Patent · US Active

Establishment of security context

US7533265B2 · kind B2 · utility

29Cited by

5References

36Claims

0Family size

Assignee

Microsoft Corporation · US

Inventors

Keith W. Ballinger · North Bend, US
HongMei Ge · Issaquah, US
Hervey O. Wilson · Bellevue, US
Vick B. Mukherjee · Redmond, US

Key dates

Filing date	Jul 14, 2004
Grant date	May 12, 2009
Priority date	—
Expiry date	Oct 18, 2026

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/20
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

The present invention provides for maintaining security context during a communication session between applications, without having to have executable code in either application for obtaining or generating a security context token (SCT) used to secure the communication. On a service side, a configuration file is provided that can be configured to indicate that automatic issuance of a SCT is enabled, thereby allowing a Web service engine to generate the SCT upon request. On the client side, when a message is sent from the client application to the service application, a policy engine accesses a policy that includes assertions indicating that a SCT is required for messages destined for the Web service application. As such, the policy engine requests and receives the SCT, which it uses to secure the message.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.