WO2007106187A3 - Internet secure terminal for personal computers - Google Patents

Internet secure terminal for personal computers Download PDF

Info

Publication number
WO2007106187A3
WO2007106187A3 PCT/US2006/061385 US2006061385W WO2007106187A3 WO 2007106187 A3 WO2007106187 A3 WO 2007106187A3 US 2006061385 W US2006061385 W US 2006061385W WO 2007106187 A3 WO2007106187 A3 WO 2007106187A3
Authority
WO
WIPO (PCT)
Prior art keywords
secure terminal
internet
secure
personal computers
terminal
Prior art date
Application number
PCT/US2006/061385
Other languages
French (fr)
Other versions
WO2007106187A2 (en
Inventor
Henry Schwarz
Original Assignee
Henry Schwarz
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Henry Schwarz filed Critical Henry Schwarz
Priority to CA002643082A priority Critical patent/CA2643082A1/en
Priority to AU2006340008A priority patent/AU2006340008B2/en
Publication of WO2007106187A2 publication Critical patent/WO2007106187A2/en
Publication of WO2007106187A3 publication Critical patent/WO2007106187A3/en
Priority to GB0814163A priority patent/GB2448638A/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/166Implementing security features at a particular protocol layer at the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps

Abstract

A device which defends Internet (3) users against malware, inauthentic Internet (3) servers (4), counterfeit secure terminals (1), and other attacks. A secure terminal (1) is used as a PC local peripheral. SSL client software (8) executes on the secure terminal (1). Protocol software (7) and application software (6) which employ SSL execute on the secure terminal (1). Received server (4) certificates and their digital signatures are verified against values pre-loaded into the secure terminal (1). The user and the secure terminal (1) are mutually authenticated by passwords.
PCT/US2006/061385 2006-02-22 2006-11-30 Internet secure terminal for personal computers WO2007106187A2 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
CA002643082A CA2643082A1 (en) 2006-02-22 2006-11-30 Internet secure terminal for personal computers
AU2006340008A AU2006340008B2 (en) 2006-02-22 2006-11-30 Internet secure terminal for personal computers
GB0814163A GB2448638A (en) 2006-02-22 2008-08-01 Internet secure terminal for personal computers

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/359,915 US7962742B2 (en) 2006-02-22 2006-02-22 Internet secure terminal for personal computers
US11/359,915 2006-02-22

Publications (2)

Publication Number Publication Date
WO2007106187A2 WO2007106187A2 (en) 2007-09-20
WO2007106187A3 true WO2007106187A3 (en) 2008-04-10

Family

ID=38429779

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2006/061385 WO2007106187A2 (en) 2006-02-22 2006-11-30 Internet secure terminal for personal computers

Country Status (5)

Country Link
US (1) US7962742B2 (en)
AU (1) AU2006340008B2 (en)
CA (1) CA2643082A1 (en)
GB (1) GB2448638A (en)
WO (1) WO2007106187A2 (en)

