Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Central trusted authority provides computer authentication
Reexamination Certificate
2008-05-13
2008-05-13
Jung, David (Department: 2134)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Central trusted authority provides computer authentication
C713S150000, C713S153000
Reexamination Certificate
active
10756633
ABSTRACT:
A method is disclosed for avoiding the storage of client state on a server. Based on a local key that is not known to a client, a server encrypts the client's state information. The client's state information may include, for example, the client's authentication credentials, the client's authorization characteristics, and a shared secret key that the server can use to encrypt and authenticate communication to and from the client. By any of a variety of mechanisms, the encrypted client state information is provided to the client. The server may free memory that stored the client's state information. When the server needs the client's state information, the client sends, to the server, the encrypted state information that the client stored. The server decrypts the client state information using the local key. Because each client stores that client's own state information in encrypted form, the server does not need to store any client's state information permanently.
REFERENCES:
patent: 5268962 (1993-12-01), Abadi et al.
patent: 5961601 (1999-10-01), Iyengar
patent: 6134592 (2000-10-01), Montulli
patent: 6253326 (2001-06-01), Lincke et al.
patent: 6496932 (2002-12-01), Trieger
patent: 2005/0154873 (2005-07-01), Cam-Winger et al.
Proxy-based recovery for applications on wireless hand-held devices; Bin Yao; Fuchs, W.K.; Reliable Distributed Systems, 2000. SRDS-2000, Proceedings The 19th IEEE Symposium on Oct. 16-18, 2000 pp. 2-10.
Coding on demand by an informed source (ISCOD) for efficient broadcast of different supplemental data to caching clients Birk, Y.; Kol, T.; Information Theory, IEEE Transactions on vol. 52, Issue 6, Jun. 2006 pp. 2825-2830.
Web&: an architecture for non-interactive Web; Phatak, S.H.; Esakki, V.; Badrinath, B.R.; Iftode, L.; Internet Applications, 2001. WIAPP 2001. Proceedings. The Second IEEE Workshop on Jul. 23-24, 2001 pp. 104-112.
Could LDAP be the next killer DAP? Severance, C.; Computer vol. 30, Issue 8, Aug. 1997, pp. 88-89.
Enabling Large-Scale Peer-to-Peer Stored Video Streaming Service Okuda, M.; Znati, T.; Simulation Symposium, 2007. ANSS '07. 40th Annual Mar. 2007 pp. 21-32.
Effiecient Distributed System for Object Invocation on Cluster Nodes Naing, T.T.; Renu; Aung, S.S.; Ni Lar Thein; Information and Telecommunication Technologies, 2005. APSITT 2005 Proceedings. 6th Asia-Pacific Symposium on Nov. 9-10, 2005 pp. 340-344.
International Searching Authority, “Notification of Transmittal of the International Search Report and the Written Opinion of the International Searching Authority, or the Declaration,” PCT/US05/00812 (50325-1010), dated Jun. 14, 2006, 6 pages.
Claims, PCT/US05/00812 (50325-1010), 10 pages.
T. Bemers-Lee, et al., “Hypertext Markup Language—2.0,” Nov. 1995, Network Working Group, Request for Comments: 1866, http://www.ietf.org/rfc/rfc1866.txt?number=1866, printed Jul. 10, 2003, pp. 1-72.
R. Fielding, et al., “Hypertext Transfer Protocol—HTTP/1.1,” Jan. 1997, Network Working Group, Request for Comments: 2068, http://www.ietf.org/rfc/rfc2068.txt?number=2068, printed Jul. 10, 2003, pp. 1-152
J. Jonsson, et al., “Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1,” Feb. 2003, Network Working Group, Request for Comments: 3347, http://www.ietf.org/rfc/rfc3447.txt?number=3447, printed Jul. 10, 2003, pp. 1-68.
B. Kaliski, et al., “PKCS #1: RSA Cryptography Specificatins Version 2.0,” Oct. 1998, Network Working Group, Request for Comments: 2437, http://www.ietf.org/rfc/rfc2437.txt?number=2437, printed Jul. 10, 2003, pp. 1-37.
B. Kaliski, “PKCS #1, RSA Encryption Version 1.5,” Mar. 1998, Network Working Group, Request for Comments: 2313, http://www.ietf.org/rfc/rfc2313.txt?number=2313, printed Jul. 10, 2003, pp. 1-18.
