WO2012028875A1 - Secure network communication system based on removable keys - Google Patents

Secure network communication system based on removable keys Download PDF

Info

Publication number
WO2012028875A1
WO2012028875A1 PCT/GB2011/051629 GB2011051629W WO2012028875A1 WO 2012028875 A1 WO2012028875 A1 WO 2012028875A1 GB 2011051629 W GB2011051629 W GB 2011051629W WO 2012028875 A1 WO2012028875 A1 WO 2012028875A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
access
client device
server
key system
Prior art date
Application number
PCT/GB2011/051629
Other languages
French (fr)
Inventor
Nicholas Penny
Gregory Wood
Original Assignee
Gsw Technology Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gsw Technology Limited filed Critical Gsw Technology Limited
Publication of WO2012028875A1 publication Critical patent/WO2012028875A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2143Clearing memory, e.g. to prevent the data from being stolen

Definitions

  • the present invention relates to a network communication system which, is provided with a key system to enable secure remote access of electronic data.
  • the invention relates to a network communication system which is provided with a key system operable to enable secure remote access of electronic data via any client device upon provision of the key system to the client device.
  • a remote communication system such as this is enabled.
  • One way, in which a remote communication system is implemented involves an access link being provided from the desktop of the computer being used, for example, by the company employee.
  • the access link will open a communication channel between the users' computer and the remote servers via the internet connection.
  • Security will invariably be implemented within the access link assigned to a named user and access to the users link, or account, will be protected by a code such as a password.
  • the access link once opened, will enable a virtual desktop to be provided on the user's computer which is based on the remote servers. The user will then be able to operate within the company system in the same manner as a user local to the system.
  • Another way of implementing a remote access system involves a web based browser facility which enables the user access to a desired server, such as a company server, via a web browser address using the web browser supplied on the computer being used.
  • the web browser address will provide the user with access to a web page which acts as a security gate and requires the user to input unique coded data such as a user name and password before providing the user access to the remote server via the webpage.
  • This type of system is also commonly used for services such as internet banking where a customer gains remote accesses to their bank data, which resides on the bank's server, from a computer such as a home computer or a computer available publically such as in an internet cafe or library.
  • the present invention seeks to address the problems of the prior art.
  • a network communication system comprising a server system; a plurality of client devices; and a key system wherein the key system is adapted to be provided removably to any one of said client devices and operable to enable access of the server system through the said client device such that upon removal of the key system no trace of the access remains on the client device.
  • Access to a server system through a client device, enabled by a key system, which leaves no trace of access upon the client device following access occurring provides a secure way in which to access electronic data in a network
  • the key system comprises a key mechanism and a verification mechanism thus access to the server system requires negotiation of two separate mechanisms.
  • the verification mechanism may comprise one or more of an identification code mechanism, a confirmation mechanism and a challenge mechanism.
  • the provision of these discreet mechanisms within the verification mechanism increase the security provided by the verification mechanism both individually and, to a greater extent, when used in combination.
  • the key mechanism may be a read only memory device, the provision of which ensures a user must physically provided the client with the key mechanism to enable sever access.
  • a method of providing access to a server system in a communications network comprising removably providing a key system to the client device; and enabling access to the server system through the client device using the key system, such that upon removal of the key system from the client device no remnants of the access are retained upon the client device.
  • a method of providing access to a server system through a client device, enabled by a key system, which leaves no trace of access upon the client device following access occurring provides a secure way in which to access electronic data in a network communications system
  • the method may further comprise the step of removably providing a key mechanism of the key system to the client.
  • the provision of a physical key mechanism by a user introduces a proximity aspect to the security of accessing the server through the client.
  • the method further comprises the step of enabling access to the server system through the client device using a verification mechanism of the key system.
  • the enabling of access to the server using a verification mechanism may include using an identification code mechanism with one or more of a verification mechanism, a confirmation mechanism and a challenge mechanism.
  • the verification mechanism provides further security to method of accessing the server.
  • a key system for use with a communications network comprising a server system and a plurality of client devices, wherein the key system is adapted to be provided removably to a client device, such that access to the server system through said client device is enabled when the client device is provided with the key system and no trace of said access remains upon the client device when the key system is removed from the client device.
  • the key system comprises a key mechanism; the key mechanism may comprise a read only memory chip.
  • the key mechanism may comprise a read only memory chip.
  • Such a physical key mechanism ensures that proximity of the user to a client device is required to enable access to a server system through the client device.
  • the key system may comprise a verification mechanism.
  • the verification mechanism may comprise one or more of an identification code mechanism, a confirmation mechanism or a challenge mechanism.
  • the provision of a verification mechanism provides further security in the accessing a server system through a client device.
  • a server system within a communications network provided with a plurality of clients wherein there server generates a virtual desktop on any client upon a key system being provided to the client such that no trace of said access to the server system remains upon the client device when the key system is removed from the client device.
  • Figure 1 illustrates a communications network provided with a key system according to a first embodiment of the present invention
  • Figure 2 illustrates a schematic diagram of the use of a key system in a communications network of Figure 1.
  • Figure 1 illustrates a communication network 10, for example a company computer network, comprising a plurality of client devices 12a - 12n.
  • the client devices may be laptop computers and a server system 14 within which resides data relating to the company.
  • the client devices 12a-12n can be located remotely from the server system 14.
  • a client device 12a is provided with a key device 16.
  • the key device 16 is, for example, a read only memory chip carried on a portable unit.
  • the key device 16 is part of a key system (not shown) which further comprises a verification mechanism (not shown).
  • the key device 16 is provided with a storage device on which is stored an encrypted secure unique identification code.
  • the encrypted secure unique identification code is provided on the storage device during the manufacturing process.
  • the storage device provided on the key device 16 cannot be programmed or accessed for use as storage once the key is manufactured. As such it is ensured that the key device is computer virus free.
  • the provision of a virus free key device 16 eliminates the potential for transmission of a computer virus, by the key device 16, as the key device 16 is moved from one client device 12a to another such as client device 12n.
  • the protected virtual desktop is provided with a further confirmation mechanism 112 such as a request for input of further personal identification information from the user, such as a response to a question relating to a secret only the user knows.
  • the confirmation mechanism will be established when the user obtains the key device 16 such that sufficient content is provided to the virtual desktop for encryption to enable secure verification to be carried out.
  • the confirmation mechanism 114 Upon completion of the confirmation mechanism 114 and, thus, authentication of the user 1 16, protection on the virtual desktop is removed 118 making the virtual desktop available 120 for use by the user via the client device 12a.
  • authentication mechanism fail.
  • An example of the implementation of the challenge mechanism could be during a security process involved in accessing an internet banking system through the virtual desktop.

