Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Security kernel or utility
Reexamination Certificate
2009-05-14
2011-12-13
Lim, Krisna (Department: 2453)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Security kernel or utility
C713S155000, C726S004000
Reexamination Certificate
active
08078870
ABSTRACT:
A system and method for authenticating an HTTP message. A relying party may respond to a request from a requester by sending an HTTP message with authentication specifications to the requester. The requester responds with a new request that adheres to a scheme specified by the relying party. A framework allows for a security token to be located in an HTTP header or a message body, with various options such as fragmenting the token available. An option allows for cryptographically binding the security token to the body of a message. An authentication framework provides for an implementation by an HTTP stack or by an application.
REFERENCES:
patent: 6986047 (2006-01-01), Giles et al.
patent: 7434252 (2008-10-01), Ballinger et al.
patent: 2006/0264202 (2006-11-01), Hagmeier et al.
patent: 2006/0282886 (2006-12-01), Gaug
patent: 2007/0143835 (2007-06-01), Cameron et al.
patent: 2008/0082638 (2008-04-01), Kaler et al.
patent: 2008/0141028 (2008-06-01), Wei et al.
patent: 2008/0168273 (2008-07-01), Chung et al.
patent: 2008/0178272 (2008-07-01), Gajjala et al.
patent: 2008/0289039 (2008-11-01), Rits et al.
patent: 2008/0301784 (2008-12-01), Zhu et al.
patent: 2009/0013087 (2009-01-01), Lorch et al.
patent: 2009/0252159 (2009-10-01), Lawson et al.
patent: 2009/0319795 (2009-12-01), Sharif et al.
patent: 2009/0328178 (2009-12-01), McDaniel et al.
patent: 2010/0037303 (2010-02-01), Sharif et al.
patent: 2010/0251345 (2010-09-01), James et al.
Adams Holt, “Best Practices for Web Services, Part 12: Web Services Security, Part 2”, Retrieved at<<http://www.ibm.com/developerworks/webservices/library/ws-best12/>>, Mar. 30, 2004, pp. 6.
Cibraro Pablo M. “Authenticating Users with Supporting Tokens in WCF”, Retrieved at<<http://weblogs.asp.net/cibrax/archive/2008/01/22/authenticating-users-with-supporting-tokens-in-wcf.aspx>>, pp. 6.
“Security Guide”, Retrieved at<<http://download.oracle.com/docs/cd/E13159—01/osb/docs10gr3/security/message—level—cust—auth.html>>, Oracle, pp. 9.
“Writing Advanced Web Services Applications”, Retrieved at<<http://documentation.softwareag.com/webmethods/exx8/webservices/webServicesWrapper—writeAppsAdv.htm>>, pp. 7.
Lacey Pete, “Message Level Security and REST”, Retrieved at<<http://72.249.21.88
onintersecting/?year=2007&monthnum=05&day=25&name=message-level-security-and-rest&page>>, May 25, 2007, pp. 6.
Berners-Lee et al. “Requst for Comments 1945; Hypertext Transfer Protocol—HTTP/1.0”, Network Working Group, May 1996, pp. 1-60, Retrieved at<<http://www.ietf.org/rfc/rfc1945.txt>>.
“International Search Report”, Mailed Date: Nov. 30, 2010, Application No. PCT/US2010/034402, Filed Date: May 11, 2010, pp. 9.
Nanda Arun K.
Wilson Hervey
Lim Krisna
Mager Gary
Microsoft Corporation
LandOfFree
HTTP-based authentication does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with HTTP-based authentication, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and HTTP-based authentication will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4304049