Crypto-proxy server and method of using the same
First Claim
Patent Images
1. A method of providing remote cryptographic services, the method comprising at a biometric certification server (BCS):
- establishing a secure connection between a client and the biometric certification server (BCS);
receiving a request for a cryptographic service from the client;
receiving biometric data from a user;
the BCS generating a disposable public key/private key pair if the user is authenticated based on the biometric data; and
the BCS performing the requested cryptographic service.
3 Assignments
0 Petitions
Accused Products
Abstract
A method of providing a certificate from a client to a server is disclosed. The method comprises receiving a request for a certificate from the server and forwarding the request to a biometric certification server (BCS). The method further includes receiving a biometric identification from the client and forwarding the biometric identification to the BCS. If the biometric identification matches a registered user on the BCS, receiving a certificate including a public key of the client certified by the BCS, and forwarding the certificate to the server, thereby identifying the client to the server.
98 Citations
26 Claims
-
1. A method of providing remote cryptographic services, the method comprising at a biometric certification server (BCS):
-
establishing a secure connection between a client and the biometric certification server (BCS); receiving a request for a cryptographic service from the client; receiving biometric data from a user; the BCS generating a disposable public key/private key pair if the user is authenticated based on the biometric data; and the BCS performing the requested cryptographic service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of providing a certificate from a client to a third party server, the method comprising:
-
receiving a request at the client for a certificate from the third party server; forwarding the request from the client to a biometric certification server (BCS); receiving a biometric identification from the client and forwarding the biometric identification to the BCS; if the biometric identification matches a registered user on the BCS, receiving a certificate including a public key of the client certified by the BCS; and forwarding the certificate, including the public key of the client certified by the BCS, to the third party server, thereby identifying the client to the third party server. - View Dependent Claims (11, 12)
-
-
13. An apparatus for performing remote cryptographic functions comprising:
-
a crypto-server having a crypto-proxy interface for receiving a request for a cryptographic function from a client on a secure connection; an authentication engine for authenticating the user based on biometric data received through the crypto-proxy interface of the crypto-server; a cryptographic engine for performing the cryptographic functions after the authentication engine has authenticated the user based on the biometric data; and the crypto-proxy interface for returning data to the client, after the cryptographic functions are performed. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. An apparatus for permitting remote cryptographic functions comprising:
-
a crypto-API (application program interface) for receiving cryptographic function requests; a cryptographic service provider for establishing a secure connection to a remote crypto-server, and having the crypto-server perform the cryptographic function; and a sensor for receiving biometric data from a user, the biometric data sent to the crypto-server to authenticate the user, the remote crypto-server to generate a disposable public key/private key pair and perform the requested cryptographic function when the user is successfully authenticated using the biometric data.
-
-
23. An apparatus comprising:
-
a client comprising; a crypto-API (application program interface) for receiving cryptographic function requests; and a cryptographic service provider for establishing a secure connection to a remote crypto-server, and having the crypto-server generate a disposable public key/private key pair and perform the cryptographic function; and a sensor for receiving biometric data from a user, the biometric data sent to the crypto-server to authenticate the user; the remote crypto-server comprising; a crypto-proxy interface for receiving a request for the cryptographic function from the client on the secure connection; an authentication engine for authenticating the user based on the biometric data; a cryptographic engine for performing the cryptographic functions; and the crypto-proxy interface for returning data to the client, after the cryptographic functions are performed.
-
-
24. An apparatus, comprising:
-
a crypto-server having a crypto-proxy interface for receiving a request for a cryptographic function from a client on a secure connection; an authentication engine to authenticate a user of the client based on biometric data of the user; a cryptographic engine to use a user'"'"'s private key, as a virtual smart card, to perform the requested cryptographic function after the user has been authenticated by the authentication engine; and the crypto-proxy interface for returning data to the client, after the cryptographic functions are performed. - View Dependent Claims (25, 26)
-
Specification