Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
2006-04-11
2010-06-01
Song, Hosuk (Department: 2435)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
C713S189000, C726S002000
Reexamination Certificate
active
07730308
ABSTRACT:
A method for setting up a secure communication line between a user and a service provider using non-secure communication channels within an insecure network, comprising the steps of transmitting an identity token from a user station to a service provider station both coupled to the insecure network; upon reception of the identity token, triggering the creation of a secret URL by the service provider station; transmitting the secret URL within a secure side channel to the user station; obtaining, within the user station, the secret URL, and setting-up a new communication path in the insecure network linking the user and the service provider station based on said secret URL. Beside discarding a man-in-the-middle by denying him access to the data flow it is also possible to stop him through denying him access to the content of the data flow. Such access can be denied through use of a one-time codebook with semantics only known to the User and the authentication service provider.
REFERENCES:
patent: 6169805 (2001-01-01), Dunn et al.
patent: 6377690 (2002-04-01), Witschorik
patent: 6971017 (2005-11-01), Stringer et al.
patent: 2002/0133697 (2002-09-01), Royer et al.
patent: 2004/0230825 (2004-11-01), Shepherd et al.
patent: 19859409 (2000-07-01), None
patent: 1102157 (2001-05-01), None
patent: 1255178 (2002-11-01), None
patent: 1480107 (2004-11-01), None
patent: WO 03/084127 (2003-10-01), None
Tan Teik Guan, “Phishing Redefined—Preventing Man-in-the-Middle Attacks for Web-based Transactions”, Data Security Systems Solutions PTE Ltd Technical Disclosure, Mar. 2005, www.dsssasia.ci/htmdocs/company
ews—events/Phishing—redefined—Preventing—Man-in-the-Middle-Attacks.pdf.
Jonathan Tuliani, “The Future of Phishing”, Whitepaper, Cryptomathic Ltd., 2004, www.cryptomathic.com/pdf/TH%20Future20of%20Phishing.pdf.
Sangjin Kim et al, “A New Universally Verifiable and Receipt-Free Electronic Voting Scheme Using One-Way Untappable Channels”, Content Computing. Advanced Workshop on Content Computing. AWCC 2004. Proceedings (Lecture Notes in Computer Science vol. 3309) Springer-Verlag Berlin, Germany, 2004, pp. 337-345.
Cattin-Liebl Roger
Jacomet Marcel
Müller Lorenz
Rollier Alain
AXSionics AG
Song Hosuk
The Webb Law Firm
LandOfFree
System and method for providing an user's security when... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and method for providing an user's security when..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and method for providing an user's security when... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4166567