Information security – Access control or authentication – Network
Reexamination Certificate
2006-12-01
2010-10-05
Arani, Taghi T (Department: 2438)
Information security
Access control or authentication
Network
C726S005000, C726S006000, C726S029000, C713S169000, C713S182000, C709S225000
Reexamination Certificate
active
07810147
ABSTRACT:
A system for detecting and preventing replay attacks includes a plurality of interconnected authentication servers, and one or more tokens for generating a one-time passcode and providing the one-time passcode to one of the authentication servers for authentication. The system includes an adjudicator function associated with each authentication server. The adjudicator evaluates a high water mark value associated with a token seeking authentication, allows authentication to proceed for the token if the high water mark evaluation indicates that the one-time passcode was not used in a previous authentication, and prevents authentication if the high water mark evaluation indicates that the one-time passcode was used in a previous authentication. The token is associated with a home authentication server that maintains a current high water mark of the token. The home authentication server validates the current high water mark on behalf of the adjudicator function evaluating the token for authentication.
REFERENCES:
patent: 6085320 (2000-07-01), Kaliski
patent: 6189098 (2001-02-01), Kaliski
patent: 6240184 (2001-05-01), Huynh et al.
patent: 6446052 (2002-09-01), Juels
patent: 6460141 (2002-10-01), Olden
patent: 6970070 (2005-11-01), Juels et al.
patent: 6985583 (2006-01-01), Brainard et al.
patent: 7100049 (2006-08-01), Gasparini et al.
patent: 7111172 (2006-09-01), Duane et al.
patent: 7197639 (2007-03-01), Juels et al.
patent: 7219368 (2007-05-01), Juels et al.
patent: 7228417 (2007-06-01), Roskind
patent: 7346775 (2008-03-01), Gasparinl et al.
patent: 7359507 (2008-04-01), Kaliski
patent: 7363494 (2008-04-01), Brainard et al.
patent: 7404087 (2008-07-01), Teunen
patent: 7543061 (2009-06-01), Kumbalimutt et al.
patent: 7571489 (2009-08-01), Ong et al.
patent: 7624425 (2009-11-01), Graves
patent: 2004/0172535 (2004-09-01), Jakobsson et al.
patent: 2006/0037073 (2006-02-01), Juels et al.
patent: 2006/0041759 (2006-02-01), Kaliski et al.
patent: 2006/0174104 (2006-08-01), Crichton et al.
patent: 2007/0124321 (2007-05-01), Szydlo
patent: 2007/0174614 (2007-07-01), Duane et al.
patent: 2007/0256123 (2007-11-01), Duane et al.
patent: 2008/0028447 (2008-01-01), O'Malley et al.
Duane William
Friedman Lawrence N.
Volanis Alexander
Arani Taghi T
BainwoodHuang
EMC Corporation
Victoria Narciso
LandOfFree
Detecting and preventing replay in authentication systems does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Detecting and preventing replay in authentication systems, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Detecting and preventing replay in authentication systems will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4195410