1. Field of the Invention
The present invention relates, generally, to security methods and systems for persistent storage and data communications on computer networks, and computer network systems employing the same.
2. Description of Related Art
Data security has become increasingly more important as modern society and industry becomes more reliant on computer-based transactions and communications. Such transactions and communications often involve the transfer of sensitive, confidential or proprietary data on a computer network system, between multiple user computer terminals or between user terminals and server computers.
Network security measures often involve the storage of such sensitive, confidential or proprietary data in highly secure network server computers, with tight control of access to the server computer database. However, even with such security measures, the inherent operating characteristics of typical network systems can render them susceptible to unauthorized access of data.
In typical network systems, multiple authorized users (or clients) communicate over, and have access to, a common communication network. In many computing applications, data that might be sensitive, confidential or proprietary, must be communicated over the common network, for example, between a server computer and an authorized user (client) computer terminal. As a result, there is a concern that data being communicated to or from a particular authorized network user (client) may be accessed, or even altered, by unauthorized users having access to the same network. Such susceptibility to unauthorized access of data transmissions has resulted in an increased need, in many industries, to maximize network transmission security.
Another potential network security issue involves unauthorized access of data stored in xe2x80x9cpersistentxe2x80x9d storage means at a client terminal (the contents of which persists after the computer terminal is turned off). Some examples of such persistent storage include, but are not limited to, magnetic disk drives, including sealed drives, floppy drives, and removable (cartridge) drives; magneto-optical disk drives, optical disk drives; non-volatile, random access memory (NVRAM); and FLASH read-only memory (ROM). Of course, other means for providing persistent storage exist, and embodiments of the present invention apply to those as well.
In many computing applications, sensitive, confidential or proprietary data must be downloaded (or otherwise entered) in a client""s terminal. Indeed, a client might intentionally, or even inadvertently, store such data in a persistent storage means associated with the client""s terminal, for example, in the course of running a particular application. This raises a concern that unauthorized persons might gain access to that persistent storage means and the data stored therein, for example, after the client has turned off and left the terminal.
Thus, conventionally, data stored on network computers has often been vulnerable to compromise, as has data being downloaded from server computers to client computers on the network, or being uploaded from client computers to server computers. Moreover, these security concerns have been heightened in contexts in which, for example, networked client terminals were located in areas that were physically less secure than a secure server computer area, or data was transmitted over an unsecure network or a public network such as the Internet.
To minimize the concern about unauthorized access to data stored at network client terminals, some network systems are designed to minimize or eliminate the persistent storage capability at the client terminal. Thus, some network client terminals have been designed with only enough persistent storage capability to store, for example, an operating program for initiating communications with, and downloading further operating software, applications or data from a network server computer. In this regard, network client terminals may be designed to store minimal or no sensitive data, in a persistent storage means.
However, further security issues are raised by network systems in which network client computer terminals with little or no persistent storage means must run an initial control program sufficient to contact one or more servers and request that the servers download programs and/or data to the client computer. When turned on, such client computers load and start their initial control program, which is typically stored within read-only memory (ROM) means. The initial control program is generally capable of initializing and controlling the communication hardware of the client computer terminal, enabling the client terminal to download its regular control program from the server. Although the client computer may attempt to download its regular control program, further security issues arises from the concern that another computer connected to the network may intercept and alter the control program as it is being downloaded, thereby gaining control over the client computer terminal.
If security concerns regarding such persistent storage could be sufficiently minimized, it would be advantageous for network client terminals to be designed to include (or operate with) persistent storage means local to the client terminal. For example, persistent storage may be used to cache control programs for the client computer, thus relieving communication traffic and security risks associated with downloading such control programs from server computers. Persistent storage may be used to cache data downloaded from a server computer, thus relieving communication traffic and security risks associated with downloading of the same data a multiple number of times to the same client terminal. Portable persistent storage may be used to hold control programs and/or data associated with a particular client of a pool of client computers, such as configuration parameters and preferences, or user-private data, that could be carried by the client, from network terminal to network terminal.
