issue the communication, including an indication of the selected portion of the executable code of the shared information, the communication data, and the expected authentication result; and an output coupled to the server processor and configured to convey the communication from the server processor to the network; wherein the selected portion of the executable code of the shared information is disposed at the client prior to the issuance of the communication and is configured to be executed to serve a function independent of being used in accordance with the authentication function. - View Dependent Claims (16, 17, 18)
-
-
19. A method of communicating sensitive commands over a communications network, the method comprising:
-
accessing first authenticating data, including executable code, in a first device coupled to the communications network; obtaining the sensitive command in the first device; effecting a replay protection value in the first device; processing the first authenticating data, the sensitive command, and the replay protection value in the first device to obtain a first authentication check code; transmitting the sensitive command, the replay protection value, the first authentication check code, and an indication of the first authenticating data from the first device over the network to a second device; accessing second authenticating data, including executable code stored prior to transmission in the second device, in accordance with the indication of the first authenticating data, wherein the executable code is configured to be executed to serve a function independent of being used in accordance with the authenticating; processing, in the second device, the second authenticating data, the sensitive command, and the replay protection value to obtain a second authentication check code; comparing, in the second device, the second authentication check code to the first authentication check code; and implementing, by the second device, the sensitive command only if the second authentication check code satisfies at least one authentication criterion. - View Dependent Claims (20, 21, 22, 23, 24)
-
Specification