SYSTEM AND METHOD FOR SECURED NETWORK ACCESS UTILIZING A CLIENT .NET SOFTWARE COMPONENT

US 20090307486A1
Filed: 06/09/2008
Published: 12/10/2009
Est. Priority Date: 06/09/2008
Status: Abandoned Application

First Claim

Patent Images

1. A method for self-service authentication of a client and a server, the method comprising:

receiving on the server an initialization command from the client over an unsecured data transfer link;

requesting authentication information from the client;

transmitting a client software component from the server to the client in response to receiving authentication information from the client;

processing the client software component, the client software component being configured to evaluate a client-side library on the client for generating a client private key, a client public key, and a certificate signing request;

signing the certificate signing request on a certificate server; and

generating a client certificate corresponding to the signed certificate signing request on the client.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for self-service authentication of a client and a server. The method includes the server receiving an initialization command from the client. The initialization command may be transmitted to the server via a client web browser over an unsecured data transfer link. The method continues with requesting authentication information from the client. In response to receiving the authentication information from the client, the server transmits a client software component to the client. The client software component utilizes a client-side library installed on the operating system of the client to generate the various client credentials described above. Thereafter, the certificate signing request may be transmitted to a certificate server for signing the certificate signing request. The signed certificate signing request is then received by the client via the client web browser. The client utilizes the information associated with the signed certificate signing request with the client-side library installed on the client to generate a client certificate.

76 Citations

View as Search Results

17 Claims

1. A method for self-service authentication of a client and a server, the method comprising:
- receiving on the server an initialization command from the client over an unsecured data transfer link;
  
  requesting authentication information from the client;
  
  transmitting a client software component from the server to the client in response to receiving authentication information from the client;
  
  processing the client software component, the client software component being configured to evaluate a client-side library on the client for generating a client private key, a client public key, and a certificate signing request;
  
  signing the certificate signing request on a certificate server; and
  
  generating a client certificate corresponding to the signed certificate signing request on the client.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the server is in communication with a database for verifying the authentication information.
  - 3. The method of claim 1, wherein the database is hosted on the server.
  - 4. The method of claim 1, wherein the server is in communication with a telephony server for issuing a onetime pass-code to the client independent of the unsecured data transfer link.
  - 5. The method of claim 4, wherein the client utilizes the onetime pass-code for authentication of the client on the server.
  - 6. The method of claim 1, wherein the client software component is an executable code transmitted to the client from the server.
  - 7. The method of claim 1, wherein the server is a Secure Sockets Layer (SSL) Virtual Private Network (VPN).
  - 8. The method of claim 1, wherein the client transmits the certificate signing request via the client web browser to the certificate server.
  - 9. The method of claim 7, wherein the SSL VPN is in communication with a database for authenticating the client.
  - 10. The method of claim 6, wherein the executable code transmitted to the client from the server is configured to utilize the client-side library installed on the client.

11. A system for self-service client authentication, the system comprising:
- a client computer having a client web browser for transmitting a certificate signing request generated on the client computer;
  
  a server computer in communication with the client computer for establishing a multiple factor authentication of the client computer;
  
  a software component hosted on the client computer, the software component utilizing a client-side library on the client computer for generating a client private key, a client public key, and the certificate signing request in response to the multiple factor authentication of the client computer; and
  
  a certificate server for signing the certificate signing request.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The system of claim 11, wherein the multiple factor authentication includes requesting authentication information from the client computer.
  - 13. The system of claim 12, wherein authentication information from the client computer is validated with authentication information stored on a database.
  - 14. The system of claim 12, further comprising transmitting authentication information from the server via an out of band modality.
  - 15. The system of claim 12, wherein authentication information from the client computer transmitted to the server computer includes responses to knowledge based questions.
  - 16. The system of claim 11, wherein the software component is an executable code transmitted to the client computer from the server computer.
  - 17. The system of claim 16, wherein the executable code is processed by the client web browser to automatically generate a client certificate in response to receiving the signed certificate signing request.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
MultiFactor Corporation (SecureAuth Incorporated)
Original Assignee
MultiFactor Corporation (SecureAuth Incorporated)
Inventors
Moore, Stephen, Lambiase, Mark, Grajek, Garret

Application Number

US12/135,466
Publication Number

US 20090307486A1
Time in Patent Office

Days
Field of Search
US Class Current

713/156
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 63/0272   Virtual private networks

H04L 63/0428   wherein the data content is...

H04L 63/062   for key distribution, e.g. ...

H04L 63/0823   using certificates cryptogr...

H04L 63/123   received data contents, e.g...

H04L 9/3263   involving certificates, e.g...

H04L 9/3273   for mutual authentication n...

SYSTEM AND METHOD FOR SECURED NETWORK ACCESS UTILIZING A CLIENT .NET SOFTWARE COMPONENT

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

76 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR SECURED NETWORK ACCESS UTILIZING A CLIENT .NET SOFTWARE COMPONENT

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

76 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links