Abstract

A network communication system comprising a server system; a plurality of client devices; and a key system wherein the key system is adapted to be provided removably to any one of said client devices and operable to enable access of the server system through the said client device such that upon removal of the key system no trace of the access remains on the client device.

Description

SECURE NETWORK COMMUNICATION SYSTEM BASED ON REMOVABLE KEYS
The present invention relates to a network communication system which, is provided with a key system to enable secure remote access of electronic data. In particular, the invention relates to a network communication system which is provided with a key system operable to enable secure remote access of electronic data via any client device upon provision of the key system to the client device.
The use of electronic equipment for creating, saving and sharing data, as well as to facilitate communication and access services and products, is becoming ever more commonplace. With the increasing use of and access to electronic communication networks, users are relying on access to the electronic data and services available for an ever growing range of uses. Remote access working is one example of the use of electronic equipment and digital communication systems utilising the available equipment and system enables a move away from traditional office based environments. Users, working for a company but based remotely can access the company servers through a device such as a personal computer or laptop connected to an internet connection. Each server access provides the user with access to electronic data available within the company, as well as enabling the user to communicate with other company employees or clients via the company system.
There are two main ways in which a remote communication system such as this is enabled. One way, in which a remote communication system is implemented, involves an access link being provided from the desktop of the computer being used, for example, by the company employee. The access link will open a communication channel between the users' computer and the remote servers via the internet connection. Security will invariably be implemented within the access link assigned to a named user and access to the users link, or account, will be protected by a code such as a password. The access link, once opened, will enable a virtual desktop to be provided on the user's computer which is based on the remote servers. The user will then be able to operate within the company system in the same manner as a user local to the system.
Another way of implementing a remote access system involves a web based browser facility which enables the user access to a desired server, such as a company server, via a web browser address using the web browser supplied on the computer being used. The web browser address will provide the user with access to a web page which acts as a security gate and requires the user to input unique coded data such as a user name and password before providing the user access to the remote server via the webpage. This type of system is also commonly used for services such as internet banking where a customer gains remote accesses to their bank data, which resides on the bank's server, from a computer such as a home computer or a computer available publically such as in an internet cafe or library.
As can be seen from the above examples, in these systems of access, the issue of security is addressed at a superficial level with the requirement of correct inputting of a unique identification and password before access to data held by the remote server is provided. However, both systems of access leave a traceable and accessible link between the computer used and the remote server accessed. In the case of the desktop based link, the provision of the link will always be available on the computer being used. Therefore, any person clicking on the link, if able to guess or work out the user identification and password data, could gain access to the remote server and the data held there. In the case of the web browser based system, the web browser history can be interrogated by any user and once the web link page has been identified, any person able to guess or work out the user identification and password data could gain access to the remote server and the data held there. In view of this, whilst the increase in remote access to computer systems has been of great benefit, it has introduced new and significant security issues.
The present invention seeks to address the problems of the prior art.
According to a first aspect of the present invention there is provided a network communication system comprising a server system; a plurality of client devices; and a key system wherein the key system is adapted to be provided removably to any one of said client devices and operable to enable access of the server system through the said client device such that upon removal of the key system no trace of the access remains on the client device.
Here, the phrase "trace of the access" is intended to include any data that is not publicly available elsewhere.
Access to a server system through a client device, enabled by a key system, which leaves no trace of access upon the client device following access occurring provides a secure way in which to access electronic data in a network
communications system.
