Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Central trusted authority provides computer authentication
Reexamination Certificate
2004-04-01
2009-10-20
Zand, Kambiz (Department: 2134)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Central trusted authority provides computer authentication
C713S168000, C713S170000, C726S002000, C726S004000, C726S008000, C726S012000, C726S021000, C726S027000
Reexamination Certificate
active
07607008
ABSTRACT:
A user is authenticated for a relying computing entity (e.g., an enterprise) through an authentication broker service, wherein a trust relationship exists between the relying computing entity and the authentication broker service. The authentication broker service has a trust relationship with the relying computing entity and the authentication service that issued the identity of the user. The relying computing entity asks the authentication broker service to authenticate the identity of the user. The authentication broker service captures the user's credential (or directs the authentication service to do so) and sends an authentication response (e.g., a token) to the relying computing entity in order to authenticate the identity of the user to the relying computing entity. The relying computing entity verifies the authentication response based on the trust relationship between the relying computing entity and the authentication broker service.
REFERENCES:
patent: 5684950 (1997-11-01), Dare et al.
patent: 5768503 (1998-06-01), Olkin et al.
patent: 5815665 (1998-09-01), Teper et al.
patent: 5991802 (1999-11-01), Allard et al.
patent: 6067623 (2000-05-01), Blakley, III et al.
patent: 6141758 (2000-10-01), Benantar et al.
patent: 6178511 (2001-01-01), Cohen et al.
patent: 6195682 (2001-02-01), Ho et al.
patent: 6219651 (2001-04-01), Bublitz et al.
patent: 6240512 (2001-05-01), Fang et al.
patent: 6243816 (2001-06-01), Fang et al.
patent: 6275944 (2001-08-01), Kao et al.
patent: 6339827 (2002-01-01), Stokes et al.
patent: 6351819 (2002-02-01), Berglund et al.
patent: 6370561 (2002-04-01), Allard et al.
patent: 6374283 (2002-04-01), Chessell et al.
patent: 6453362 (2002-09-01), Bittinger et al.
patent: 6687831 (2004-02-01), Albaugh et al.
patent: 6954778 (2005-10-01), Harjanto
patent: 2002/0144108 (2002-10-01), Benantar
patent: 2002/0144119 (2002-10-01), Benantar
patent: 2002/0184507 (2002-12-01), Makower et al.
patent: 2002/0194508 (2002-12-01), Sanchez et al.
patent: 2003/0177388 (2003-09-01), Botz et al.
patent: 2003/0221126 (2003-11-01), Berman et al.
patent: 2003/0233543 (2003-12-01), Nagaratnam
patent: 2003/0236975 (2003-12-01), Birk
patent: 2004/0002878 (2004-01-01), Hinton
patent: 2004/0030764 (2004-02-01), Birk et al.
patent: 2004/0128506 (2004-07-01), Blakley et al.
patent: 2004/0128541 (2004-07-01), Blakley et al.
patent: 2004/0230831 (2004-11-01), Spelman et al.
patent: 2005/0015593 (2005-01-01), Cheng et al.
patent: 2005/0114701 (2005-05-01), Atkins et al.
patent: 2005/0223217 (2005-10-01), Howard et al.
patent: 2005/0277420 (2005-12-01), Shin et al.
patent: 2006/0021019 (2006-01-01), Hinton et al.
patent: 2006/0080352 (2006-04-01), Boubez et al.
patent: 2006/0080730 (2006-04-01), Cahill
patent: 2006/0112422 (2006-05-01), Tevosyan et al.
patent: 2006/0123234 (2006-06-01), Schmidt et al.
patent: 2007/0184819 (2007-08-01), Barriga-Caceres et al.
Gifford, D. et al., “Payment Switches for Open Networks”, Jul. 1995, Proceedings on fthe First USENIX Workshop on Electronic Commerce, pp. 1-9.
Bajaj et al.,WS-Federation: Passive Requestor Profile[online], Version 1.0, Jul. 8, 2003, [Retrieved Mar. 4, 2007], Retrieved from: http://msdn2.microsoft.com/en-us/library/ms951223(d=printer).aspx. [34 pages].
Berners-Lee, T., Fielding, R., Masinter, L.,Uniform Resource Identifiers(URI):Generic Syntax, RFC 2396, Aug. 1998. [40 pages].
Berners-Lee, T., Fielding, R., Masinter, L.,Uniform Resource Identifiers(URI):Generic Syntax, RFC 3986, Jan. 2005. [55 pages].
Gaedke, M., Meinecke, J., Nussbaumer, M.,A Modeling Approach to Federated Identity and Access Management, ACM 1-59593-051-5/05/0005, May 10-14, 2005. [2 pages].
Gomi, H., Hatakeyama, M., Hosono, S., Fujita, S.,A Delegation Framework for Federated Identity Management, ACM 1-59593-232-1/05/0011, Nov. 11, 2005. [10 pages].
Del Vecchio, D., Basney, J., Nagaratnam, N.,CredEx: User-Centric Credential Management for Grid and Web Services, 2005 IEEE International Conference on Web Services (ICWS 2005), Jul. 12-15, 2005. [8 pages].
