| CPC H04L 63/083 (2013.01) [H04L 9/30 (2013.01); H04L 9/3236 (2013.01)] | 20 Claims |
|
1. A computer-implemented method for securing data in a data source using tokens, the method comprising:
performing, by the data source and a client that desires access to secured data stored in the data source, a mutual authentication process to establish a trusted environment between only the data source and the client, performance of the mutual authentication process comprising at least both of:
performing, by the data source, a first authentication to authenticate the client to the data source by using, at least:
a copy of a service tag of the client that is stored in the data source, and
a copy of a first portion of a startup data of the client, the startup data causes a predetermined entity to be started up when the startup data is executed by the client during a startup of the client and is stored in a startup data storage of the client, the copy of the first portion of the startup data is stored in the data source and the service tag is used to identify the copy of the first portion of the startup data for use during the authentication; and
performing, by the client, a second authentication to authenticate the data source to the client by using at least:
the copy of the service tag of the client stored in the data source, and
a copy of a second portion of the startup data, the copy of the second portion of the startup data is stored in the data source and the service tag is used to identify the copy of the second portion of the startup data for use during the authentication,
wherein the first authentication and the second authentication are performed concurrently in an overlapping in time manner,
wherein the mutual authentication process is successful and the trusted environment is established when the first authentication indicates to the data source that the client is authentic and the second authentication indicates to the client that the data source is authentic, and
wherein the mutual authentication process is unsuccessful and the client is denied access to the secured data stored in the data source when either the first authentication or the second authentication indicates that one of the client and the data source are not authentic;
providing, by the data source and only after the mutual authentication process is successful, a token to the client, the token provided by the data source grants the client access to secured data.
|