Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
2005-05-17
2005-05-17
Morse, Gregory (Department: 2134)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
Reexamination Certificate
active
06895501
ABSTRACT:
A connection is established between a server and a web browser having access to a first, trusted public key. The server downloads a digitally signed archive to the browser, the archive including a second public key. The browser verifies the digitally signed archive using the first public key, and stores the second public key in response to the verification. The browser then uses the stored second public key to authenticate the server and establish a secure connection with the server. The second public key and its chain of trust need not be known by the browser beforehand, and the archive may include program fragments that store the key in an area where the browser (or an applet running under the browser) can access and use it. The archive may also include a program fragment that performs certificate validation for the client—enabling the client to handle certificate types it does not know about. Advantages include allowing the archive to be transmitted over any insecure connection since it is integrity protected and authenticated; and allowing the client to make a direct connection to the server without having to access certificate stores on the platform.
REFERENCES:
patent: 5657390 (1997-08-01), Elgamal et al.
patent: 5724425 (1998-03-01), Chang et al.
patent: 5850451 (1998-12-01), Sudia
patent: 5870544 (1999-02-01), Curtis
patent: 5924096 (1999-07-01), Draper et al.
patent: 5951636 (1999-09-01), Zerber
patent: 6023764 (2000-02-01), Curtis
Web site information, HTTP://ei.cs.vt.edu, Sureshkumar, Vijay, “Java Security”, last modified Sep. 22, 1996.
Web site information, HTTP://java.sun.com. Dageforde, Mary, “The Java Tutorial” “Providing Your Own Security Manager” “Java Security API” (Feb. 2, 2000) “Java Development Kit (JDK) 1.1.x—Signed Applet Example”.
Hopwood, David, “A Comparison between Java and ActiveX Security” (Oct. 10, 1997).
Gong, Li et al., “Going Beyond the Sandbox: An Overview of the New Security Architecture in the Java Development Kit 1.2,” InProceedings of the USENIX Symposium on Internet Technologies and Systems, Monterey, California (Dec. 1997).
Web site information, HTTP://www.javasoft.com/security, Erdos, Marlena et al., “Security Reference Model for the Java Developer's Kit 1.0.2” (Jan. 13, 1996) Yellin, Frank, “Low Level Security in Java” (copyright 1996).
Dean, Drew et al., “Java Security: From HotJava to Netscape and Beyond,”1996 Symposium on Security and Privacy, Oakland, CA(May 6-8, 1996).
Sureshkumar, Vijay, “Java Security,”WWW Beyond the Basics, http://ei.cs.vt.edu (1996).
Dageforde, Mary, “Trail: Security in JDK 1.1,” Tutorial, http://java.sun.com.
“Providing Your Own Security Manager,” Tutorial, http://java.sun.com.
Java Security API, “The Source For Java Technology,” http://java.sun.com.
Hopwood, David, “A Comparison between Java and ActiveX Security,” http://www.users.zetnet.co.uk.
Gong, Li, et al., “Going Beyond The Sandbox: An Overview Of The New Security Architecture In The Java Development Kit 1.2,”Proceedings of the USENIX Symposium on Internet Technologies and Systems, Monterey, California (Dec. 1997).
Erdos, Marlena, et al., “Security Reference Model for the Java Developer's Kit 1.0.2,” http://www.javasoft.com (Nov. 13, 1996).
Yellin, Frank, “Low Level Security in Java,” http://www.javasoft.com (1996).
Dean, Drew, et al., “Java Security: From HotJava to Netscape and Beyond,” to appear in the 1996IEEE Symposium on Security and Privacy, Oakland, California, May 6-8, 1996.
“Java Development Kit (JDK) 1.1x—Signed Applet Example,” http://java.sun.com/security.
Lipman Jacob
Morse Gregory
WRQ, Inc.
LandOfFree
Method and apparatus for distributing, interpreting, and... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for distributing, interpreting, and..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for distributing, interpreting, and... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3429253