Method and apparatus for transmitting authentication credentials of a user across communication sessions
First Claim
1. A method for facilitating the reauthentication of a user using a client computer to a server computer comprising the steps of:
- (a) receiving confidential information from the client computer;
(b) establishing a first communication session between the client computer and the server computer;
(c) generating a key;
(d) encrypting the confidential information with the key to create encrypted confidential information;
(e) storing the encrypted confidential information on the server computer;
(f) transmitting the key to the client computer; and
(g) deleting the key on the server computer.
9 Assignments
0 Petitions
Accused Products
Abstract
The invention relates to an apparatus and for facilitating the reauthentication of a user using a client computer to a server computer. In one embodiment, the method includes the steps of receiving, by the server, confidential information during a first communication session between the server and a client, encrypting the confidential information with a key to create encrypted confidential information, and storing the encrypted confidential information in the server'"'"'s memory. The method also includes the steps of transmitting, by the server, the key to the client and deleting, by the server, the key from the server'"'"'s memory. When the server receives the key from the client during a second communication session, the server uses the key to decrypt the encrypted confidential information.
-
Citations
22 Claims
-
1. A method for facilitating the reauthentication of a user using a client computer to a server computer comprising the steps of:
-
(a) receiving confidential information from the client computer;
(b) establishing a first communication session between the client computer and the server computer;
(c) generating a key;
(d) encrypting the confidential information with the key to create encrypted confidential information;
(e) storing the encrypted confidential information on the server computer;
(f) transmitting the key to the client computer; and
(g) deleting the key on the server computer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 14, 15, 16, 17, 18, 19)
-
-
13. A system for facilitating reauthentication of a user using a client computer to a server computer, the system comprising:
-
(a) a client computer; and
(b) a server computer comprising a memory, a key generator, a key destroyer, an encryptor, and a decryptor, the server computer in electrical communication with the client computer;
wherein the server computer receives confidential information from the client computer during a first communication session between the server computer and the client computer, wherein the key generator generates a key, wherein the encryptor encrypts confidential information received from the client computer with the key to create encrypted confidential information, wherein the encryptor stores the encrypted confidential information in the memory of the server computer, wherein the server computer transmits the key to the client computer, and wherein the key destroyer destroys the key following transmission to the client computer.
-
-
20. A system for facilitating the reauthentication of a client computer to a server computer, the system comprising:
-
(a) a client computer; and
(b) a server computer comprising a memory, a key generator, a key destroyer, an identifier generator, an encryptor, and a decryptor, the server computer in electrical communication with the client computer;
wherein the server computer receives confidential information from the client computer during a first communication session between the server computer and the client computer, wherein the key generator generates a key, wherein the encryptor encrypts confidential information received from a client with the key to create encrypted confidential information, wherein the identifier generator generates an identifier, wherein the server computer stores the encrypted confidential information and the identifier in the memory of the server computer, wherein the server computer transmits the key and the identifier to the client computer, wherein the key destroyer destroys the key following transmission to the client computer, and wherein the server computer receives the key and the identifier during a second communication session to enable the decryptor to decrypt the encrypted confidential information in the memory.
-
-
21. A method for facilitating the reauthentication of a client computer to a server computer comprising the steps of:
-
(a) establishing a first communication session between a client computer and a server computer;
(b) receiving confidential information from the client computer;
(c) creating an identifier by the server computer to identify the first communication session after receiving the confidential information;
(d) encrypting the confidential information with a key to create encrypted confidential information;
(e) storing the encrypted confidential information and the identifier in a table in memory of the server computer;
(f) transmitting, by the server computer, the key and the identifier to the client computer;
(g) deleting, by the server computer, the key from the memory of the server computer;
(h) establishing a second communication session between the client computer and the server computer upon termination of the first communication session;
(i) receiving, from the client computer, during the second communication session, the identifier that identifies the first communication session;
(j) receiving, from the client computer, during the second communication session, the key associated with the encrypted confidential information;
(k) using the identifier to determine the location of the encrypted confidential information in the table; and
(l) decrypting, by the server computer, the encrypted confidential information using the key received from the client computer during the second communication session.
-
-
22. A computer system for facilitating reestablishment of communications between a client computer and a server computer comprising:
-
(a) means for receiving confidential information from a client computer during a first communication session;
(b) means for encrypting the confidential information with a key to create encrypted confidential information;
(c) means for storing the encrypted confidential information;
(d) means for transmitting the key to the client computer;
(e) means for deleting, by the server computer, the key from memory of the server computer;
(f) means for receiving the key associated with the encrypted confidential information from the client during a second communication session; and
(g) means for using the key to decrypt the encrypted confidential information.
-
Specification