Preferably the key system comprises a key mechanism and a verification mechanism thus access to the server system requires negotiation of two separate mechanisms. The verification mechanism may comprise one or more of an identification code mechanism, a confirmation mechanism and a challenge mechanism. The provision of these discreet mechanisms within the verification mechanism increase the security provided by the verification mechanism both individually and, to a greater extent, when used in combination. The key mechanism may be a read only memory device, the provision of which ensures a user must physically provided the client with the key mechanism to enable sever access. According to a second aspect of the invention there is provided a method of providing access to a server system in a communications network, the method comprising removably providing a key system to the client device; and enabling access to the server system through the client device using the key system, such that upon removal of the key system from the client device no remnants of the access are retained upon the client device.
A method of providing access to a server system through a client device, enabled by a key system, which leaves no trace of access upon the client device following access occurring provides a secure way in which to access electronic data in a network communications system
The method may further comprise the step of removably providing a key mechanism of the key system to the client. The provision of a physical key mechanism by a user introduces a proximity aspect to the security of accessing the server through the client.
Preferably, the method further comprises the step of enabling access to the server system through the client device using a verification mechanism of the key system. The enabling of access to the server using a verification mechanism may include using an identification code mechanism with one or more of a verification mechanism, a confirmation mechanism and a challenge mechanism. The verification mechanism provides further security to method of accessing the server.
A key system for use with a communications network comprising a server system and a plurality of client devices, wherein the key system is adapted to be provided removably to a client device, such that access to the server system through said client device is enabled when the client device is provided with the key system and no trace of said access remains upon the client device when the key system is removed from the client device.
The provision of such a key system enables a user to securely access a server system through a client device.
Preferably the key system comprises a key mechanism; the key mechanism may comprise a read only memory chip. Such a physical key mechanism ensures that proximity of the user to a client device is required to enable access to a server system through the client device.
The key system may comprise a verification mechanism. The verification mechanism may comprise one or more of an identification code mechanism, a confirmation mechanism or a challenge mechanism. The provision of a verification mechanism provides further security in the accessing a server system through a client device. According to a third aspect of the invention there is provided a server system within a communications network provided with a plurality of clients wherein there server generates a virtual desktop on any client upon a key system being provided to the client such that no trace of said access to the server system remains upon the client device when the key system is removed from the client device.
An embodiment of the invention will now be described, by way of example only, and with reference to the accompanying drawings, in which:
Figure 1 illustrates a communications network provided with a key system according to a first embodiment of the present invention, and Figure 2 illustrates a schematic diagram of the use of a key system in a communications network of Figure 1. Figure 1 illustrates a communication network 10, for example a company computer network, comprising a plurality of client devices 12a - 12n. The client devices may be laptop computers and a server system 14 within which resides data relating to the company. The client devices 12a-12n can be located remotely from the server system 14. In this example, a client device 12a is provided with a key device 16. The key device 16 is, for example, a read only memory chip carried on a portable unit. The key device 16 is part of a key system (not shown) which further comprises a verification mechanism (not shown).
The key device 16 is provided with a storage device on which is stored an encrypted secure unique identification code. The encrypted secure unique identification code is provided on the storage device during the manufacturing process. The storage device provided on the key device 16 cannot be programmed or accessed for use as storage once the key is manufactured. As such it is ensured that the key device is computer virus free. The provision of a virus free key device 16 eliminates the potential for transmission of a computer virus, by the key device 16, as the key device 16 is moved from one client device 12a to another such as client device 12n.
The use of the key system in a network 10 to facilitate remote access to a user's virtual desktop will now be described with reference to Figures 1 and 2.
In use, the key 16 is input 110 by a user into client device 12a. The verification mechanism of the key system is activated 102 when the key device 16 is inserted into a client device 12a. The verification mechanism generates an identification mechanism which requires input 104 of an identification code by the user of the key device 16. In this case, the identification code is a personal identification number (PIN). The PIN is, in this case, set by the user when they first obtain the key device 16. Upon correct input 106 of the PIN and using a communications protocol such as, for example, secure sockets layer (SSL) or transport layer security, between the client 12a and the server 14 the PIN, if correct, authenticates 108.
Upon successful authentication of the key device 16, a protected virtual desktop, personal to the user, is generated 1 10 by the server 14 and displayed to the user on the client device 12a.
