System, method and computer program product for guaranteeing electronic transactions

US 7,769,997 B2
Filed: 02/16/2005
Issued: 08/03/2010
Est. Priority Date: 02/25/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A method, comprising:

detecting on a network an initiation of a data transaction comprising a plurality of data packets transmitted between a server and a client over a protected channel, the data transaction being encrypted utilizing a session secret negotiated between the server and the client;

capturing a copy of the data transaction by copying the data packets from a point in the protected channel during transmission;

associating an identifier with the data transaction;

generating timestamps for the copied data packets, each timestamp including information identifying the identifier;

storing the captured copy of the data transaction, the identifier and the timestamps in a database;

mapping the identifier to an entry in an index;

retrieving the captured copy of the data transaction from the database utilizing the entry;

submitting a portion of the captured copy of the data transaction to at least one of the server and the client to obtain the session secret;

decrypting the captured copy of the data transaction utilizing the obtained session secret; and

comparing data received by at least one of the server and the client during the data transaction with data contained in the decrypted captured copy of the data transaction to determine if the received data matches the captured data.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method and computer program product for guaranteeing a data transaction over a network are disclosed. When a data transaction between at least a server and a client is detected on a network, data transmitted via the network between the server and client during the data transaction is captured. At least one identifier is associated with the captured data. A timestamp is also generated for the captured data. The timestamp includes information therein identifying at least a portion of the identifier(s). The captured data, the identifier(s) and the timestamp are stored in one or more data stores. The identifier(s) associated with the stored captured data is also mapped to an entry in an index to permit retrieval of the stored data from the data store via the index.

Citations

16 Claims

1. A method, comprising:
- detecting on a network an initiation of a data transaction comprising a plurality of data packets transmitted between a server and a client over a protected channel, the data transaction being encrypted utilizing a session secret negotiated between the server and the client;
  
  capturing a copy of the data transaction by copying the data packets from a point in the protected channel during transmission;
  
  associating an identifier with the data transaction;
  
  generating timestamps for the copied data packets, each timestamp including information identifying the identifier;
  
  storing the captured copy of the data transaction, the identifier and the timestamps in a database;
  
  mapping the identifier to an entry in an index;
  
  retrieving the captured copy of the data transaction from the database utilizing the entry;
  
  submitting a portion of the captured copy of the data transaction to at least one of the server and the client to obtain the session secret;
  
  decrypting the captured copy of the data transaction utilizing the obtained session secret; and
  
  comparing data received by at least one of the server and the client during the data transaction with data contained in the decrypted captured copy of the data transaction to determine if the received data matches the captured data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 16)
- - 2. The method of claim 1, wherein the data transaction comprises a Voice over Internet Protocol (VoIP) communication.
  - 3. The method of claim 2, wherein the data transaction comprises a signaling communication and a media transport communication, and wherein separate session secrets are negotiated for the signaling communication and the media transport communication.
  - 4. The method of claim 3, wherein the session secret of the media transport communication is constructed from information negotiated during the signaling communication.
  - 5. The method of claim 4, wherein the decrypting further comprises parsing data decrypted from the signaling communication to obtain information for retrieving captured data of the media transport communication.
  - 6. The method of claim 1, wherein a portion of the captured copy of the data transaction is discarded from the database and a cryptographic state of the data transaction is stored in the database to facilitate subsequent decryption of the data transaction.
  - 7. The method of claim 6, wherein the session secret comprises a block cipher in cipher block chaining mode and the cryptographic state comprises a cipher text of a block preceding a section of the data transaction adjacent the discarded portion.
  - 8. The method of claim 6, wherein the session secret comprises a stream cipher and the cryptographic state comprises a position of a first bit of an end section of the data transaction relative to a complete key stream generated by the stream cipher.
  - 9. The method of claim 8, wherein the cryptographic state is utilized to decrypted the end portion of the data transaction.
  - 16. The method of claim 1, wherein the protected channel comprises a SSL/TLS protected channel.

