Information security – Access control or authentication – Network
Reexamination Certificate
2005-06-17
2010-06-01
LaForgia, Christian (Department: 2439)
Information security
Access control or authentication
Network
Reexamination Certificate
active
07730523
ABSTRACT:
A method for remote services authentication in an internet hosted environment includes a high level process and functionality for a secure, practical and logically optimized inter-network authentication mechanism by employees, partners and customers of an enterprise into the hosted Internet site. The lightweight authentication and authorization mechanism can be most effectively implemented in Java as part of the application or web server servlet. The method for remote services authentication includes initial secure password establishment, subsequent authentication and authorization, as well as authentication and authorization upon resuming previously run sessions with the hosted server using Internet cookies.
REFERENCES:
patent: 5734837 (1998-03-01), Flores et al.
patent: 5911143 (1999-06-01), Deinhart et al.
patent: 6357010 (2002-03-01), Viets et al.
patent: 6587836 (2003-07-01), Ahlberg et al.
patent: 6947989 (2005-09-01), Gullotta et al.
patent: 7010600 (2006-03-01), Prasad et al.
patent: 7089584 (2006-08-01), Sharma
patent: 7140035 (2006-11-01), Karch
patent: 7222107 (2007-05-01), Ludwig et al.
patent: 7290288 (2007-10-01), Gregg et al.
patent: 7360096 (2008-04-01), Bracewell et al.
patent: 7380120 (2008-05-01), Garcia
patent: 7483438 (2009-01-01), Serghi et al.
patent: 2002/0026592 (2002-02-01), Gavrila et al.
patent: 2003/0046422 (2003-03-01), Narayanan et al.
patent: 2003/0105742 (2003-06-01), Boreham et al.
patent: 2003/0154381 (2003-08-01), Ouye et al.
patent: 2003/0229812 (2003-12-01), Buchholz
patent: 2004/0024670 (2004-02-01), Valenzuela et al.
patent: 2004/0153171 (2004-08-01), Brandt et al.
patent: 2005/0159969 (2005-07-01), Sheppard
patent: 2005/0262575 (2005-11-01), Dweck et al.
Anne Anderson; XACML Profile for Role Based Access Control (RBAC); Committee Draft 01, Feb. 13, 2004; cs-xacml-rbac-profile-01.
Joon S Park, Ravi Sandhu, SreeLatha Ghanta; RBAC on the Web by Secure Cookies; 1999.
Freudenthal, E., Pesin, T., Port, L., Keenan, E., and Karamcheti, V. 2002. dRBAC: Distributed Role-based Access Control for Dynamic Coalition Environments. In Proceedings of the 22 Nd international Conference on Distributed Computing Systems (lcdcs'02) (Jul. 2-5, 2002). ICDCS. IEEE Computer Society, Washington, DC, 411.
Kaletka, Mark O., Easy things users can do to improve security: Recommendations of “best practices” for securing individual user's accounts, http://security.fnal.gov/UserGuide/password.htm, Aug. 14, 1998, pp. 2.
Shamir, Adi, How to Share a Secret, Massachusetts Institute of Technology, http://szabo.best.vwh.net/secret.html, Sep. 1979, pp. 1-4.
Oasis Extensible Access Control Markup Language (XACML), version 2, http://www.oasis-open.org/specs/index.php#xacmlv2.0. Feb. 1, 2005, pp. 1-141.
Park, Joon S., Sandhu. Ravi, Secure Cookies on the Web, IEEE Internet Computing, Jul.-Aug. 2000. pp. 36-44.
Park, Joon S., Sandhu, Ravi, Ghanta, Sreelatha, RBAC on the Web by Secure Cookies, Proc. 13th IFIP WG11.3 Conf. Database Security, 1999, pp. 14.
Huskey Libby A.
LaForgia Christian
Lembke Kent A.
Marsh & Fischmann & Breyfogle LLP
Oracle America Inc.
LandOfFree
Role-based access using combinatorial inheritance and... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Role-based access using combinatorial inheritance and..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Role-based access using combinatorial inheritance and... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4235547