Please download the dossier by clicking on the dossier button x
×

Dynamic response signing capability in a distributed system

  • US 10,326,597 B1
  • Filed: 06/27/2014
  • Issued: 06/18/2019
  • Est. Priority Date: 06/27/2014
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method, comprising:

  • obtaining, at a first computer system and from a requestor, an application programming interface request to perform one or more operations, the application programming interface request including a digital signature;

    forwarding the application programming interface request and the digital signature to an authentication server configured with cryptographic material shared with the requestor but inaccessible to the first computer system;

    obtaining, by the first computer system from the authentication server, an indication that the digital signature matches the application programming interface request and, as a result of the digital signature matching the application programming interface request, a cryptographic key cryptographically derived, by the authentication server, from the cryptographic material and by performing a plurality of cryptographic operations where, for a subset of the cryptographic operations, output of each cryptographic operation of the subset is based at least in part on output of a previous cryptographic operation of the plurality of cryptographic operations and a key derivation parameter using an ordered plurality of key derivation parameters in accordance with the ordering;

    generating, based at least in part on the indication, a response to the application programming interface request;

    generating a digital signature of the generated response based at least in part on the obtained cryptographic key; and

    providing the generated response and the generated digital signature to the requestor.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×