< Back
Sign In to Follow Application
View All Documents & Correspondence
Login

A Method And System For Secure Communication

Abstract: A method and system are described for secure communication. The system receives a first secure protocol data packet during an authenticated session to communicate with a user computing device using a secure protocol. The encrypted linked data in first secure protocol data packet is decrypted using a secure key that is dependent on encrypted linked data and user credentials. The system retrieves a second secure protocol data packet from a distributed ledger network that is associated with first secure protocol data packet. The encrypted linked data in second secure protocol data packet is decrypted. The system identifies changes between decrypted linked data of first secure protocol data packet and decrypted linked data of second secure protocol data packet and if changes are identified then first secure protocol data packet is considered as tampered and actions in first secure protocol data packet are not executed, thereby preventing fraudulent execution of transactions.

Get Free WhatsApp Updates!
Notices, Deadlines & Correspondence

Patent Information

Application #
Filing Date
25 March 2020
Publication Number
40/2021
Publication Type
INA
Invention Field
COMMUNICATION
Status
Email
bangalore@knspartners.com
Parent Application
Patent Number
Legal Status
Grant Date
2024-09-27
Renewal Date

Applicants

WIPRO LIMITED
Doddakannelli, Sarjapur Road, Bangalore

Inventors

1. CHAITANYA RAJENDRA ZANPURE
Malti Smruti Shri Prasad socy 481/2/c Parvati Pune 411009
2. SHIVAM MISHRA
Flat-426, Gaur Galaxy, Sec-5, Plot-5, Vaishali, Ghaziabad-201010

Specification

We Claim:
1. A transaction server for secure communication, the transaction server comprising: a processor; and
a memory communicatively coupled to the processor, wherein the memory stores processor instructions, which, on execution, causes the processor to:
receive a first secure protocol data packet comprising encrypted linked data and a secret key from a user computing device, wherein the first secure protocol data packet is received during an authenticated session to communicate with a user computing device using a secure protocol, wherein the communication comprises exchange of messages using one or more secure protocol data packets for execution of one or more transactions;
decrypt the encrypted linked data in the first secure protocol data packet using the received secret key, wherein the secret key is dependent on encrypted linked data and user credentials, and wherein the secret key is generated using a one-way hash function
retrieve a second secure protocol data packet, associated with the first secure protocol data packet received from the user computing device, from a distributed ledger network, wherein the second secure protocol data packet associated with the first secure protocol data packet received from the user computing device is identified based on field names comprising Message identifier and Message version number in the first secure protocol data packet, wherein the second secure protocol data packet corresponds to a secure protocol data packet that comprises the encrypted linked data transmitted by the user computing device to the distributed ledger network, wherein in the second secure protocol data packet a Blockchain Flag is set, which is indicative that blockchain based authentication and authorization is used, wherein in the second secure protocol data packet an Authorization Flag is set, which is indicative that message in the second secure protocol data packet has been authorized by an authenticated user, and wherein in the second secure protocol data packet an Authentication Flag is set, which is indicative that authentication was used to protect authenticity of message in the second secure protocol data packet;
decrypt the encrypted linked data in the second secure protocol data packet using the received secret key using one or more decryption techniques;
identify one or more changes between the decrypted linked data of the first secure protocol data packet that is received from the user computing device and the decrypted