The protected virtual desktop is provided with a further confirmation mechanism 112 such as a request for input of further personal identification information from the user, such as a response to a question relating to a secret only the user knows. In this case, the confirmation mechanism will be established when the user obtains the key device 16 such that sufficient content is provided to the virtual desktop for encryption to enable secure verification to be carried out. Upon completion of the confirmation mechanism 114 and, thus, authentication of the user 1 16, protection on the virtual desktop is removed 118 making the virtual desktop available 120 for use by the user via the client device 12a.
The virtual desktop remains active and is available to the user via the client device 12a so long as the key device 16 remains in connection with the client device 12a. Upon removal 122 of the key device 16 from the client device 12a, the provision of the virtual desktop is ended, shutting down 124 the virtual desktop and leaving no digital footprint on the client device 12a through which the virtual desktop has been accessed.
When connected to the virtual desktop, the user not only has access to the internet, but is able to function within a configurable cloud based desktop environment to access services of their choosing. Furthermore, as the virtual desktop is configurable, the personal preference of the user can be represented in the virtual desktop provided. In addition, a user can generate a plurality of levels within the virtual desktop to enable use of services and data provided both upon the server 14 as well as from other areas of the internet or other communications networks, including other servers (not shown) thus enabling secure remote access to electronic data across all aspects of a communications network system (not shown).
In a further embodiment of the key system, the server 14 can monitor the key system activation and establish a usage data packet relating to this which can then be provided to the virtual desktop. The usage data packet supplied can be used by applications within the virtual desktop to provide a challenge mechanism which enables genuine transactions to take place whilst ensuring fraudulent transactions are halted. The challenge mechanism, in this case, requires user input to correspond to aspects of the usage data packet. This challenge mechanism can provide further security preventing unauthorised accessing of personal data should the security provided by the key mechanism, verification mechanism or
authentication mechanism fail. An example of the implementation of the challenge mechanism could be during a security process involved in accessing an internet banking system through the virtual desktop.
Optional portable access ID storage is also available to the user via the virtual desktop. It will be appreciated that in a yet further embodiment of the communication network 10, portable virtual private network (VPN) licences can be provided for office network connections.
In a yet further embodiment of the key system, the key device 16 is provided with a storage device, or a plurality of storage devices, such that the key device 16 has incorporated on it a plurality of encrypted secure unique identification codes. Such a key device could be utilised by a user requiring to have access a number of different, isolated, server systems. An example of this would be the key device 16 being used in a retail environment by a user to gain customer loyalty points from several differing loyalty point systems each having their own isolated server.
In each of the embodiments detailed it will be appreciated that whilst the loss of the key device 16, by the user, would be an inconvenience to the user, there would be little risk of a security breach as the key device 16 only contains the secure unique identification code relating to the user in isolation from all other information required to instigate access to the virtual desktop of the user.
It will be further understood that whilst the key device 16 is connected to a client device 12a, other electronic equipment, such as a mobile phone (not shown) which can access the internet may also be connected to the client device 12a thus enabling virtual desktop access to the mobile phone at the same time as it is available to the client device 12a.
Although aspects of the invention have been described with reference to the embodiment shown in the accompanying drawings, it is to be understood that the invention is not limited to the precise embodiment shown and that various changes and modifications may be effected without further inventive skill and effort, for example, whilst the key device 16 is detailed as being provided with a read only memory chip, it will be appreciated that it may be any suitable memory device such as, but not limited to any suitable flash memory. It will be further appreciated that whilst the key device 16 is detailed as being provided with a read only chip on which is stored an encrypted secure unique identification code, the key device could alternatively be provided with an identification mechanism such as, but not limited to, a barcode. Furthermore, whilst the verification mechanism has been described as requiring the user of the key device to input an identification code, which has been detailed as a personal identification number (PIN), it will be clearly understood that the verification mechanism may involve encryption to the level of the Advanced Encryption Standard (AES) should this be necessary for the users security requirements. It will also be appreciated that whilst the key system has been described with reference to a series of laptops, the key system may be used with any suitable electronic device through which access to a server can be obtained, including, but not limited to, devices such as mobile phones and notebooks.

