Securely processing client credentials used for Web-based access to resources
US7360096B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jun 12, 2003 |
| Grant date | Apr 15, 2008 |
| Priority date | — |
| Expiry date | Sep 26, 2025 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2209/80
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
The present invention provides for securely processing client credentials used for Web-based access to resources. A login page with an interface for entering user credentials is presented at a client and entered user credentials are sent to the server. In response to receiving user credentials, the server generates a unique session identifier for the client. The server also derives a digital signature for the user credentials based on a current key in a rotating key store and the unique session identifier. The server then encrypts the digital signature and the user credentials based on an encryption key derived from the current key and the unique session identifier. When encrypted credentials are received back at the client, keys from the rotating key store are used to attempt to validate the credentials. If user credentials can not be validated, a user is again presented with the login page.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.