Secure user and data authentication over a communication network
US7296149B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Sep 6, 2002 |
| Grant date | Nov 13, 2007 |
| Priority date | — |
| Expiry date | Nov 21, 2024 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2209/76
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
The invention relates to a method of performing user and data authentication over a client (22) in communication via a network (14) with a server infrastructure (16). The client (22) has access via a user-controllable card reader (24) to a smart card (26) on which at least one signature key is stored. The method comprises a user authentication step which includes displaying by the card reader (24) an authentication context, controlling the card reader to request the user for signature approval, and, in the case of signature approval, submitting a challenge, if required together with context data, or data derived therefrom to the smart card (26) for signing. The method further comprises a data authentication step which includes displaying by the card reader (24) the data to be authenticated, controlling the card reader (24) to request the user for signature approval, and, in the case of signature approval, submitting the data to be authenticated, or data derived therefrom, to the smart card (26) for signing.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.