Claims

A network communication system comprising:
a server system;
a plurality of client devices; and
a key system,
wherein the key system is adapted to be provided removably to any one of said client devices, and operable to enable access of the server system through the said client device such that upon removal of the key system no trace of the access remains on the client device.
2. A network communication system as claimed in claim 1 wherein the key system comprises a key mechanism and a verification mechanism.
A network communication system as claimed in claim 2 wherein the verification mechanism comprises an identification code mechanism.
A network communication system as claimed in claim 2 or 3 wherein the verification mechanism comprises a confirmation mechanism.
A network communication system as claim in any one of claims 2, 3 or 4 wherein the verification mechanism comprises a challenge mechanism.
A network communication system as claimed in any one of the preceding claims wherein the key mechanism is a read only memory device.
7. A method of providing access to a server system in a communications network, the method comprising: removably providing a key system to the client device; and enabling access to the server system through the client device using the key system,
such that upon removal of the key system from the client device no remnants of the access are retained upon the client device.
A method of providing access to a server system in a communications network as claimed in claim 7, the method further comprising the step of removably providing a key mechanism of the key system to the client.
A method of providing access to a server system in a communications network as claimed in claim 7 of claim 8 the method further comprising the step of enabling access to the server system through the client device using a verification mechanism of the key system.
A method of providing access to a server system in a communications network as claimed in claim 9 wherein the method further comprises enabling access to the server system through the client device using an identification code mechanism of the verification mechanism.
A method of providing access to a server system in a communications network as claimed in claim 9 or 10 wherein the method further comprises enabling access to the server system through the client device using a confirmation mechanism.
A method of providing access to a server system in a communications network as claim in any of claims 9 to 1 1 wherein the method further comprises enabling access to the server system through the client device using a challenge mechanism. A key system for use with a communications network comprising a server system and a plurality of client devices, wherein the key system is adapted to be provided removably to a client device, such that access to the server system through said client device is enabled when the client device is provided with the key system and no trace of said access remains upon the client device when the key system is removed from the client device.
A key system as claimed in claim 13 wherein the key system comprises a key mechanism.
A key system as claimed in claim 13 or 14 wherein the key system comprises a verification mechanism.
A key system as claimed in any of claims 13 to 15 wherein the verification mechanism comprises an identification code mechanism.
A key system as claimed in any of claims 13 to 16 wherein the verification mechanism comprises a confirmation mechanism.
A key system as claim in any of claims 13 to 17 wherein the verification mechanism comprises a challenge mechanism.
A server system within a communications network provided with a plurality of clients wherein the server system generates a virtual desktop on any client upon a key system being provided to the client such that no trace of said access to the server system remains upon the client device when the key system is removed from the client device. A server as claimed in claim 19 wherein the key system comprises a key mechanism.
A server as claimed in claim 19 or 20 wherein the key system comprises a verification mechanism.
PCT/GB2011/051629 2010-08-31 2011-08-31 Secure network communication system based on removable keys WO2012028875A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB201014433A GB2483239A (en) 2010-08-31 2010-08-31 Purging server access traces from client device on removal of key access system
GB1014433.5 2010-08-31

Publications (1)

Publication Number Publication Date
WO2012028875A1 true WO2012028875A1 (en) 2012-03-08

Family

ID=43013442

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2011/051629 WO2012028875A1 (en) 2010-08-31 2011-08-31 Secure network communication system based on removable keys

Country Status (2)

Country Link
GB (1) GB2483239A (en)
WO (1) WO2012028875A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9451026B2 (en) 2010-08-27 2016-09-20 Millennium Enterprise Corporation Electronic devices