Della et al.,Web Services Trust Language(WS-Trust), Version 1.0, Dec. 18, 2002. [30 pages].
Fielding et al.,Hypertext Transfer Protocol—HTTP/1.1, RFC 2068, Jan. 1997. [162 pages].
Fielding et al.,Hypertext Transfer Protocol—HTTP/1.1, RFC 2616, Jun. 1999. [219 pages].
IBM,Web Services Trust Language[online], [Retrieved Jan. 31, 2008], Retrieved from: http://www.ibm.com/developerworks/library/specification/ws-trust/. [2 pages].
Kohl, J., Neuman, C.,The Kerberos Network Authentication Service(V5), RFC 1510, Sep. 1993. [52 pages].
Lampson et al.,Authentication in Distributed Systems: Theory and Practice, Digital Equipment Corporation, ACM Trans. Computer Systems 10, 4, pp. 265-310, Nov. 1992. [46 pages].
Lampson, B., Rivest, R.,SDSI—A Simple Distributed Security Infrastructure, Sep. 15, 1996. [47 pages].
Leach et al.,A Conceptual Authorization Model for Web Services, Computer Systems: Theory, Technology, and Applications, pp. 137-146, Feb. 2003. [8 pages].
NetBSD Programmer's Manual,Name-Service Switch[online], [Retrieved Apr. 11, 2007], Retrieved from: http:/
etbsd.gw.com/cgi-bin?nsswitch.conf++NetBSD-1.4.3. [3 pages].
Oasis,SAML[online], [Retrieved Jan. 31, 2008], Retrieved from: http://www.oasis-open.org/committees/tc—home.php?wg—abbrev=security. [8 pages].
Paschoud, J., McLeish S.,Managing Access to Decomate Resources, Decomate2 Conference, Jun. 2000. [9 pages].
Secure Computing,SafeWord PremierAccess[online], [Retrieved Oct. 19, 2007], Retrieved from: http://www.ibm.com/developerworks/library/specification/ws-trust/. [14 pages].
Sun Microsystems,Name-Service Switch[online], [Retrieved Jan. 31, 2008], Retrieved from: http://compute.cnr.berkeley.edu/cgi-bin/man-cgi?nsswitch.conf. [9 pages].
www.oasis-open.org/committees/tc—home.php?wg—abbrev=security; May 7, 2003; 4 pages.
www.projectliberty.org/specs/main.html; May 7, 2003; 3 pages.
eTrust Single Sign-On, Mangeing User Access in an eBusiness Environment; Computer Associates; 2000; 11 pages; Islandia, NY.
Using-Tivoli SecureWay to Mange e-Business Security; www.cio.com/sponsors/060100—tivoli.html; May 6, 2003; 9 pages.
De Clercq, Jan; Single Sign-On Architectures; www.esat.kuleuven.ac.be/cosic/seminars/slides/sso.pdf; 2000; 30 pages.
Groβ, Thomas, “Security Analysis of the SAML Single Sign-on Browser/Artifact Profile,” Computer Security Applications Conference, 2003; Dec. 8-12, 2003; pp. 298-307.
Liberty Alliance Project, “Liberty ID-FF Protocols and Schema Specification, Version: 1.2-errata-v3.0,” 2004, http://www.projectliberty.org/specs/draft-liberty-idff-protocols-schema-1.2-errata-v3.0.pdf.
Microsoft Corporation, “Domain Controllers,” 2000 http://www.microsoft.com/windows2000/en/advanced/help/sag—ADintro—26.htm?id=289.
IBM, Microsoft Corporation, “Passive Requestor Federation Interop Scenario Version 0.4,” February 2004, ftp://www6.software.ibm.com/software/developer/library/ws-fpscenario2.doc.
Dierks, T.; Allen, C. “The TLS Protocol Version 1.0,” RFC 2246, Jan. 1999, http://www.ietf.org/rfc/rfc2246.txt.
Kristol, D.; Montulli, L. “HTTP State Management Mechanism,” RFC 2965, Oct. 2000, http://www.ietf.org/rfc/rfc2965.txt.
Jonsson, J; Kaliski, B. “Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1,” RFC 3447, Feb. 2003, http://www.ietf.org/rfc/rfc3447.txt.
Blake-Wilson, S.; Nystrom, M.; Hopwood, D.; Mikkelsen, J.; Wright, T. “Transport Layer Security (TLS) Extensions,” Jun. 2003, http://www.ietf.org/rfc/rfc3546.txt.
National Institute of Standards and Technology, “Secure Hash Standard,” FIPS 180-1, May 1994, http://www.itl.nist.gov/fipspubs/fip180-1.htm.
Freier, A.; Karlton, P.; Kocher, P. “The SSL 3.0 Protocol,” Netscape Communications Corp., Nov. 1996, pp. 1-63.
Ahmed Khaja E.
Howard John Hal
Schiappa Daniel Salvatore
Young Kyle S.
Merchant & Gould P.C.
Microsoft Corporation
Tran Tongoc
Zand Kambiz
LandOfFree
Authentication broker service does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Authentication broker service, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Authentication broker service will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4073526