Thomas Wason, et al., “Liberty ID-FF Architecture Overview, Version 1.2,” Liberty Alliance Project, www.project-liberty.org/, pp. 1-44.
J. Salowey et al., “Transport Layer Security (TLS) Session Resumption without Server-Side State,” IETF Request for Comments (RFC) 4507, May 2006, 16 pages.
N. Cam-Winget et al., “A TLS Hello Extension for Ticket Based Pre-Shared Keys,” IETF Internet-Draft “draft-salowey-tls-ticket-00.txt,” May 2004, 8 pages.
A. Pfitzmann et al., “Anonymity, Unlinkability, Unobservability, Pseudonymity, and Identity Management—A Consolidated Proposal for Terminology,” Dresden University, Dec. 13, 2005, 48 pages.
H. Shacham et al., “Client Side Caching for TLS,” Proceedings of the Internet Society's 2002 Symposium on Network and Distributed System Security, 2002, 26 pages.
H. Krawczyk et al., “HMAC: Keyed-Hashing for Message Authentication,” IETF RFC 2104, Feb. 1997, 11 pages.
A. Medvinsky et al., “Addition of Kerberos Cipher Suites to Transport Layer Security (TLS),” IETF RFC 2712, Oct. 1999, 7 pages.
D. Eastlake, III et al., “Randomness Requirements for Security,” IETF RFC 4086, Jun. 2005, 45 pages.
C. Neuman et al., “The Kerberos Network Authentication Service (V5),” IETF RFC 4120, Jul. 2005, 129 pages.
P. Eronen et al., “Pre-Shared Key Ciphersuites for Transport Layer Security (TLS),” IETF RFC 4279, Dec. 2005, 15 pages.
T. Aura et al., “Stateless connections,” Helsinki Univ. Technology, 1997, 11 pg.
S. Blake-Wilson et al., “Transport Layer Security (TLS) Extensions,” IETF RFC 2246, Jun. 2003, 24 pages.
N. Cam-Winget et al., “EAP Flexible Authentication via Secure Tunneling (EAP-FAST),” IETF Internet-draft “draft-cam-winget-eap-fast-00.txt,” Feb. 9, 2004, 100 pg.
P. Gutmann, “Use of Shared Keys in the TLS Protocol,” IETF Internet-draft “draft-ietf-tls-sharedkeys-01/02.txt,” Apr. 2004, 7 pages.
P. Eronen et al., “Pre-Shared Key Ciphersuites for Transport Layer Security (TLS),” IETF internet-draft “draft-eronen-tls-psk-00.txt,” Feb. 6, 2004, 9 pages.
T. Dierks et al., “The Transport Layer Security (TLS) Protocol Version 1.1,” IETF RFC 4346, Apr. 2006, 71 pages.
S. Blake-Wilson et al., “Transport Layer Security (TLS) Extensions,” IETF RFC 4366, Apr. 2006, 25 pages.
Anonymous, “Specification for the Advanced Encryption Standard (AES),” US Government FIPS Publication 197, Nov. 26, 2001, 51 pages.
Anonymous, “Secure Hash Standard,” US Government FIPS Publication 180-2, Aug. 1, 2002, 75 pages.
S. Blake-Wilson et al., “Transport Layer Security (TLS) Extensions,” IETF RFC 3546, Jun. 2003, 24 pages.
M. Dworkin, “Recommendation for Block Cipher Modes of Operation,” US Government NIST Special Publication 800-38A, 2001, 66 pages.
International Searching Authority,“Notification of Transmittal of the International Search Report and the Written Opinion of the International Searching Authority, or the Declaration,” PCT/US06/11479, dated May 1, 2007, 8 pages.
Baker, F. et al. 'RSVP Cryptographic Authentication, Network Working Group, RFC 2747, Jan. 2000, 20 pages.
Braden, R. et al., Resource ReSerVation Protocol (RSVP), Network Working Group, RFC 2205, Sep. 1997, 105 pages.
Herzog, S. et al., 'RSVP Extension for Policy Control, Network Working Group, RFC 2750, Jan. 2000, 13 pages.
Cisco Technology Inc.
Hickman Palermo & Truong & Becker LLP
Jung David
LandOfFree
Avoiding server storage of client state does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Avoiding server storage of client state, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Avoiding server storage of client state will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3959068