System, method and computer program product for guaranteeing electronic transactions
First Claim
1. A method, comprising:
- detecting on a network an initiation of a data transaction comprising a plurality of data packets transmitted between a server and a client over a protected channel, the data transaction being encrypted utilizing a session secret negotiated between the server and the client;
capturing a copy of the data transaction by copying the data packets from a point in the protected channel during transmission;
associating an identifier with the data transaction;
generating timestamps for the copied data packets, each timestamp including information identifying the identifier;
storing the captured copy of the data transaction, the identifier and the timestamps in a database;
mapping the identifier to an entry in an index;
retrieving the captured copy of the data transaction from the database utilizing the entry;
submitting a portion of the captured copy of the data transaction to at least one of the server and the client to obtain the session secret;
decrypting the captured copy of the data transaction utilizing the obtained session secret; and
comparing data received by at least one of the server and the client during the data transaction with data contained in the decrypted captured copy of the data transaction to determine if the received data matches the captured data.
3 Assignments
0 Petitions
Accused Products
Abstract
A system, method and computer program product for guaranteeing a data transaction over a network are disclosed. When a data transaction between at least a server and a client is detected on a network, data transmitted via the network between the server and client during the data transaction is captured. At least one identifier is associated with the captured data. A timestamp is also generated for the captured data. The timestamp includes information therein identifying at least a portion of the identifier(s). The captured data, the identifier(s) and the timestamp are stored in one or more data stores. The identifier(s) associated with the stored captured data is also mapped to an entry in an index to permit retrieval of the stored data from the data store via the index.
-
Citations
16 Claims
-
1. A method, comprising:
-
detecting on a network an initiation of a data transaction comprising a plurality of data packets transmitted between a server and a client over a protected channel, the data transaction being encrypted utilizing a session secret negotiated between the server and the client; capturing a copy of the data transaction by copying the data packets from a point in the protected channel during transmission; associating an identifier with the data transaction; generating timestamps for the copied data packets, each timestamp including information identifying the identifier; storing the captured copy of the data transaction, the identifier and the timestamps in a database; mapping the identifier to an entry in an index; retrieving the captured copy of the data transaction from the database utilizing the entry; submitting a portion of the captured copy of the data transaction to at least one of the server and the client to obtain the session secret; decrypting the captured copy of the data transaction utilizing the obtained session secret; and comparing data received by at least one of the server and the client during the data transaction with data contained in the decrypted captured copy of the data transaction to determine if the received data matches the captured data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 16)
-
-
10. A system, comprising:
-
a recorder coupled to a network between a server and a client, the recorder detecting on a network an initiation of a data transaction comprising a plurality of data packets transmitted between the server and the client over a protected channel, the data transaction being encrypted utilizing a session secret negotiated between the server and the client; the recorder having a sniffing engine for capturing a copy of the data transaction by copying the data packets from a point in the protected channel during transmission and associating an identifier with the data transaction; the recorder having a time-stamping engine for generating timestamps for the copied data packets, each timestamp including information identifying the identifier; a database coupled to the recorder for storing the captured copy of the data transaction, the identifier and the timestamps; the recorder having logic for mapping the identifier to an entry in an index; a player coupled to the network for retrieving the captured copy of the data transaction from the database utilizing the entry, submitting a portion of the captured copy of the data transaction to at least one of the server and the client to obtain the session secret, decrypting the captured copy of the data transaction utilizing the obtained session secret, and comparing data received by at least one of the server and the client during the data transaction with data contained in the decrypted captured copy of the data transaction to determine if the received data matches the captured data. - View Dependent Claims (11, 12)
-
-
13. An article of manufacture embodied on a tangible computer readable medium and containing computer code therein for causing a computer to perform a method, the method comprising:
-
detecting on a network an initiation of a data transaction comprising a plurality of data packets transmitted between a server and a client over a protected channel, the data transaction being encrypted utilizing a session secret negotiated between the server and the client; capturing a copy of the data transaction by copying the data packets from a point in the protected channel during transmission; associating an identifier with the data transaction; generating timestamps for the copied data packets, each timestamp including information identifying the identifier; storing the captured copy of he data transaction, the identifier and the timestamps in a database; mapping the identifier to an entry in an index; retrieving the captured copy of the data transaction from the database utilizing the entry; submitting a portion of the captured copy of the data transaction to at least one of the server and the client to obtain the session secret; decrypting the captured copy of the data transaction utilizing the obtained session secret; and comparing data received by at least one of the server and the client during the data transaction with data contained in the decrypted captured copy of the data transaction to determine if the received data matches the captured data. - View Dependent Claims (14, 15)
-
Specification