Avoiding server storage of client state

Data processing: database and file management or data structures – Database design – Data structure types

Reexamination Certificate

Rate now

[ 0.00 ] – not rated yet Voters 0 Comments 0

Details Avoiding server storage of client state Avoiding server storage of client state

: 2007-03-21
: 2009-02-17
: Jung, David Y (Department: 2134)
: Data processing: database and file management or data structures
: Database design
: Data structure types

: C707S793000, C707S793000
: Reexamination Certificate
: active
: 07493331
: ABSTRACT:
A method is disclosed for avoiding the storage of client state on a server. Based on a local key that is not known to a client, a server encrypts the client's state information. The client's state information may include, for example, the client's authentication credentials, the client's authorization characteristics, and a shared secret key that the server can use to encrypt and authenticate communication to and from the client. By any of a variety of mechanisms, the encrypted client state information is provided to the client. The server may free memory that stored the client's state information. When the server needs the client's state information, the client sends, to the server, the encrypted state information that the client stored. The server decrypts the client state information using the local key. Because each client stores that client's own state information in encrypted form, the server does not need to store any client's state information permanently.

REFERENCES:
patent: 5268962 (1993-12-01), Abadi et al.
patent: 5961601 (1999-10-01), Iyehgar
patent: 6134592 (2000-10-01), Montulli
patent: 6253326 (2001-06-01), Lincke et al.
patent: 6496932 (2002-12-01), Trieger
patent: 2005/0154873 (2005-07-01), Cam-Winger et al.
Performance enhancement using intra-server caching in a continuous media server; Srinilta, C.; Choudhary, A.; Research Issues In Data Engineering, 1998. Continuous-Media Databases and Applications. Proceedings. Eighth International Workshop on Feb. 23-24, 1998 pp. 60-66.
Write caching in distributed file systems Kerhong Chen; Bunt, R.B.; Eager, D.L.; Distributed Computing Systems, 1995., Proceedings of the 15th International Conference on May 30-Jun. 2, 1995 pp. 457-466.
Remote memory as a resource in distributed systems Narten, T.; Yavagkar, R.; Workstation Operating Systems, 1992. Proceedings., Third Workshop on Apr. 23-24, 1992 pp. 132-136.
J. Salowey et al., “Transport Layer Security (TLS) Session Resumption without Server-Side State,” IETF Request for Comments (RFC) 4507, May 2006, 16 pages.
N. Cam-Winget et al., “A TLS Hello Extension for Ticket Based Pre-Shared Keys,” IETF Internet-Draft “draft-salowey-tls-ticket-00.txt,” May 2004, 8 pages.
A. Pfitzmann et al., “Anonymity, Unlinkability, Unobservability, Pseudonymity, and Identity Management—A Consolidated Proposal for Terminology,” Dresden University, Dec. 13, 2005, 48 pages.
H. Shacham et al., “Client Side Caching for TLS,” Proceedings of the Internet Society's 2002 Symposium on Network and Distributed System Security, 2002, 26 pages.
H. Krawczyk et al., “HMAC: Keyed-Hashing for Message Authentication,” IETF RFC 2104, Feb. 1997, 11 pages.
A. Medvinsky et al., “Addition of Kerberos Cipher Suites to Transport Layer Security (TLS),” IETF RFC 2712, Oct. 1999, 7 pages.
D. Eastlake III et al., “Randomness Requirements for Security,” IETF RFC 4086, Jun. 2005, 45 pages.
C. Neuman et al., “The Kerberos Network Authentication Service (V5),” IETF RFC 4120, Jul. 2005, 129 pages.
P. Eronen et al., “Pre-Shared Key Ciphersuites for Transport Layer Security (TLS),” IETF RFC 4279, Dec. 2005, 15 pages.
T. Aura et al., “Stateless connections,” Helsinki Univ. Technology, 1997, 11 pg.
S. Blake-Wilson et al., “Transport Layer Security (TLS) Extensions,” IETF RFC 2246, Jun. 2003, 24 pages.
N. Cam-Winget et al., “EAP Flexible Authentication via Secure Tunneling (EAP-FAST),” IETF Internet-draft “draft-cam-winget-eap-fast-00.txt,” Feb. 9, 2004, 100 pg.
P. Gutmann, “Use of Shared Keys in the TLS Protocol,” IETF Internet-draft “draft-ietf-tls-sharedkeys-01/02.txt,” Apr. 2004, 7 pages.
P. Eronen et al., “Pre-Shared Key Ciphersuites for Transport Layer Security (TLS),” IETF internet-draft “draft-eronen-tls-psk-00.txt,” Feb. 6, 2004, 9 pages.
T. Dierks et al., “The Transport Layer Security (TLS) Protocol Version 1.1,” IETF RFC 4346, Apr. 2006, 71 pages.
