Information security – Access control or authentication – Network
Reexamination Certificate
2007-05-29
2007-05-29
Moise, Emmanuel L. (Department: 2137)
Information security
Access control or authentication
Network
C726S008000
Reexamination Certificate
active
10116192
ABSTRACT:
A network-based software application for enabling remote authentication of a user during a network session has a server portion for serving session validation information and additional user information when queried, a client portion for configuring and submitting parameters constraining what and how data is to be shared with a querying entity or entities, and a distributed portion for distribution and application at various connected network nodes for enabling those nodes to recognize and interact with the server portion. The application is characterized in that the server portion generates a temporary session token after a first successful authentication by the user at a web site during a network session, the token cached at the host machine of the server portion and at the user's machine or proxy machine and wherein upon navigation by the user to a next web site or form requiring secure authentication, the token is used to identify the user and a remote call is used to validate the user session instead of requiring manual authentication procedures.
REFERENCES:
patent: 6041357 (2000-03-01), Kunzelman et al.
patent: 6275941 (2001-08-01), Saito et al.
patent: 2002/0144108 (2002-10-01), Benantar
patent: 2002/0144119 (2002-10-01), Benantar
Winer, “XML-RPC for Newbies”, Jul. 14, 1998, pp. 1-4, obtained from http://davenet.scripting.com/1998/07/14/xmlRpcForNewbies.
GPayments, “Authentication, The missing element in online payment security”, 2001, pp. 1-19, obtained from http://www.gpayments.com/pdfs/GPayments—Authentication—Whitepaper.pdf.
Microsoft, “Passport Fact Sheet”, Oct. 25, 2000, pp. 1-4, obtained from http://web.archive.org/web/20001025095005/www.passport.com/Press/PressFactSheet.asp?PPlcid=1033.
Funk, “Steel-Belted Radius/Service Provider Edition is now available”, Oct. 1, 1999, pp. 1, obtained from http://web.archive.org/web/20010620082923/www.funk.com/New—one
ews/pn—spev10.htm.
Sun Micosystems, “What Is Virtual Hosting?”, 1997, pp. 1, obtained from http://ulysses.uchicago.edu/docs/VH.doc1.html.
Birrell, Andrew, “RPC Reality, Position Paper for SigOps European Workshop”, 1992, pp. 1-3, obtained from http://birrell.org/andrew/papers/RPCReality.txt.
Housley et al., “Internet X.509 Public Key Infrastructure Certificate and CRL Profile”, RFC2459, Jan. 1999, pp. 32-34.
Gamboa-Pani Joaquin
Satyavolu Ramakrishna
Boys Donald R.
Central Coast Patent Agency Inc.
Moise Emmanuel L.
Popham Jeffrey D.
Yodlee.com, Inc.
LandOfFree
Method for verifying the identity of a user for session... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method for verifying the identity of a user for session..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method for verifying the identity of a user for session... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3756849