linked data of the second secure protocol data packet, wherein if one or more changes are identified then the first secure protocol data packet received from the user computing device is considered as tampered, wherein the identified one or more changes are performed by an unauthenticated user within the authenticated session;
provide a notification to a user indicative of data tamper when one or more changes are identified and prevent execution of one or more actions requested by the user, wherein the identified one or more changes are reported to the user, thereby preventing fraudulent execution of one or more transactions; and
execute one or more actions authorized by an authenticated user if no changes are identified in the first secure protocol data packet received from the user computing device and the second secure protocol data packet.
2. The transaction server of claim 1, wherein the secure protocol establishes a secure link
between the user computing device and the transaction server for exchange of the encrypted
linked data and the secret key is created by:
transmitting a public key of the transaction server to the user computing device, wherein the public key of the transaction server is used to encrypt a session key associated with the authentication session;
decrypting the session key using a private key of the transaction server, wherein the each of the secret key and the first secure protocol data packet to be received from the user computing device are encrypted using the session key; and
decrypting the secret key and the first secure protocol data packet using the decrypted session key, and wherein the encrypted linked data is stored within a secure protocol data packet from the one or more secure protocol data packets.
3. The transaction server of claim 1, wherein the decrypted linked data comprises information
associated with one or more actions performed by the user in the authenticated session and
metadata corresponding to the authenticated session, wherein the information associated
with the one or more actions performed by the user in the authenticated session comprises
monitored action information, and wherein the metadata corresponding to the authenticated
session comprises layout information, URL information, the Message version number, the
Message identifier, one or more message flags, Message security model, Application
Context ID, Application Name and Message security Parameters, and wherein layout

information comprises the Application Context ID, geo location from where the URL is accessed, positioning of one or more actionable elements, wherein the linked data decrypted by the transaction server is generated by linking monitored action information with the authenticated user and the user credentials, wherein the monitored action information comprises one or more actions performed by the authenticated user during the authenticated session, and wherein the one or more actions comprises at least one of location of a click event performed by a user, type of event performed by the user, sequence of the click events, copy events, paste events, log-in event, log-out event.
4. The transaction server of claim 1, further comprising categorizing the one or more actions into one of: low risk actions, medium actions and high risk actions, wherein the high risk actions comprise one or more actions related to a financial transaction, application based authentication, privilege elevation, and role elevation, wherein the categorization is performed based on the Application Context ID, and the Application Name.
5. The transaction server of claim 1, wherein identifying the one or more changes further comprises:
determining if a plurality of first secure protocol data packets are received from the user computing device that correspond to only one second secure protocol data packet that is retrieved from the distributed ledger network; and
determining a first secure protocol data packet from the plurality of first secure protocol data packets whose decrypted linked data is same as the decrypted linked data of the only one second secure protocol data packet that is retrieved from the distributed ledger network, wherein such a first secure protocol data packet is not considered to be tampered with and one or more actions in such a first secure protocol data packet is authorized by the authenticated user; wherein the remaining of the secure protocol data packets from the plurality of first secure protocol data packets are considered to be tampered with and one or more actions in such remaining of the secure protocol data packets is not authorized by the authenticated user, and wherein one or more actions that are not authorized by the authenticated user are not executed by the transaction server, and wherein each of the messages used for communication of the one or more secure protocol data packets comprises one or more message flags that comprise the blockchain flag, the authorization flag, the authentication flag, and a privacy flag.
6. A user computing device for secure communication, the user computing device
comprising:

a processor; and
a memory communicatively coupled to the processor, wherein the memory stores processor instructions, which, on execution, causes the processor to:
receive user credentials from a user to initiate an authenticated session to communicate with a transaction server using a secure protocol, wherein the communication comprises exchange of messages using one or more secure protocol data packets for execution of one or more transactions;
authenticate the user based on the received credentials to create the authenticated session;
monitor one or more actions performed by the authenticated user during the authenticated session;
link the monitored action information with the authenticated user and the user credentials to generate linked data, wherein the linked data comprises information associated with the one or more actions performed by the user in the authenticated session and metadata corresponding to the authenticated session;
encrypt the linked data using one or more encryption techniques to generate encrypted linked data, wherein the encrypted linked data is stored within a secure protocol data packet from the one or more secure protocol data packets;
generate a secret key for decrypting the encrypted linked data in the secure protocol data packet, wherein the secret key is dependent on the encrypted linked data and the user credentials, and wherein the secret key is generated using a one-way hash function; and
transmit the secure protocol data packet comprising the encrypted linked data to a distributed ledger network and further transmitting the secret key and the encrypted linked data to the transaction server.
1. The user computing device of claim 6 further comprising identifying one or more changes, associated with the linked data, which are not being performed by the authenticated user during the authenticated session, wherein the one or more changes are identified based on the comparison of the monitored one or more actions being performed by the authenticated user with a plurality of historical actions and a plurality of historical transactions performed by the authenticated user, wherein the one or more changes associated with the linked data