10. A system, comprising:
- a recorder coupled to a network between a server and a client, the recorder detecting on a network an initiation of a data transaction comprising a plurality of data packets transmitted between the server and the client over a protected channel, the data transaction being encrypted utilizing a session secret negotiated between the server and the client;
  
  the recorder having a sniffing engine for capturing a copy of the data transaction by copying the data packets from a point in the protected channel during transmission and associating an identifier with the data transaction;
  
  the recorder having a time-stamping engine for generating timestamps for the copied data packets, each timestamp including information identifying the identifier;
  
  a database coupled to the recorder for storing the captured copy of the data transaction, the identifier and the timestamps;
  
  the recorder having logic for mapping the identifier to an entry in an index;
  
  a player coupled to the network for retrieving the captured copy of the data transaction from the database utilizing the entry, submitting a portion of the captured copy of the data transaction to at least one of the server and the client to obtain the session secret, decrypting the captured copy of the data transaction utilizing the obtained session secret, and comparing data received by at least one of the server and the client during the data transaction with data contained in the decrypted captured copy of the data transaction to determine if the received data matches the captured data.
- View Dependent Claims (11, 12)
- - 11. The system of claim 10, wherein the data transaction comprises a Voice over Internet Protocol (VoIP) communication.
  - 12. The system of claim 10, wherein a portion of the captured copy of the data transaction is discarded from the database and a cryptographic state of the data transaction is stored in the database to facilitate subsequent decryption of the data transaction.

13. An article of manufacture embodied on a tangible computer readable medium and containing computer code therein for causing a computer to perform a method, the method comprising:
- detecting on a network an initiation of a data transaction comprising a plurality of data packets transmitted between a server and a client over a protected channel, the data transaction being encrypted utilizing a session secret negotiated between the server and the client;
  
  capturing a copy of the data transaction by copying the data packets from a point in the protected channel during transmission;
  
  associating an identifier with the data transaction;
  
  generating timestamps for the copied data packets, each timestamp including information identifying the identifier;
  
  storing the captured copy of he data transaction, the identifier and the timestamps in a database;
  
  mapping the identifier to an entry in an index;
  
  retrieving the captured copy of the data transaction from the database utilizing the entry;
  
  submitting a portion of the captured copy of the data transaction to at least one of the server and the client to obtain the session secret;
  
  decrypting the captured copy of the data transaction utilizing the obtained session secret; and
  
  comparing data received by at least one of the server and the client during the data transaction with data contained in the decrypted captured copy of the data transaction to determine if the received data matches the captured data.
- View Dependent Claims (14, 15)
- - 14. The article of manufacture of claim 13, wherein the data transaction comprises a Voice over Internet Protocol (VoIP) communication.
  - 15. The article of manufacture of claim 13, wherein a portion of the captured copy of the data transaction is discarded from the database and a cryptographic state of the data transaction is stored in the database to facilitate subsequent decryption of the data transaction.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Chemtron Research LLC (Intellectual Ventures LLC)
Original Assignee
Network Resonance Incorporated
Inventors
Dick, Kevin Stewart, Rescorla, Eric
Primary Examiner(s)
Barron, Jr., Gilberto
Assistant Examiner(s)
PERUNGAVOOR, VENKATANARAY

Application Number

US11/059,908
Publication Number

US 20050160095A1
Time in Patent Office

1,994 Days
Field of Search

713/13
US Class Current

713/154
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/60   Digital content management,...

H04L 2209/80   Wireless

H04L 2463/102   applying security measure f...

H04L 2463/121   Timestamp

H04L 63/0428   wherein the data content is...

H04L 63/123   received data contents, e.g...

H04L 67/14   Session management for real...

H04L 69/329   in the application layer [O...

H04L 9/0637   Modes of operation, e.g. ci...

H04L 9/321   involving a third party or ...

System, method and computer program product for guaranteeing electronic transactions

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

System, method and computer program product for guaranteeing electronic transactions

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links