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020162009A1 (en) * 2000-10-27 2002-10-31 Shimon Shmueli Privacy assurance for portable computing
WO2007074431A2 (en) * 2005-12-27 2007-07-05 Atomynet Inc. Method and apparatus for securing access to applications
WO2008122755A1 (en) * 2007-04-05 2008-10-16 Becrypt Limited System and method for providing a secure computing environment

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6453342B1 (en) * 1998-12-03 2002-09-17 International Business Machines Corporation Method and apparatus for selective caching and cleaning of history pages for web browsers
US20060010325A1 (en) * 2004-07-09 2006-01-12 Devon It, Inc. Security system for computer transactions
US9075571B2 (en) * 2005-07-21 2015-07-07 Clevx, Llc Memory lock system with manipulatable input device and method of operation thereof
GB2445783A (en) * 2006-11-23 2008-07-23 Tiss Singapore Pte Ltd Portable security instrument
EP2165268B1 (en) * 2007-03-29 2018-05-09 Christopher Murphy Methods and systems for internet security via virtual software

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020162009A1 (en) * 2000-10-27 2002-10-31 Shimon Shmueli Privacy assurance for portable computing
WO2007074431A2 (en) * 2005-12-27 2007-07-05 Atomynet Inc. Method and apparatus for securing access to applications
WO2008122755A1 (en) * 2007-04-05 2008-10-16 Becrypt Limited System and method for providing a secure computing environment

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
BEN BROMHEAD: "Becrypt Trusted Client v2.3 Security Target EAL2 Version 1.1", 1 November 2009 (2009-11-01), http://www.commoncriteriaportal.org/files/epfiles/BeCryptTCEAL2SecurityTarget1.1.pdf, XP055013055, Retrieved from the Internet <URL:http://www.commoncriteriaportal.org/files/epfiles/BeCryptTCEAL2SecurityTarget1.1.pdf> [retrieved on 20111124] *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9451026B2 (en) 2010-08-27 2016-09-20 Millennium Enterprise Corporation Electronic devices
US9479590B2 (en) 2010-08-27 2016-10-25 Millennium Enterprise Corporation Master storage device for controlling slave functions of a host electronic device
US9781211B2 (en) 2010-08-27 2017-10-03 Millennium Enterprise Corporation Storage device having master and slave storage device modes

Also Published As

Publication number Publication date
GB201014433D0 (en) 2010-10-13
GB2483239A (en) 2012-03-07

Similar Documents

Publication Publication Date Title
US10567385B2 (en) System and method for provisioning a security token
US9741033B2 (en) System and method for point of sale payment data credentials management using out-of-band authentication
AU2020316972B2 (en) First factor contactless card authentication system and method
CN108804906B (en) System and method for application login
US10491588B2 (en) Local and remote access apparatus and system for password storage and management
CN102148685B (en) Method and system for dynamically authenticating password by multi-password seed self-defined by user
KR20210135986A (en) Systems and methods for second factor authentication of customer support calls
US9374360B2 (en) System and method for single-sign-on in virtual desktop infrastructure environment
US20130318576A1 (en) Method, device, and system for managing user authentication
US9742766B2 (en) System, design and process for easy to use credentials management for accessing online portals using out-of-band authentication
KR20210135984A (en) Systems and methods for pre-authentication of customer support calls
EP2902934B1 (en) Portable Security Device, Method for Securing a Data Exchange and Computer Program Product
Bucko Security of smart banking applications in Slovakia
US20050125698A1 (en) Methods and systems for enabling secure storage of sensitive data
AU2020394624B2 (en) Secure password generation and management using NFC and contactless smart cards
WO2009023421A2 (en) System and method of generating and providing a set of randomly selected substitute characters in place of a user entered key phrase
WO2012028875A1 (en) Secure network communication system based on removable keys
Watts Intelligent combination–the benefits of tokenless two-factor authentication
WO2014086717A1 (en) Assisted authentication using one-time-passcode
CN114024780B (en) Node information processing method and device based on Internet of things equipment
CN202495948U (en) Network security terminal
JP2024016271A (en) Generate and manage secure passwords using NFC and contactless smart cards
Kaur Efficient Encryption mechanism for financial transactions: Avoiding data loss and tackling collisions
CN104023143A (en) Smartphone based on code division multiple access password management function
Hadi Security protocol for a remote user authentication system over unsecure network

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11763965

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11763965

Country of ref document: EP

Kind code of ref document: A1