S. Blake-Wilson et al., “Transport Layer Security (TLS) Extensions,” IETF RFC 4366, Apr. 2006, 25 pages.
Anonymous,“Specification for the Advanced Encryption Standard (AES),” US Government FIPS Publication 197, Nov. 26, 2001, 51 pages.
Anonymous, “Secure Hash Standard,” US Government FIPS Publication 180-2, Aug. 1, 2002, 75 pages.
S. Blake-Wilson et al., “Transport Layer Security (TLS) Extensions,” IETF RFC 3546, Jun. 2003, 24 pages.
M. Dworkin, “Recommendation for Block Cipher Modes of Operation,” US Government NIST Special Publication 800-38A, 2001, 66 pages.
International Searching Authority, “Notification of Transmittal of the International Search Report and the Written Opinion of the International Searching Authority, or the Declaration,” PCT/US06/11479, dated May 1, 2007, 8 pages.
Baker, F. et al. RSVP Cryptographic Authentication, Network Working Group, RFC 2747, Jan. 2000, 20 pages.
Braden, R. et al., “Resource ReSerVation Protocol (RSVP),” Network Working Group, RFC 2205, Sep. 1997, 105 pages.
Herzog, S. et al., RSVP Extension for Policy Control, Network Working Group, RFC 2750, Jan. 2000, 13 pages.
Salowey,J., et al., “Transport Layer Security (TLS) Session Resumption without Server-Side State,” IETF Request for Comments (RFC) 4507, May 2006, 16 pages.
Cam-Winget, N., et al., “A TLS Hello Extension for Ticket Based Pre-Shared Keys,” IETF Internet-Draft “draft-salowey-tls-ticket-00.txt,” May 2004, 8 pages.
Pfitzmann, A., et al., “Anonymity, Unlinkability, Unobservability, Pseudonymity, and Identity Management—A Consolidated Proposal for Terminology,” Dresden University, Dec. 13, 2005, 48 pages.
Shacham, H., et al., “Client Side Caching for TLS,” Proceedings of the Internet Society's 2002 Symposium on Network and Distributed System Security, 2002, 26 pages.
Krawczyk, H., et al., “HMAC: Keyed-Hashing for Message Authentication,” IETF RFC 2104, Feb. 1997, 11 pages.
Medvinsky, A., et al., “Addition of Kerberos Cipher Suites to Transport Layer Security (TLS),” IETF RFC 2712, Oct. 1999, 7 pages.
Eastlake III, D., et al., “Randomness Requirements for Security,” IETF RFC 4086, Jun. 2005, 45 pages.
Neuman, C., et al., “The Kerberos Network Authentication Service (V5),” IETF RFC 4120, Jul. 2005, 129 pages.
Eronen, P., et al., “Pre-Shared Key Ciphersuites for Transport Layer Security (TLS),” IETF RFC 4279, Dec. 2005, 15 pages.
Aura, T., et al., “Stateless connections,”Helsinki Univ. Technology, 1997, 11 pg.
Blake-Wilson, S., et al., “Transport Layer Security (TLS) Extensions,” IETF RFC 2246, Jun. 2003, 24 pages.
Cam-Winget, N., et al., “EAP Flexible Authentication via Secure Tunneling (EAP-FAST),” IETF Internet-draft “draft-cam-winget-eap-fast-00.txt,” Feb. 9, 2004, 100 pg.
Gutmann, P., “Use of Shared Keys in the TLS Protocol,” IETF Internet-draft “draft-ietf-tls-sharedkeys-01/02.txt,” Apr. 2004, 7 pages.
Eronen, P., et al., “Pre-Shared Key Ciphersuites for Transport Layer Security (TLS),” IETF internet-draft “draft-eronen-tls-psk-00.txt,” Feb. 6, 2004, 9 pages.
Dierks, T., et al., “The Transport Layer Security (TLS) Protocol Version 1.1,” IETF RFC 4346, Apr. 2006, 71 pages.
Blake-Wilson, S., et al., “Transport Layer Security (TLS) Extensions,” IETF RFC 4366, Apr. 2006, 25 pages.
Anonymous, “Specification for the Advanced Encryption Standard (AES),” US Government FIPS Publication 197, Nov. 26, 2001, 51 pages.
Anonymous, “Secure Hash Standard,” US Government FIPS Publication 180-2, Aug. 1, 2002, 75 pages.
Blake-Wilson, S., et al., “Transport Layer Security (TLS) Extensions,” IETF RFC 3546, Jun

Affiliated with

McGrew David A.

Inventor

[ 0.00 ] – not rated yet Voters 0 Comments 0

Also associated with

Cisco Technology Inc.

Corporate Assignee

[ 0.00 ] – not rated yet Voters 0 Comments 0

Hickman Palermo & Truong & Becker LLP

Law Firm

[ 0.00 ] – not rated yet Voters 0 Comments 0

Jung David Y

Examiner

[ 0.00 ] – not rated yet Voters 0 Comments 0

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Avoiding server storage of client state does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Avoiding server storage of client state, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Avoiding server storage of client state will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFUS-PAI-O-4111401

All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.

Canada

Charities
Companies
MP Candidates
Patents
Employee Salary Disclosure

World

Places of the World
Scientific Papers

United States

Banks
Companies
Counties
Patents
Employee Salary Disclosure