Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
2000-09-05
2002-12-17
Peeso, Thomas R. (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
C713S169000, C713S170000, C380S277000, C380S278000
Reexamination Certificate
active
06496932
ABSTRACT:
MICROFICHE APPENDIX
A Microfiche Appendix is included in this application and comprises 2 sheets, having a total of 175 frames. The Microfiche Appendix contains material which is subject to copyright protection under the laws of the United States and other nations. The copyright owner has no objection to the facsimile reproduction by any person of the Microfiche Appendix, as it appears in the Patent and Trademark Office patent files or records, but otherwise reserves all copyright rights whatsoever.
BACKGROUND OF THE INVENTION
The present invention generally relates to a computer client-server environment. In particular, the invention relates to a method and system for providing secure transactions and for tracking the state of communications in a public network.
In an ever-increasing fashion, networks are used to transfer data among computers throughout the world. These networks utilize a protocol in which data groups, called packets, are requested by one computer and sent by another computer. With the prevalent use of the global public network known as the Internet, computers located remotely from each other can share information by requesting and delivering these packets. In a client-server environment, the client and a server are software or hardware applications which are used to communicate in a request/response manner. The separate client and server applications can be resident on a single computer or separated by thousands of miles in separate computers connected via a network.
The world-wide web, or “Web,” is one such information system implemented on the Internet. The Web is based on hypertext technology, which allows certain elements of a document or “page” to be expanded or linked to other elements elsewhere on the “Web” of interconnected computers. The Web may be viewed by users via “browsers,” which essentially are local computer programs that read hypertext documents and display graphics. The Web is gated or navigable via these hypertext documents and is structured using links between these documents. The address of individual documents are known as “universal resource locators,” or “URLs.”
In the Web's data exchange implementation, the local computer requesting information may be considered a “client” and the computer responding to the requests may be considered a “server.” Data exchange between the client and server is performed via discontinuous, unrelated and standalone request/response pairs for information. In order to more efficiently handle requests from many clients, the server initiates a new connection for every request. This connection is subsequently broken after each response is transmitted. The server is thereafter available to service a new connection requested from another client.
For every request from the same client, a new connection must be established, although this typically is done fairly quickly. Consequently, a user (or client) who has made previous requests is treated no differently from one who has not. The server responds to each request for information in the order received. Thus, if the client is accessing the server in a series of interdependent cumulative steps, the client not only must request a new connection, but must resend the results of the previous requests to the server. The existence of a new connection and a new set of requests that is sent from the client to the server is often concealed from the user. Thus, the client transparently remembers the “state” of the exchanges between the client and the server, and returns this information to the server so that the exchange can continue appropriately. Often, this “state” information is sent with the URL in each new request.
With this configuration, the state information is stored primarily at the client. If the client does not reestablish a connection with a particular server immediately, some of the state information may become irrelevant or stale as the server updates its own database information. Thus, the state information stored at the client may become irrelevant or useless after a period of time, and the client will need to reestablish the current state with a particular server again.
As the number of cumulative requests to an “interesting” server increases, however, the required amount of information that the client must send to the server also increases. An “interesting” Web application running on a server must acquire and retain state information from the client. With the bandwidth limitations of conventional phone lines or network cable, the retransmitted information increases the amount of time it takes for a client to send a request to the server and to receive a response. More importantly, valuable or confidential information, such as credit card account numbers, is repeatedly sent and is subject to increased risk of interception by undesired parties. Furthermore, should the integrity of the communications link between the client and the server be interrupted at any time, much of the state information retained at the client or the server may be lost, thereby requiring the client to proceed through a previous series of requests to establish the state where communications broke off.
The following practical example illustrates these shortcomings in the prior art. In this example, a server runs a “site,” or “Web application” program, which processes mail order requests for clothing. A consumer uses his computer, the client, to purchase a pair of pants over the Internet by executing a series of requests to a server:
EXAMPLE I
Request No. 1:
Client requests “pants.”
Client sends no state information.
In response, the server gets list of pants and
sends the data back to the client.
Request No. 2:
Client requests “brown” and sends
state information “clothing=pants.”
In response, the server gets a list of
brown pants and sends the data
back to the client.
Request No. 3:
Client requests “show me size 32” and sends
state information “color=brown”; “clothing=pants.”
In response, the server retrieves a list of
brown size 32 pants and sends the data
back to the client.
Request No. 4:
Client requests “show me cuffed” and sends
state information “color=brown”; “size=32”;
“clothing=pants.”
Server retrieves from its database the one
cuffed brown size 32 pair of pants and sends
the data back to the client.
Request No. 5:
Client requests “buy these, my CC# is
1234-4321-1121-3231” and sends state information
“clothing=pants”; “color=brown”, “size=32”,
pantlegs=cuffed.”
Server retrieves from its database the
brown size 32 cuffed pants, processes the
purchase using client's credit card number,
and sends an appropriate response to the
client.
The relationship between the client and the server is “stateless,” in that their communication consists of transmissions bounded by disconnects and reconnects for each new request or response pair. The amount of data sent from the client to the server typically increases with every request by the client in order to ensure that each request from the client is recognized by the server in relation to previous requests. As those skilled in the art will appreciate, the state information sent in the final request necessarily repeats all of the state information accumulated from all previous communications within the same context. It is thus conceivable that a lengthy transaction could require the transmission of hundreds of pieces of state information between the client and server.
It is an objective of the present invention to provide a method for minimizing the amount of information to be transmitted between the client and the server during these network transactions.
It is also an objective of the present invention to increase the security and reliability of the client-server communications.
It is a further objective of the present invention to centralize and secure client-specific data
Peeso Thomas R.
Proact Technologies, Corp.
Thomas Kayden Horstemeyer & Risley LLP
LandOfFree
Secure session tracking method and system for client-server... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Secure session tracking method and system for client-server..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Secure session tracking method and system for client-server... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2980316