Information security – Access control or authentication
Reexamination Certificate
2007-06-19
2007-06-19
Vu, Kim (Department: 2135)
Information security
Access control or authentication
C713S150000, C709S229000
Reexamination Certificate
active
10113868
ABSTRACT:
Methods and system for routing communication between a client computer and network servers on a data communication network. In response to a request from a web server on the network to authenticate a user of the client computer, an authentication network server directs the client to a user interface network server. The user interface server provides a user interface to the user requesting login information. The authentication server, which is in a different domain than the user interface server, receives and validates the login information. The authentication server further provides a cookie to the client computer if the information retrieved from the user is valid. The cookie has a domain attribute corresponding to the domain of the authentication server.
REFERENCES:
patent: 5682478 (1997-10-01), Watson et al.
patent: 5812776 (1998-09-01), Gifford
patent: 5812784 (1998-09-01), Watson et al.
patent: 5875296 (1999-02-01), Shi et al.
patent: 5898780 (1999-04-01), Liu et al.
patent: 5918228 (1999-06-01), Rich et al.
patent: 5944824 (1999-08-01), He
patent: 5948064 (1999-09-01), Bertram et al.
patent: 5959985 (1999-09-01), Freen et al.
patent: 5987232 (1999-11-01), Tabuki
patent: 6006332 (1999-12-01), Rabne et al.
patent: 6055236 (2000-04-01), Nessett et al.
patent: 6092196 (2000-07-01), Reiche
patent: 6092199 (2000-07-01), Dutcher et al.
patent: 6134592 (2000-10-01), Montulli
patent: 6138159 (2000-10-01), Phaal
patent: 6226752 (2001-05-01), Gupta et al.
patent: 6246771 (2001-06-01), Stanton et al.
patent: 6253325 (2001-06-01), Steele et al.
patent: 6311275 (2001-10-01), Jin et al.
patent: 6314425 (2001-11-01), Serbinis et al.
patent: 6321262 (2001-11-01), Springer
patent: 6363365 (2002-03-01), Kou
patent: 6578199 (2003-06-01), Tsou et al.
patent: 6725376 (2004-04-01), Sasmazel et al.
patent: 6763468 (2004-07-01), Gupta et al.
patent: 6973571 (2005-12-01), Lee et al.
patent: 2001/0025256 (2001-09-01), Oliphant
patent: 2001/0034841 (2001-10-01), Shambroom
patent: 2001/0037462 (2001-11-01), Bengtson
patent: 2001/0045451 (2001-11-01), Tan et al.
patent: 2001/0054155 (2001-12-01), Hagan et al.
patent: 2002/0029350 (2002-03-01), Cooper et al.
patent: 2002/0035681 (2002-03-01), Maturana et al.
patent: 2002/0099809 (2002-07-01), Lee
patent: 2002/0112155 (2002-08-01), Martherus et al.
patent: 2002/0133723 (2002-09-01), Tait
patent: 2002/0150253 (2002-10-01), Brezak et al.
patent: 2002/0152393 (2002-10-01), Thoma et al.
patent: 2002/0194501 (2002-12-01), Wenocur et al.
patent: 2003/0093694 (2003-05-01), Medvinsky et al.
patent: 2003/0149880 (2003-08-01), Shamsaasef et al.
patent: 2003/0163691 (2003-08-01), Johnson
patent: 2004/0158743 (2004-08-01), Ham et al.
patent: 2005/0074126 (2005-04-01), Stanko
patent: 2005/0216771 (2005-09-01), Malcolm
patent: WO 0233884 (2002-04-01), None
Park et al., “Role-Based Access Control on the Web,” ACM Transactions on Information and System Security (TISSEC), Feb. 2001, pp. 37-71, vol. 4, issue 1, ACM Press, New York, USA.
Sit et al., “Inside Risks: Web Cookies: Not Just a Privacy Risk,” Communications of the ACM, Sep. 2001, p. 120, vol. 44, issue 9, ACM Press, New York, USA.
Joshi et al., “Security Models for Web-Based Applications,” Communications of the ACM, Feb. 2001, pp. 38-44, vol. 44, issue 2, ACM Press, New York, USA.
Sit et al., “Dos and Don'ts of Client Authentication on the Web,” MIT Laboratory for Computer Science, 24 pages, USA.
Ross et al., “Cross-Site Scripting Overview,” 2000, 12 pages.
Samar, “Single Sign-On Using Cookies for Web Applications,” Enabling Technologies: Infrastructure for Collaborative Enterprise Proceedings, IEEE 8th International Workshops, Jun. 16, 1999, pp. 158-163.
Chow Colin
Guo Wei-Quiang Michael
Jiang Wei
Patel Nirav
Senniger Powers
Vu Kim
LandOfFree
Separate client state object and user interface domains does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Separate client state object and user interface domains, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Separate client state object and user interface domains will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3811622