Moreover, it would also be advantageous to minimize the above-noted security concerns relating to the transmission of data between client computers and server computers. For example, if such security concerns could be minimized, control programs for network client computers could be simplified, since they would be able to trust data downloaded from server computers. In addition, control programs executed on server computers could be simplified since they would be able to trust data uploaded from client computers. Furthermore, network client and server computers could trust data transmitted over public, unsecure networks such as the Internet.
It is an object of preferred embodiments of the present invention to minimize the above security problems in a network computing environment.
More particularly, it is an object of preferred embodiments of the present invention to enhance security and performance in a networked computer system in a manner such that a control program downloaded from a server to an authorized user (or client) computer terminal may be protected from alteration by any other computer connected to the network.
It is an object of further preferred embodiments of the present invention to provide the capability to store a control program or data for a client computer terminal on persistent storage directly accessible to the client terminal, but protected from access or alteration by unauthorized users, thus minimizing (or, more preferably, eliminating) the need to download a control program or sensitive data from a server to the client terminal.
It is an object of yet further preferred embodiments of the present invention to provide the capability such that data on persistent storage directly accessible to a client computer terminal may be protected from access or alteration by unauthorized users.
It is an object of yet further preferred embodiments of the present invention to enhance security and performance in a networked computer system such that data communicated between a client computer terminal and a server may be protected from access or alteration by any other computers and/or unauthorized users.
These and other objects are accomplished according to a preferred embodiments, in which a three-stage login procedure takes place, wherein each stage involves communications to and from the client computer and the server computer. In a first stage, a login ID and a public key (encrypted) is provided from the client computer to the server computer and a key-exchange key (encrypted) is provided from the server computer to the client computer.
In a second stage, a first split symmetric key and a server authentication string is generated and encrypted by the client computer and then transmitted to the server computer. In addition, the server computer generates a second split symmetric key and combines the same with the first split symmetric key to obtain a complete symmetric key for encrypting further communications from the server to the client computer. The server also generates a client authentication string and encrypts the same. In addition, the server decrypts the server authentication string received from the client computer, modifies the decrypted string with a predetermined algorithm function (such as incrementing the string by a predetermined number, for example, one), encrypts the modified string as well as the server authentication string and transmits the same, with the client authentication string (encrypted) and the second split symmetric key (encrypted) to the client computer.
In a third stage, the client computer uses the server authentication string to authenticate the server (after decryption and application of the inverse algorithm function). In addition, the client computer combines the second split symmetric key with the first split symmetric key to obtain the complete symmetric key for encrypting further communications from the client computer to the server computer. The client computer also decrypts the client authentication string, modifies the string by applying a predetermined algorithm function to the decrypted string (such as incrementing the string by a predetermined number, for example, one), encrypts the modified client authentication string and transmits the same to the server. The server then uses the client authentication string (after decryption and application of the inverse algorithm function) to authenticate the client computer. Thereafter, the server provides the client computer with a first split symmetric persistent storage key (encrypted), which the client computer combines (after decryption) with a one-way hash value to obtain a persistent storage key for use by the client computer to communication information to and from persistent storage.
In this manner, a common symmetric key is obtained by the server and the client computers for communication therebetween and a second symmetric key is obtained by the client computer for communication to and from persistent storage. In addition, an authentication string is provided to the server computer for authentication client computer and, a further authentication string is provided to the client computer for authication of the server computer. Moreover, every communication of keys, split keys and authentication strings is encrypted before transmission between server and client computers.
Thus, virtually all communications between the client computer and the server may be encrypted. Moreover, both the client-provided password and the server-generated keys and split keys are needed to establish and complete a communication link between a client computer and the server computer. Furthermore, encrypted data and/or operating programs may be stored in persistent storage at the client computer location, while encryption and decryption keys are stored in secure storage associated with the server and provided to a client only after authentication.