Patent · US Expired

Secure cache of web session information using web browser cookies

US7197568B2 · kind B2 · utility

55Cited by

4References

10Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Donald A. Bourne · Toronto, CA
Victor Chan · Thornhill, CA
Darshanand Khusial · Mississauga, CA
Mark H. Linehan · Yorktown Heights, US
Lev Mirlas · Thornhill, CA

Key dates

Filing date	Dec 17, 2002
Grant date	Mar 27, 2007
Priority date	—
Expiry date	Apr 14, 2025

Classification

Technology area (CPC H)Electricity
CPC primaryH04L2463/102
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A secure method and system for accessing a cache for web session is provided using web browser cookies. The cache for the web session data uses an encoded identifier, determined using for example the Keyed-Hash Message Authentication Code, based on information identifying a client. The client communication is accompanied by a cookie (persistent state object) that also includes the identifier encoded in the same manner. This encoded identifier in the received cookie is used for accessing the cached data. Where a secure communication channel is available, such as a secure socket layer (SSL connection), a second cookie which is only transmitted over SSL is used as a signature for the first cookie.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.