M. Shain

Bio: M. Shain is an academic researcher. The author has contributed to research in topics: Message authentication code & Financial transaction. The author has an hindex of 1, co-authored 1 publications receiving 4 citations.

Internet server access control and monitoring systems

Abstract: This invention relates to methods for controlling and monitoring access to network servers. In particular, the process described in the invention includes client-server sessions over the Internet. In this environment, when the user attempts to access an access-controlled file, the server subjects the request to a secondary server which determines whether the client has an authorization or valid account. Upon such verification, the user is provided with a session identification which allows the user to access to the requested file as well as any other files within the present protection domain.

Method and apparatus for maintaining state information on an HTTP client system in relation to server domain and path attributes

Abstract: A method and apparatus for transferring state information between a server computer system and a client computer system. In one embodiment of the method, an http client requests a file, such as an HTML document, on an http server, and the http server transmits the file to the http client. In addition, the http server transmits a state object, which describes certain state information, to the http client. The http client stores the state object, and will typically send the state object back to the http server when making later requests for files on the http server. In a typical embodiment, the state object includes a domain attribute which specifies a domain or network address, and the state object is transmitted from the http client to a server only when the http client makes an http request to the server and the server is within the domain. In one embodiment, the apparatus includes a processor and memory and a computer readable medium which stores program instructions. In the case of the client system, the instructions specify operations such as receiving and storing the state information; in the case of the server system, the instructions specify operations such as sending the state information to a client system.

Provable security of digital signatures in the tamper-proof device model

Abstract: Abstract Proofs of security for practical signature schemes are known in idealised models only. In the present paper, we consider the tamper-proof device model that does not use ideal primitives. Instead of access to a random oracle each participant is provided with tamper-proof device implementing a private-key cryptosystem. The hash-value of a message to be signed is submitted to the tamper-proof device for encryption and this encrypted value is used in the signature generation algorithm. In this model, we prove, modulo a physical assumption, a necessary and sufficient condition for security of the GOST signature scheme.