摘要:
The invention relates to a portable authentication token comprising connection means for connecting to a computer, browser communication means for communicating with a browser running on the computer, and user authentication means for authenticating a user of the token to a server. The user authentication means are triggered via the browser communication means when the user connects to the server from the browser of the computer. The user authentication means are set to authenticate the user by communicating with the server through the browser. The token comprises out-of-band token communication means set to validate user authentication by establishing a communication channel between the token and the server, the communication channel bypassing the browser.The invention also relates to an authentication method and to a system comprising a token, a computer and a server to which the user authenticates with the token.
摘要:
Secure communication between a resource-constrained device and remote network nodes over a network with the resource-constrained acting as a network node. The remote network nodes communicate with the resource-constrained device using un-modified network clients and servers. Executing on the resource-constrained device, a communications module implements one or more link layer communication protocols, operable to communicate with a host computer, operable to communicate with remote network nodes and operable to implement network security protocols thereby setting a security boundary inside the resource-constrained device.
摘要:
A system and method for effecting secure transactions over a computer network in a manner designed to foil identity theft perpetrated from an untrusted computer. A connection from a client computer to the network wherein the client computer provides a user interface for a user, a connection from a server computer to the network, and a connection from a portable secure computing device to the network provides for secure transmission of private confidential user information from the user to a server. The private information is transmitted directly from the secure computing device to the server over the secure connection without possibility of capture on the computer with which the user is interacting.
摘要:
A system and a method for operating a device that is not capable of independently maintaining a local time clock to enforce a time-based transaction policy that requires a reliable time reference. The device establishes a secure communications channel to one or more network-attached time sources and inquires of each of the network-attached time-sources as to the current time using the secure communications channel. The device receives the current time from the network-attached time-sources and uses the received current times to estimate a current calendar time and to compute a reliability index associated with the estimated current calendar time. The device uses the estimated current calendar time and reliability index to enforce the time-based transaction policy.
摘要:
The invention relates to a portable authentication token comprising connection means for connecting to a computer, browser communication means for communicating with a browser running on the computer, and user authentication means for authenticating a user of the token to a server. The user authentication means are triggered via the browser communication means when the user connects to the server from the browser of the computer. The user authentication means are set to authenticate the user by communicating with the server through the browser. The token comprises out-of-band token communication means set to validate user authentication by establishing a communication channel between the token and the server, the communication channel bypassing the browser.The invention also relates to an authentication method and to a system comprising a token, a computer and a server to which the user authenticates with the token.
摘要:
A method and system for providing authentication of a user to a first peripheral device connected to a host computer using an authentication of the user on a second peripheral device, thereby allowing the user access to both devices through a single authentication. A security function on the second peripheral device is used to create an authorization phrase. Subsequent accesses to the first peripheral device requires the second peripheral device to re-create the same authorization phrase thereby demonstrating that the same second peripheral device is being used to access the first peripheral device and that a user was successfully authenticated to the second peripheral device. Other systems and methods are disclosed.