Families Citing this family (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070271390A1 (en) * 2006-05-19 2007-11-22 Michael Landau Intelligent top-level domain (TLD) and protocol/scheme selection in direct navigation
US20080075096A1 (en) * 2006-09-22 2008-03-27 Enthenergy, Llc Remote access to secure network devices
US20080162915A1 (en) * 2006-12-29 2008-07-03 Price Mark H Self-healing computing system
US20090024645A1 (en) * 2007-07-16 2009-01-22 Sudhir Krishna S Method and system for generating offline applications
IL187492A0 (en) * 2007-09-06 2008-02-09 Human Interface Security Ltd Information protection device
TW200929974A (en) * 2007-11-19 2009-07-01 Ibm System and method for performing electronic transactions
DE102008012427A1 (en) * 2008-02-29 2009-09-03 MICON e.V. - Verein zur Förderung der Mobilität im Internet und in Kommunikationsnetzen e.V. Mobile computer system for performing secure transactions over an unprotected communication network
US8234697B2 (en) 2008-03-31 2012-07-31 Intel Corporation Method, apparatus, and system for sending credentials securely
US9596250B2 (en) 2009-04-22 2017-03-14 Trusted Knight Corporation System and method for protecting against point of sale malware using memory scraping
JP2009290329A (en) * 2008-05-27 2009-12-10 Toshiba Corp Ip communication system, server unit, terminal device and authentication method
US20100146605A1 (en) * 2008-12-04 2010-06-10 Pitney Bowes Inc. Method and system for providing secure online authentication
US20100186070A1 (en) * 2009-01-22 2010-07-22 Mcalear James A System, device and method for secure provision of key credential information
US9860275B2 (en) 2008-12-30 2018-01-02 Ebay Inc. Systems and methods to rotate security assets used for secure communications
JP5320561B2 (en) * 2009-03-19 2013-10-23 株式会社日立製作所 Terminal system for guaranteeing authenticity, terminal and terminal management server
WO2010120261A1 (en) * 2009-04-14 2010-10-21 Thomson Licensing Method for secure transfer of multiple small messages
US8856140B2 (en) * 2009-06-09 2014-10-07 Microsoft Corporation Querying dialog prompts using hash values
US20140259004A1 (en) * 2013-03-07 2014-09-11 Go Daddy Operating Company, LLC System for trusted application deployment
US9177161B2 (en) * 2013-03-15 2015-11-03 Maxim Integrated Products, Inc. Systems and methods for secure access modules
US9332011B2 (en) 2013-04-09 2016-05-03 Yash Karakalli Sannegowda Secure authentication system with automatic cancellation of fraudulent operations
CN104135462A (en) * 2013-05-05 2014-11-05 南京理工大学连云港研究院 Network terminal security equipment based on SSL (Secure Sockets Layer) encryption protocol and method
WO2017058186A1 (en) 2015-09-30 2017-04-06 Hewlett-Packard Development Company, L.P. Certificate analysis
US10798111B2 (en) * 2016-09-14 2020-10-06 International Business Machines Corporation Detecting intrusion attempts in data transmission sessions
CN112956156B (en) * 2021-03-08 2023-05-02 华为技术有限公司 Certificate application method and device
US11706210B2 (en) * 2021-07-22 2023-07-18 Citrix Systems, Inc. Computing connection credential verification

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6694436B1 (en) * 1998-05-22 2004-02-17 Activcard Terminal and system for performing secure electronic transactions
US20050108571A1 (en) * 2003-09-29 2005-05-19 Axalto Inc. Secure networking using a resource-constrained device

Family Cites Families (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5815577A (en) 1994-03-18 1998-09-29 Innovonics, Inc. Methods and apparatus for securely encrypting data in conjunction with a personal computer
US5657390A (en) 1995-08-25 1997-08-12 Netscape Communications Corporation Secure socket layer application program apparatus and method
US5692124A (en) * 1996-08-30 1997-11-25 Itt Industries, Inc. Support of limited write downs through trustworthy predictions in multilevel security of computer network communications
US6400823B1 (en) * 1996-12-13 2002-06-04 Compaq Computer Corporation Securely generating a computer system password by utilizing an external encryption algorithm
US6772331B1 (en) * 1999-05-21 2004-08-03 International Business Machines Corporation Method and apparatus for exclusively pairing wireless devices
US6834271B1 (en) 1999-09-24 2004-12-21 Kryptosima Apparatus for and method of secure ATM debit card and credit card payment transactions via the internet
US6643701B1 (en) * 1999-11-17 2003-11-04 Sun Microsystems, Inc. Method and apparatus for providing secure communication with a relay in a network
US6687836B1 (en) * 1999-11-26 2004-02-03 Hewlett-Packard Development Company, L.P. Method and apparatus which enable a computer user to verify whether they have correctly input their password into a computer
AU2002210969A1 (en) * 2000-10-31 2002-05-15 Arkray, Inc. User authentication method in network
JP2002215582A (en) * 2000-12-28 2002-08-02 Morgan Stanley Dean Witter Japan Ltd Method and device for authentication
WO2002079960A1 (en) * 2001-03-30 2002-10-10 Enterprises Solutions, Inc. Trusted authorization device
US7975139B2 (en) * 2001-05-01 2011-07-05 Vasco Data Security, Inc. Use and generation of a session key in a secure socket layer connection
US6715084B2 (en) * 2002-03-26 2004-03-30 Bellsouth Intellectual Property Corporation Firewall system and method via feedback from broad-scope monitoring for intrusion detection
US20040073795A1 (en) * 2002-10-10 2004-04-15 Jablon David P. Systems and methods for password-based connection
US7366916B2 (en) * 2003-09-20 2008-04-29 Avaya Technology Corp. Method and apparatus for an encrypting keyboard
US7571489B2 (en) * 2004-10-20 2009-08-04 International Business Machines Corporation One time passcode system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6694436B1 (en) * 1998-05-22 2004-02-17 Activcard Terminal and system for performing secure electronic transactions
US20050108571A1 (en) * 2003-09-29 2005-05-19 Axalto Inc. Secure networking using a resource-constrained device