are performed by an unauthenticated user within the authenticated session, wherein the one or more actions comprises at least one of location of a click event performed by a user, type of event performed by the user, sequence of the click events, copy events, paste events, log-in event, log-out event, and wherein the one or more actions are categorized into one of: low risk actions, medium actions and high risk actions, wherein the high risk actions comprise one or more actions related to a financial transaction, application based authentication, privilege elevation, and role elevation, wherein the categorization is performed based on the Application Context ID, and the Application Name.
8. The user computing device of claim 7 further comprising providing a first notification to the authenticated user indicative of data tamper when one or more changes are identified, and providing a second notification to the authenticated user indicative of data tamper when one or more changes are identified and one or more actions requested by an unauthenticated user are not executed, thereby preventing fraudulent execution of one or more transactions, and wherein the identified one or more changes are reported to the user.
9. The user computing device of claim 6, wherein the one or more message flags comprises a blockchain flag, an authorization flag, an authentication flag, and a privacy flag, wherein in the secure protocol an authentication flag is set, which is indicative that authentication was used to protect authenticity of the messages in the one or more secure protocol data packets.
10. The user computing device of claim 6, wherein the information associated with the one or more actions performed by the user in the authenticated session comprises monitored action information, and wherein the metadata corresponding to the authenticated session comprises layout information, URL information, Message version number, Message identifier, one or more message flags, Message security model, Application Context ID, Application Name and Message security Parameters, and wherein the layout information comprises the Application Context ID, geo location from where the URL is accessed, positioning of one or more actionable elements.
11. The user computing device of claim 6, wherein the secure protocol establishes a secure link between the user computing device and the transaction server for exchange of the encrypted linked data and the secret key is created by:
receiving, by the user computing device, a public key from the transaction server;
encrypting, by the computing device, a session key associated with the authentication session using the public key of the transaction server, wherein the

transaction server decrypts the session key using a private key of the transaction server;
encrypting, by the computing device, each of the secret key and the first secure protocol data packet to be transmitted from the user computing device to the transaction server using the session key; and
transmitting, by the computing device, each of the encrypted secret key and the encrypted first secure protocol data packet to the transaction server, wherein transaction server decrypts the secret key and the first secure protocol data packet using the decrypted session key.
12. A method for secure communication, the method comprising:
receiving, by a transaction server, a first secure protocol data packet comprising encrypted linked data and a secret key from a user computing device, wherein the first secure protocol data packet is received during an authenticated session to communicate with a user computing device using a secure protocol, wherein the communication comprises exchange of messages using one or more secure protocol data packets for execution of one or more transactions;
decrypting, by the transaction server, the encrypted linked data in the first secure protocol data packet using the received secret key, wherein the secret key is dependent on encrypted linked data and user credentials, and wherein the secret key is generated using a one-way hash function;
retrieving, by the transaction server, a second secure protocol data packet, associated with the first secure protocol data packet received from the user computing device, from a distributed ledger network, wherein the second secure protocol data packet associated with the first secure protocol data packet received from the user computing device is identified based on field names comprising Message identifier and Message version number in the first secure protocol data packet, wherein the second secure protocol data packet corresponds to a secure protocol data packet that comprises the encrypted linked data transmitted by the user computing device to the distributed ledger network, wherein in the second secure protocol data packet a Blockchain Flag is set, which is indicative that blockchain based authentication and authorization is used, wherein in the second secure protocol data packet an Authorization Flag is set, which is indicative that message in the second secure protocol data packet has been authorized by an authenticated

user, and wherein in the second secure protocol data packet an Authentication Flag is set, which is indicative that authentication was used to protect authenticity of message in the second secure protocol data packet;
decrypting, by the transaction server, the encrypted linked data in the second secure protocol data packet using the received secret key using one or more decryption techniques;
identifying, by the transaction server, one or more changes between the decrypted linked data of the first secure protocol data packet, which is received from the user computing device, and the decrypted linked data of the second secure protocol data packet, wherein if one or more changes are identified then the first secure protocol data packet received from the user computing device is considered as tampered, wherein the identified one or more changes are performed by an unauthenticated user within the authenticated session;
providing, by the transaction server, a notification to a user indicative of data tamper when one or more changes are identified and prevent execution of one or more actions requested by the user, wherein the identified one or more changes are reported to the user, thereby preventing fraudulent execution of one or more transactions; and
executing, by the transaction server, one or more actions authorized by an authenticated user if no changes are identified in the first secure protocol data packet received from the user computing device and the second secure protocol data packet.

