Remote verification of user presence and identity
First Claim
1. A system for verifying presence and identity of a user on a remote computer, comprising:
- a server connected to a networked communication system;
a remote computer including a client program, wherein said client program is a secure web browser that communicates with a microcontroller, said microcontroller being a USB device, wherein said USB device is registered with said server, said USB device having an encryption and authentication program that creates an encrypted key and verifies whether said USB device remains connected to said remote computer, wherein a user can access information via a session of said secure web browser upon authentication being verified by said system, and wherein said remote computer is connected to said networked communication systemwherein said remote computer acquires said encrypted key from said USB device and transmits said encrypted key to said server, said server then uses said encrypted key to verify that said USB device is registered;
wherein said server and said USB device each have an algorithm that generates respective encrypted random integers and time stamps, wherein said server periodically checks whether said respective random integers match;
said server allowing the user to access web pages from said server via the session using said secure web browser upon said respective integers matching;
said server and said USB device each further configured to send instructions to said secure web browser to terminate the session when said time stamp generated by said encryption program is outside of a predetermined time frame;
wherein said server sends instructions to said secure web browser to terminate the session when said USB device is disconnected from said remote computer; and
both said server and said USB device send instructions to said secure web browser to terminate session when said integers do not match.
2 Assignments
0 Petitions
Accused Products
Abstract
A system for verifying the presence and identity of a user on a remote computer having a server connected to a network, the network being connected to one or more remote computers. The system further includes a microcontroller connected to the remote computer by means such as USB, and registered with the server. The USB microcontroller is authenticated upon being inserted into a remote computer and is continuously authenticated thereafter until the user disconnects the USB microcontroller from the computer. When the proper authentication is satisfied, the system runs a secure web browser that is used to access websites that may have a user'"'"'s confidential and sensitive data. Upon disconnecting the USB device, the secure web browser closes and none of the session data is stored locally on the computer.
54 Citations
18 Claims
-
1. A system for verifying presence and identity of a user on a remote computer, comprising:
-
a server connected to a networked communication system;
a remote computer including a client program, wherein said client program is a secure web browser that communicates with a microcontroller, said microcontroller being a USB device, wherein said USB device is registered with said server, said USB device having an encryption and authentication program that creates an encrypted key and verifies whether said USB device remains connected to said remote computer, wherein a user can access information via a session of said secure web browser upon authentication being verified by said system, and wherein said remote computer is connected to said networked communication systemwherein said remote computer acquires said encrypted key from said USB device and transmits said encrypted key to said server, said server then uses said encrypted key to verify that said USB device is registered;
wherein said server and said USB device each have an algorithm that generates respective encrypted random integers and time stamps, wherein said server periodically checks whether said respective random integers match;
said server allowing the user to access web pages from said server via the session using said secure web browser upon said respective integers matching;said server and said USB device each further configured to send instructions to said secure web browser to terminate the session when said time stamp generated by said encryption program is outside of a predetermined time frame;
wherein said server sends instructions to said secure web browser to terminate the session when said USB device is disconnected from said remote computer; and
both said server and said USB device send instructions to said secure web browser to terminate session when said integers do not match. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for verifying presence and identity of a user on a remote computer, comprising:
- a server connected to a networked communication system;
a remote computer including a client program, wherein said client program is a secure web browser that communicates with a microcontroller, wherein said microcontroller is registered with said server, said microcontroller having an encryption and authentication program that creates an encrypted key and verifies whether said microcontroller remains connected to said remote computer, wherein a user can access information via a session of said secure web browser upon authentication being verified by said system, and wherein said remote computer is connected to said networked communication system;wherein said remote computer acquires said encrypted key from said microcontroller device and transmits said encrypted key to said server, said server then uses said encrypted key to verify that said USB device is registered;
wherein said server and said microcontroller device each have an algorithm that generates respective encrypted random integers and time stamps, wherein said server periodically checks whether said respective random integers match;
said server allowing the user to access web pages from said server via the session using said secure web browser upon said respective integers matching;said server and said microcontroller each further configured to send instructions to said secure web browser to terminate the session when said time stamp generated by said encryption program is outside of a predetermined time frame;
wherein said server sends instructions to said secure web browser to terminate the session when said microcontroller is disconnected from said remote computer; and
both said server and said microcontroller send instructions to said secure web browser to terminate session when said integers do not match.
- a server connected to a networked communication system;
-
11. A system for verifying presence and identity of a user on a remote computer, comprising:
-
a server connected to a networked communication system;
a remote computer including a client program, wherein said client program is a secure web browser that communicates with a microcontroller, wherein said microcontroller is registered with said server, said microcontroller having an encryption and authentication program that creates an encrypted key and verifies whether said microcontroller remains connected to said remote computer, wherein a user can access information via a session of said secure web browser upon authentication being verified by said system, and wherein said remote computer is connected to said networked communication system;wherein said remote computer acquires said encryption program from said microcontroller;
said remote computer transmitting a random array of integers and a time stamp to said server, said server running a copy of said encryption program, said copy generating said random array of integers at the time of said time stamp, said server verifying that said microcontroller is registered with said server by comparing said random array of integers to said random array of integers received from said remote computer, said server rejecting said remote computer if said microcontroller is not registered at said server;wherein said server allows the user to access web pages via the session on said server when said microcontroller has been verified to be registered with said server; and
wherein said server instruct said secure web browser to close its windows when said microcontroller is disconnected from said remote computer; and
both said server and said microcontroller send instructions to said secure web browser to terminate session when said integers do not match. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
-
Specification