Session key security protocol
US7971240B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Apr 20, 2009 |
| Grant date | Jun 28, 2011 |
| Priority date | — |
| Expiry date | Apr 22, 2029 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2209/60
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Exchanging information in a multi-site authentication system. A network server receives, from an authentication server, a request by a client computing device for a service provided by the network server along with an authentication ticket. The authentication ticket includes: a session key encrypted by a public key associated with the network server, message content encrypted by the session key, and a signature for the encrypted session key and the encrypted message content. The signature includes address information of the network server. The network server identifies its own address information in the signature to validate the signature included in the authentication ticket and verifies the authentication ticket content based on the signature included in the authentication ticket. The network server decrypts the encrypted session key via a private key associated with the second network server and decrypts the encrypted message content via the decrypted session key.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.