Software based multi-channel polymorphic data obfuscation
First Claim
Patent Images
1. A secure communication network comprising:
- at least one client device communicatively connectable to a host server to communicate data between the client device and the host server;
the host server comprising;
a means associated with the host server for polymorphically generating and embedding a plurality of obfuscation data and program code into a source code for a data entry form including generating a plurality of decoy form elements and embedding the decoy form elements into the source code of the data entry form; and
a means associated with the host server for transmitting the source code for the data entry form to the client device; and
the client device comprising;
a means associated with the client device for establishing a communications connection with the host device;
a means associated with the client device for interpreting the obfuscation data embedded in the data entry form source code to generate a consistently displayed interactive data entry page including a plurality of interactive data entry fields and a virtual keypad, the interactive data entry page rendered on a display of the client device; and
a means associated with the client device for interpreting and executing the program code embedded in the data entry form source code to obfuscate data entered in at least one of the interactive data entry fields using a first user interface device of the client device and transmute data entered in at least one of the interactive data entry fields using a second user interface device.
3 Assignments
0 Petitions
Accused Products
Abstract
A method and system for providing secure communication between a server and a remote client utilizing a polymorphic software platform. In various embodiments, the system provides mixed mode data entry, meaningless field entries and randomly generated false entries interpolated into the real entries for providing a secure system of communication such that a third party has no repeatable method of decoding the information transmitted.
-
Citations
18 Claims
-
1. A secure communication network comprising:
-
at least one client device communicatively connectable to a host server to communicate data between the client device and the host server; the host server comprising; a means associated with the host server for polymorphically generating and embedding a plurality of obfuscation data and program code into a source code for a data entry form including generating a plurality of decoy form elements and embedding the decoy form elements into the source code of the data entry form; and a means associated with the host server for transmitting the source code for the data entry form to the client device; and the client device comprising; a means associated with the client device for establishing a communications connection with the host device; a means associated with the client device for interpreting the obfuscation data embedded in the data entry form source code to generate a consistently displayed interactive data entry page including a plurality of interactive data entry fields and a virtual keypad, the interactive data entry page rendered on a display of the client device; and a means associated with the client device for interpreting and executing the program code embedded in the data entry form source code to obfuscate data entered in at least one of the interactive data entry fields using a first user interface device of the client device and transmute data entered in at least one of the interactive data entry fields using a second user interface device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for providing secure communication within a communications network, said method comprising:
-
establishing a communications connection between a client device and a host device of the communications network; polymorphically generating and embedding a plurality of obfuscation data and program code into a source code for a data entry form at the host server without change to the source code itself, wherein generating and embedding a plurality of obfuscation data and program code into a source code for a data entry form comprises generating a plurality of decoy form elements and embedding the decoy form elements into the source code of the data entry form; transmitting the source code for the data entry form to the client device; and executing an interface program stored on the client device to; interpret the obfuscation data embedded in the data entry form source code and generate an interactive data entry page rendered on a display of the client device utilizing the obfuscation data, the interactive data entry page including a plurality of interactive data entry fields and a virtual keypad; and interpret and execute the program code embedded in the data entry form source code to obfuscate data entered in at least one of the interactive data entry fields using a first user interface device of the client device and transmute data entered in at least one of the interactive data entry fields using a second user interface device. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A method of user authentication for a communications network, said method comprising:
-
establishing a communications connection with a client device and a host device of the communications network, via the communication router of the communications network; polymorphically generating and embedding a plurality of obfuscation data and program code into a source code for a data entry form at the host server without change to the source code itself including generating a plurality of decoy form elements and embedding the decoy form elements into the source code of the data entry form; transmitting the source code for the data entry form to the client device; and executing a router interface program stored on the client device to; interpret the obfuscation data embedded in the data entry form source code and generate an interactive data entry page rendered on a display of the client device utilizing the obfuscation data, the interactive data entry page including a plurality of interactive data entry fields and a virtual keypad; interpret and execute the program code embedded in the data entry form source code to obfuscate data entered in at least one of the interactive data entry fields using a first user interface device of the client device and transmute data entered in at least one of the interactive data entry fields using a second user interface device; concatenate the data entered using the first and second user interface devices; apply a random salt to the concatenated data, the random salt generated at the host server and embedded in the data entry from source code; hash the salted data; pass the hashed data to the host server; decrypting the hashed data at the host server; comparing the decrypted data to user credential data stored in an electronic mass storage database of the host device; and authenticating a user of the client device based on the data comparison.
-
Specification