Documents

Application Documents

# Name Date
1 202041013078-STATEMENT OF UNDERTAKING (FORM 3) [25-03-2020(online)].pdf 2020-03-25
2 202041013078-Request Letter-Correspondence [25-03-2020(online)].pdf 2020-03-25
3 202041013078-REQUEST FOR EXAMINATION (FORM-18) [25-03-2020(online)].pdf 2020-03-25
4 202041013078-POWER OF AUTHORITY [25-03-2020(online)].pdf 2020-03-25
5 202041013078-Power of Attorney [25-03-2020(online)].pdf 2020-03-25
6 202041013078-FORM 18 [25-03-2020(online)].pdf 2020-03-25
7 202041013078-FORM 1 [25-03-2020(online)].pdf 2020-03-25
8 202041013078-Form 1 (Submitted on date of filing) [25-03-2020(online)].pdf 2020-03-25
9 202041013078-DRAWINGS [25-03-2020(online)].pdf 2020-03-25
10 202041013078-DECLARATION OF INVENTORSHIP (FORM 5) [25-03-2020(online)].pdf 2020-03-25
11 202041013078-COMPLETE SPECIFICATION [25-03-2020(online)].pdf 2020-03-25
12 202041013078-FER.pdf 2022-10-04
13 202041013078-POA [11-03-2023(online)].pdf 2023-03-11
14 202041013078-PETITION UNDER RULE 137 [11-03-2023(online)].pdf 2023-03-11
15 202041013078-OTHERS [11-03-2023(online)].pdf 2023-03-11
16 202041013078-Information under section 8(2) [11-03-2023(online)].pdf 2023-03-11
17 202041013078-FORM 3 [11-03-2023(online)].pdf 2023-03-11
18 202041013078-FORM 13 [11-03-2023(online)].pdf 2023-03-11
19 202041013078-FER_SER_REPLY [11-03-2023(online)].pdf 2023-03-11
20 202041013078-DRAWING [11-03-2023(online)].pdf 2023-03-11
21 202041013078-COMPLETE SPECIFICATION [11-03-2023(online)].pdf 2023-03-11
22 202041013078-CLAIMS [11-03-2023(online)].pdf 2023-03-11
23 202041013078-AMENDED DOCUMENTS [11-03-2023(online)].pdf 2023-03-11
24 202041013078-ABSTRACT [11-03-2023(online)].pdf 2023-03-11
25 202041013078-US(14)-HearingNotice-(HearingDate-29-04-2024).pdf 2024-03-12
26 202041013078-Correspondence to notify the Controller [19-03-2024(online)].pdf 2024-03-19
27 202041013078-Written submissions and relevant documents [14-05-2024(online)].pdf 2024-05-14
28 202041013078-US(14)-HearingNotice-(HearingDate-02-09-2024).pdf 2024-08-16
29 202041013078-Correspondence to notify the Controller [23-08-2024(online)].pdf 2024-08-23
30 202041013078-Written submissions and relevant documents [17-09-2024(online)].pdf 2024-09-17
31 202041013078-PatentCertificate27-09-2024.pdf 2024-09-27
32 202041013078-IntimationOfGrant27-09-2024.pdf 2024-09-27

Search Strategy

1 SearchHistory(3)E_21-09-2022.pdf

ERegister / Renewals

3rd: 18 Dec 2024

From 25/03/2022 - To 25/03/2023

4th: 18 Dec 2024

From 25/03/2023 - To 25/03/2024

5th: 18 Dec 2024

From 25/03/2024 - To 25/03/2025

6th: 25 Mar 2025

From 25/03/2025 - To 25/03/2026