Using cached security tokens in an online service
US8850550B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Nov 23, 2010 |
| Grant date | Sep 30, 2014 |
| Priority date | — |
| Expiry date | Nov 30, 2030 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/168
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A security token service generates a security token for a user that is associated with a client and stores the full security token within a memory. The security token includes an identity claim that represents the identity of the generated security token. Instead of passing the entire security token back to the client, the identity claim is returned to the client. For each request the client makes to the service, the client passes the identity claim in the request instead of the full security token having all of the claims. The identity claim is much smaller then the full security token. When a computing device receives the identity claim within the request from the user, the identity claim is used to access the full security token that is stored in memory.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.