Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Central trusted authority provides computer authentication
Reexamination Certificate
2008-07-01
2008-07-01
Moazzami, Nasser (Department: 2136)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Central trusted authority provides computer authentication
C726S010000
Reexamination Certificate
active
07395424
ABSTRACT:
A method is presented for performing authentication operations. When a client requests a resource from a server, a non-certificate-based authentication operation is performed through an SSL (Secure Sockets Layer) session between the server and the client. When the client requests another resource, the server determines to step up to a more restrictive level of authentication, and a certificate-based authentication operation is performed through the SSL session without exiting or renegotiating the SSL session prior to completion of the certificate-based authentication operation. During the certificate-based authentication procedure, an executable module is downloaded to the client from the server through the SSL session, after which the server receives through the SSL session a digital signature that has been generated by the executable module using a digital certificate at the client. In response to successfully verifying the digital signature at the server, the server provides access to a requested resource.
REFERENCES:
patent: 6094485 (2000-07-01), Weinstein et al.
patent: 6363478 (2002-03-01), Lambert et al.
patent: 6367009 (2002-04-01), Davis et al.
patent: 2002/0029350 (2002-03-01), Cooper et al.
patent: 2002/0091798 (2002-07-01), Joshi et al.
patent: 2002/0166048 (2002-11-01), Coulier
patent: 2003/0018886 (2003-01-01), Kuehr-McLauren et al.
patent: 1280317 (2003-01-01), None
patent: WO 00/27089 (2000-05-01), None
patent: WO 01/11451 (2001-02-01), None
patent: WO 01/80479 (2001-10-01), None
patent: WO 02/39237 (2002-05-01), None
Wayback Machine article for “Implementing certificate based authentication for remote users with Firewall-1/SecuRemote and openssl as CA,” retrieved on Jun. 18, 2007, dated Jan. 26, 2002, retrieved from http://web.archive.org/web/20020126134426/http://www.atsec.com/docs/fw1-openssl.howto.pdf.
Wikipedia reference for Transport Layer Security, retrieved Jun. 19, 2007, http://en.wikipedia.org/wiki/Transport—Layer—Security.
“DFS as an Internet File System”, No. 409114,Research Disclosure, p. 625, May 1998.
“A customizable mechanism for generating an X.500 distinguished name, when a client has not presented an X.509 certificate”, No. 448125,Research Disclosure, p. 1400, Aug. 2001.
“Shared cipher spec protocol”, No. 432173,Research Disclosure, p. 776, Apr. 2000.
Wen et al., “Attacks on Authentication Protocols with Compromised Certificates and How to Fix Them”,IPSJ Journal, vol. 41, No. 8, pp. 2110-2120, Aug. 2000.
Hayes, “Restricting Access with Certificate Attributes in Multiple Root Environments: A Recipe for Certificate Masquerading”,17th Annual Computer Science Applications Conf., Dec. 10, 2001.
Park et al., “RBAC on the Web by Smart Certificates”,Proceedings of the 4th ACM Workshop on Role-Based Access Control, pp. 1-9, 1999.
Zhou et al., “COCA: Secure Distributed Online Certification Authority”, ACM Transactions on Computer Systems, vol. 20, No. 4, pp. 329-368, Nov. 2000.
Godber et al., “Secure Wireless Gateway”,ACM Workshop on Wireless Security, pp. 41-46, Sep. 2002.
Ashley Paul Anthony
Muppidi Sridhar R.
Vandenwauver Mark
Hamilton Gary W.
Hamilton & Terrile LLP
Hoffman Brandon S
International Business Machines - Corporation
Moazzami Nasser
LandOfFree
Method and system for stepping up to certificate-based... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system for stepping up to certificate-based..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system for stepping up to certificate-based... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2788322