Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
2005-05-17
2005-05-17
Beausoliel, Jr., Robert W. (Department: 2785)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
Reexamination Certificate
active
06895510
ABSTRACT:
Mutual authentication between a client and server over the Internet utilizing the IOP protocol in its current state is enabled by first engaging in a “dummy” request when a client initiates a request to a new target server for the first time. This provides the means for creating a two way authentication mechanism. Rather than creating an object reference for the dummy request, the object reference at hand in the client, which the client is about to utilize for a request, is reused by extracting a proxy object from the request. The request is intercepted in the client and the proxy object passed to the interception method. The client next issues a two-way remote method already defined for the proxy object, such as the “non_existent( )” method defined on the CORBA object. The client then computes a security token, and sends the dummy request to the server. The server intercepts the dummy request, validates the security token received in the dummy request, and acquires a new authentication token to be returned to the client. Upon interception of the outgoing message, the new security token is marshalled in the security service context and sent to the client on the response message. The client intercepts the reply message and demarshals the security service context to recover the security token and complete mutual authentication.
REFERENCES:
patent: 5367635 (1994-11-01), Bauer et al.
patent: 5506961 (1996-04-01), Carlson et al.
patent: 5542046 (1996-07-01), Carlson et al.
patent: 5586260 (1996-12-01), Hu
patent: 5727145 (1998-03-01), Nessett et al.
patent: 5948089 (1999-09-01), Wingard et al.
patent: 5948108 (1999-09-01), Lu et al.
Orfali et al., “Essential Client/Server Survival Guide”, Van Nostrand Reinhold, pp 105-128 and 147-160, Dec. 1994.*
Corbra Security, OMG Document No. 95-12-1, pp 1-40, 159-208, 259-280, 295-308, Dec. 1995.
Acker Liane Elizabeth Haybnes
Albaugh Virgil
Benantar Messaoud
Beausoliel, Jr. Robert W.
Dillion & Yudell LLP
Elmore Stephen C.
Mims Jr. David A.
LandOfFree
Mutual internet authentication between a client and server... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Mutual internet authentication between a client and server..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Mutual internet authentication between a client and server... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3442501