Verification of server authorization to provide network resources

Abstract

Systems and methods for verifying the authorization of a server to provide network resources to a client. At selected times, the client asserts an authorization interrupt, which will disable some or all non-essential functions of the client unless the server's authorization is verified within an allotted period of time. The client creates a client message by generating a random number and combining it with a client identifier and a value that specifies the current time. The client message is encrypted and sent to the server. Only authorized servers can decrypt the client message and create an encrypted service message that includes the random number. The service message can also contain an authorization code specifying the services that the client may receive, and an expiration count indicating when the authorization procedure will be repeated. The client receives and decrypts the service message. If the random number in the service message is found to be the same as the random number in the client message, the server is authorized, and the client is enabled to exhibit a selected level of functionality. The client can be associated with a smart card or another intelligent peripheral that verifies the authorization of the server in behalf of the client.