Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Packet header designating cryptographically protected data
Reexamination Certificate
2004-06-02
2008-10-14
Zand, Kambiz (Department: 2134)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Packet header designating cryptographically protected data
C713S181000, C726S008000
Reexamination Certificate
active
07437554
ABSTRACT:
A method and apparatus for authenticating and authorizing online transactions. An authentication cookie is transmitted to a client system. The authentication cookie includes a user encryption key and an encrypted buffer that contains user identification data and a profile code. Subsequent requests for the particular service use the authentication cookie to generate a query that includes the encrypted buffer and user identification data entered by the user. Portions of the query are encrypted using the user encryption key. Queries received at each authentication and authorization server are authenticated by reconstructing the user encryption key using information transmitted in the clear and decrypting the query using both the reconstructed user encryption key and the secret key. The user identification data entered by the user is then compared with the user identification data in the encrypted buffer for further authentication. The profile code is analyzed for determining authorization. If the query is authenticated and authorized, the authentication and authorization server forwards the request to a server that provides the desired service.
REFERENCES:
patent: 5481720 (1996-01-01), Loucks et al.
patent: 6049878 (2000-04-01), Caronni et al.
patent: 6161139 (2000-12-01), Win et al.
patent: 6816966 (2004-11-01), Gupta et al.
patent: 6985953 (2006-01-01), Sandhu et al.
Stallings, William. Network Security Essentials, Applications and Standards, 1999 Prentice Hall, Inc., pp. 84-101.
Arnold Greg A.
Chen Carl
Dalbec Gabe
Lennie Robert
Berry & Associates P.C.
PalmSource Inc.
Simitoski Michael J
Zand Kambiz
LandOfFree
Method and apparatus for generating queries for secure... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for generating queries for secure..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for generating queries for secure... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3999583