Systems and methods for verifying the authorization of a server to provide
network resources to a client. At selected times, the client asserts an authorization
interrupt, which will disable some or all non-essential functions of the client
unless the server's authorization is verified within an allotted period of time.
The client creates a client message by generating a random number and combining
it with a client identifier and a value that specifies the current time. The client
message is encrypted and sent to the server. Only authorized servers can decrypt
the client message and create an encrypted service message that includes the random
number. The service message can also contain an authorization code specifying the
services that the client may receive, and an expiration count indicating when the
authorization procedure will be repeated. The client receives and decrypts the
service message. If the random number in the service message is found to be the
same as the random number in the client message, the server is authorized, and
the client is enabled to exhibit a selected level of functionality. The client
can be associated with a smart card or another intelligent peripheral that verifies
the authorization of the server in behalf of the client.
