1. Field of the Invention
The present invention is directed to computer systems. More particularly, it is directed to providing protection from mutual replay attacks in computing environments.
2. Description of the Related Art
The Internet, sometimes called simply “the Net,” is a worldwide system of computer networks in which a client at any one computer may, with permission, obtain information from any other computer. The most widely used part of the Internet is the World Wide Web, often abbreviated “WWW,” which is commonly referred to as “the web.” The web may be defined as all the resources (e.g., web pages and web sites) and users on the Internet that use the Hypertext Transfer Protocol (HTTP) or variations thereof to access the resources. A web site is a related collection of web files that includes a beginning file called a home page. From the home page, the user may navigate to other web pages on the web site. A web server program is a program that, using the client/server model and HTTP, serves the files that form the web pages of a web site to the web users, whose computers contain HTTP client programs (e.g., web browsers) that forward requests and display responses. A web server program may host one or more web sites.
The ubiquitous nature of the Internet and other electronic communication channels has led to a rise in electronic commerce and other electronic activities for which security is a concern. To breach security of such communication channels, attackers and other unscrupulous individuals employ a variety of techniques aimed at weak points in communication protocols. One common type of attack includes the replay attack. In one example of replay attack, an attacker might eavesdrop on messages communicated between a first entity and a second entity and leverage information gained through eavesdropping in order to pose as a legitimate party to the communication. For instance, the attacker might eavesdrop on a message including authentication information (e.g., a password) sent by the first entity to the second entity as proof of identity. With knowledge of the information gained through eavesdropping, the attacker may pose as the first entity by sending a message that includes the eavesdropped authentication information.