Security method and system for persistent storage and communications on computer network systems and computer network systems employing the same

摘要

A process is described in which a user enters ID and password information at a network client computer terminal. This information is combined with an asymmetric key stored in a persistent storage directly accessible to the client's computer terminal. This "combined" information is communicated through a communication network to one or more server computers for authentication of the client. A similar identification and authentication process may be used to authenticate the server computer. Upon authentication of the client, the server provides the client computer with three symmetric keys, in encrypted format. The first key is for encrypting and decrypting persistent information associated with the client computer's control program. The second key is used to encrypt and decrypt persistent information associated with the login ID. The third key is used to encrypt and decrypt communication between the client computer and the server computer.