Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
2004-03-19
2009-06-16
Moise, Emmanuel L (Department: 2437)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
C726S006000
Reexamination Certificate
active
07549048
ABSTRACT:
The principles of the present invention relate to systems, methods, and computer program products for more efficiently and securely authenticating computing systems. In some embodiments, a limited use credential is used to provision more permanent credentials. A client receives a limited-use (e.g., a single-use) credential and submits the limited-use credential over a secure link to a server. The server provisions an additional credential (for subsequent authentication) and sends the additional credential to the client over the secure link. In other embodiments, computing systems automatically negotiate authentication methods using an extensible protocol. A mutually deployed authentication method is selected and secure authentication is facilitated with a tunnel key that is used encrypt (and subsequently decrypt) authentication content transferred between a client and a server. The tunnel key is derived from a shared secret (e.g., a session key) and nonces.
REFERENCES:
patent: 5345594 (1994-09-01), Tsuda
patent: 6161139 (2000-12-01), Win et al.
patent: 6182142 (2001-01-01), Win et al.
patent: 6636966 (2003-10-01), Lee et al.
patent: 6668322 (2003-12-01), Wood et al.
patent: 6807569 (2004-10-01), Bhimani et al.
patent: 6845395 (2005-01-01), Blumenau et al.
patent: 6862699 (2005-03-01), Nakashima et al.
patent: 6892307 (2005-05-01), Wood et al.
patent: 6907546 (2005-06-01), Haswell et al.
patent: 6912522 (2005-06-01), Edgar
patent: 6944761 (2005-09-01), Wood et al.
patent: 6983381 (2006-01-01), Jerdonek
patent: 6996714 (2006-02-01), Halasz et al.
patent: 7035442 (2006-04-01), Ha et al.
patent: 7058696 (2006-06-01), Phillips et al.
patent: 7069437 (2006-06-01), Williams
patent: 7085840 (2006-08-01), de Jong et al.
patent: 7085931 (2006-08-01), Smith et al.
patent: 7103772 (2006-09-01), Jorgensen et al.
patent: 7114080 (2006-09-01), Rahman et al.
patent: 7158777 (2007-01-01), Lee et al.
patent: 7181762 (2007-02-01), Jerdonek
patent: 7275156 (2007-09-01), Balfanz et al.
patent: 7275157 (2007-09-01), Cam Winget
patent: 7458095 (2008-11-01), Forsberg
patent: 2001/0022780 (2001-09-01), Mizutani et al.
patent: 2002/0059545 (2002-05-01), Nakashima et al.
patent: 2002/0087857 (2002-07-01), Tsao et al.
patent: 2002/0095569 (2002-07-01), Jerdonek
patent: 2002/0116611 (2002-08-01), Zhou et al.
patent: 2002/0161826 (2002-10-01), Arteaga et al.
patent: 2003/0005117 (2003-01-01), Kang et al.
patent: 2003/0041244 (2003-02-01), Buttyan et al.
patent: 2003/0055962 (2003-03-01), Freund et al.
patent: 2003/0055974 (2003-03-01), Brophy et al.
patent: 2003/0084293 (2003-05-01), Arkko et al.
patent: 2003/0090998 (2003-05-01), Lee et al.
patent: 2003/0093676 (2003-05-01), Kawamura et al.
patent: 2003/0115324 (2003-06-01), Blumenau et al.
patent: 2003/0169883 (2003-09-01), Leroux et al.
patent: 2003/0172090 (2003-09-01), Asunmaa et al.
patent: 2003/0177390 (2003-09-01), Radhakrishnan
patent: 2003/0226017 (2003-12-01), Palekar et al.
patent: 2004/0088409 (2004-05-01), Braemer et al.
patent: 2004/0088582 (2004-05-01), Hovmark et al.
patent: 2004/0098588 (2004-05-01), Ohba et al.
patent: 2004/0107360 (2004-06-01), Herrmann et al.
patent: 2004/0117818 (2004-06-01), Karaoguz et al.
patent: 2004/0122956 (2004-06-01), Myers et al.
patent: 2004/0148504 (2004-07-01), Forsberg
patent: 2005/0015588 (2005-01-01), Lin et al.
patent: 2005/0088999 (2005-04-01), Waylett et al.
patent: 2005/0114713 (2005-05-01), Beckman et al.
patent: 2005/0120213 (2005-06-01), Winget et al.
patent: 2005/0165953 (2005-07-01), Oba et al.
patent: 2005/0172175 (2005-08-01), Bhat et al.
patent: 2005/0188211 (2005-08-01), Scott et al.
patent: 2005/0216555 (2005-09-01), English et al.
patent: 2006/0067272 (2006-03-01), Wang et al.
patent: 2006/0200681 (2006-09-01), Kato et al.
patent: WO 01/82037 (2001-02-01), None
patent: WO 03/038578 (2002-10-01), None
Matt Powell, WS-Security Authentication and Digital signatures with Web Services Enhancements, Dec. 2002, Microsoft Coporation, pp. 1-26.
Haller et al. One-Time Password System, Feb. 1998, RFC Working Group, pp. 1-24.
Simpson W., PPP Chalenge Handshake Authentication Protocol (CHAP), Aug. 1996, RFC Working Group, pp. 1-13.
Salgarelli et al., EAP-Shared Key Exchange (EAP-SKE): A Scheme for Authentication and Dynamic Key Exchange in 802.1x Networks, Apr. 30, 2002, pp. 2-3, 8-10 and 17-18.
Aboba, et al., “PPP EAP TLS Authentication Protocol”, RFC 2716, 1999, p. 1-24.
Dierks et al., “The TLS Protocol Version 1.0”, RFC 2246, 1999, p. 1-80.
Blunk et al., “PPP Extensible Authentication Protocol (EAP)”, RFC 2284, 1998, p. 1-15.
Anderson et al., “Protected EAP Protocol (PEAP)”, PPPEXT Working Group, 2002, p. 1-42.
Hess et al., “Advanced Client/Server Authentication in TLS,” Network and Distributed System Security Symposium, San Diego, CA, Feb. 2002. http://citeseer.ist.psu.edu/hess02advanced.html.
Aboba Bernard D.
Freeman Trevor William
Moore Timothy M.
Simon Daniel R.
Microsoft Corporation
Moise Emmanuel L
Williams Jeffery
Workman Nydegger
LandOfFree
Efficient and secure authentication of computing systems does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Efficient and secure authentication of computing systems, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Efficient and secure authentication of computing systems will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4101682