User mapping information extension for protocols

Information security – Access control or authentication – Network

Reexamination Certificate

Rate now

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Details

C726S014000, C713S175000

Reexamination Certificate

active

07434253

ABSTRACT:
A hint containing user mapping information is provided in messages that may be exchanged during authentication handshakes. For example, a client may provide user mapping information to the server during authentication. The hint (e.g., in the form of a TLS extension mechanism) may be used to send the domain/user name information of a client to aid the server in mapping the user's certificate to an account. The extension mechanism provides integrity and authenticity of the mapping data sent by the client. The user provides a hint as to where to find the right account or domain controller (which points to, or otherwise maintains, the correct account). Based on the hint and other information in the certificate, the user is mapped to an account. The hint may be provided by the user when he logs in. Thus, a certificate is mapped to an identity to authenticate the user. A hint is sent along with the certificate information to perform the binding. Existing protocols may be extended to communicate the additional mapping information (the hint) to perform the binding. A vendor specific extension to Kerberos is defined to obtain the authorization data based on an X.509 certificate and the mapping user name hint.

REFERENCES:
patent: 5712914 (1998-01-01), Aucsmith et al.
patent: 6615347 (2003-09-01), de Silva et al.
patent: 6754829 (2004-06-01), Butt et al.
patent: 6854056 (2005-02-01), Benantar et al.
patent: 7139911 (2006-11-01), Sweeny et al.
patent: 7143285 (2006-11-01), Gindin et al.
patent: 2002/0138738 (2002-09-01), Sames et al.
patent: 2002/0144107 (2002-10-01), Sweeny et al.
patent: 2003/0009662 (2003-01-01), Gindin et al.
patent: 2004/0162980 (2004-08-01), Lesenne et al.
patent: 2005/0257045 (2005-11-01), Bushman et al.
patent: 2006/0095767 (2006-05-01), Krishnamurthi et al.
Lynn, C. et al. RFC 3779: X.509 Extensions for IP addresses and AS identifiers. Jun. 2004. IETF. p. 1-26.
Farrell, S. TLS extensions for AttributeCertificate based authorization. Aug. 20, 1998. p. 1-10.
Blake-Wilson, S. et al. RFC 3546: Transport Layer Security (TLS) Extensions. Jun. 2003. p. 1-28.
Kohl, J. et al. RFC 1510: The Kerberos Network Authentication Service (V5). Sep. 1993. p. 1-106.
“Step-by-Step Guide to Mapping Certificates to User Accounts,” Microsoft Corporation, http://www.microsoft.com/windows2000/techinfo/planning/security/mappingcerts.asp, posted Feb. 16, 2000, 15 pages.

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

User mapping information extension for protocols does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with User mapping information extension for protocols, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and User mapping information extension for protocols will most certainly appreciate the feedback.

Rate now

     

Profile ID: LFUS-PAI-O-3997169

  Search
All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.