Also Published As

Publication number Publication date
CA2643082A1 (en) 2007-09-20
GB2448638A (en) 2008-10-22
GB0814163D0 (en) 2008-09-10
AU2006340008A1 (en) 2007-09-20
WO2007106187A2 (en) 2007-09-20
US20070198825A1 (en) 2007-08-23
US7962742B2 (en) 2011-06-14
AU2006340008B2 (en) 2011-06-16

Similar Documents

Publication Publication Date Title
WO2007106187A3 (en) Internet secure terminal for personal computers
Shernan et al. More guidelines than rules: CSRF vulnerabilities from noncompliant OAuth 2.0 implementations
WO2007107868A3 (en) A method of securely login to remote servers
WO2007137166A3 (en) Dynamic web services system and method for use of personal trusted devices and identity tokens
WO2010060704A3 (en) Method and system for token-based authentication
EP1703694A3 (en) Trusted third party authentication for web services
Villeneuve et al. Detecting apt activity with network traffic analysis
IL172054A0 (en) Distributed filesystem network security extension
WO2007044613A3 (en) Apparatus system and method for real-time migration of data related to authentication
WO2007123705A3 (en) Enhanced security for electronic communications
WO2007038896A3 (en) Method and devices for user authentication
WO2006052648A3 (en) Network access server (nas) discovery method and apparatus
WO2005062989A3 (en) Authentication system for networked computer applications
HK1069231A1 (en) Three way validation and authentication of boot files transmitted from server to client
WO2001057626A3 (en) Internet server for client authentification
WO2012162102A1 (en) Malware analysis system
WO2008114257A3 (en) Protection against impersonation attacks
EP2839401A1 (en) Secure password-based authentication for cloud computing services
WO2011142971A3 (en) One time passwords with ipsec and ike version 1 authentication
Quach et al. Investigation of the 2016 linux tcp stack vulnerability at scale
Aljawarneh et al. A web client authentication system using smart card for e-systems: initial testing and evaluation
Sidiropoulos et al. Smart tv hacking
Leicher et al. Trusted computing enhanced user authentication with OpenID and trustworthy user interface
Neubauer et al. A roadmap for personal identity management
Heyman New attack tricks antivirus software

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 06846411

Country of ref document: EP

Kind code of ref document: A2

WWE Wipo information: entry into national phase

Ref document number: 2006340008

Country of ref document: AU

WWE Wipo information: entry into national phase

Ref document number: 0814163.2

Country of ref document: GB

Ref document number: 0814163

Country of ref document: GB

Ref document number: 814163

Country of ref document: GB

Ref document number: 6712/DELNP/2008

Country of ref document: IN

WWE Wipo information: entry into national phase

Ref document number: 2643082

Country of ref document: CA

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 06846411

Country of ref document: EP

Kind code of ref document: A2