Used trusted co-servers to enhance security of web interaction

Assignee

• International Business Machines Corporation · US

Inventors

• David M. Chess · Potsdam, US
• Joan Dyer · New York, US
• Naomaru Itoi · Fremont, US
• Jeff Kenneth Kravitz · Yorktown Heights, US
• Elaine R. Palmer · Hanover, US
• Ronald Perez · Mount Kisco, US
• Sean William Smith · Hanover, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L2463/102
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A trusted co-server, and a method of using a trusted co-server, for a service provider. The co-server executes a program such that: for multiple parties P0–Pn (where Po is said co-server), each party Pi may (optionally) provide input Ii, and then said co-server carries out N functions: Fi (io . . . In) describes what the co-server returns to party Pi. The preferred embodiment of the invention raises the trust level of the computation and data storage at the server. For instance, this invention may be witness to authenticity of certain data coming back to the client. This data can include assertions from the trusted co-server about the server content and configuration. The invention, also, can provide privacy of data going back to the server, by keeping it encrypted between the client and the co-server, and then re-encrypting it before inserting it into the server. With this invention, the user can trust the integrity of the computation occurring at the co-server—even if the server operator might be motivated to subvert it. The co-server also provides a trusted haven for computation relevant to third parties who may also have an interest in the client-server interaction.