COMPUTER SECURITY BASED ON CLIENT-SIDE CHECKING OF SECURE COMPUTER NETWORK COMMUNICATIONS

Abstract

A computer security method including sending a communication from a first computer to a second computer via a computer network, where the sending is performed in accordance with a predefined policy indicating an identity of the second computer in association with a predefined computer security privilege, receiving at the first computer a certificate sent from the second computer via the computer network in response to the communication, where the certificate is signed with a private key of a certificate authority, determining, responsive to receipt of the certificate at the first computer, and using a public key of the certificate authority, whether the certificate is valid, and granting the predefined computer security privilege at the first computer responsive to determining that the certificate is valid.

CPC Classifications