×

Personalizing global session identifiers

  • US 10,182,044 B1
  • Filed: 12/03/2015
  • Issued: 01/15/2019
  • Est. Priority Date: 12/03/2015
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method, comprising:

  • generating a session token that includes a first key;

    encrypting the session token with an encryption key, the encryption key generated from a combination of a second key and a third key, the second key associated with and available to a set of servers, the third key associated with a customer account, and the third key available to a proper subset of the set of servers, the proper subset specified by a policy service that identifies the proper subset of servers where the session token is allowed to be used;

    providing the encrypted token and the first key to a device associated with the customer account; and

    in response to receiving a request to establish a session, the request including the token, and the request signed with the first key;

    recovering the first key from the token using the encryption key to acquire a recovered first key;

    verifying that the request is validly signed using the recovered first key; and

    as a result of verifying that the request is validly signed using the recovered first key, fulfilling the request.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×