Public key based authentication method for transaction delegation in service-based computing environments
First Claim
1. A method on a central computer of providing data to a client computer, comprising the steps of:
- accepting a request for data from a client computer; and
transmitting a partial response to the client computer, wherein the partial response contains a nonce value, and wherein the nonce value is digitally signed and is used to authorize a limited number of accesses to data on a remote computer.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for allowing access to data or processing on a remote computer. An authorizing computer provides client computers with a data specification and remote computer address along with an authorization code that is digitally signed or encrypted and that may only be used for a limited number of times. A client computer then accesses the remote computer by providing the digitally signed authorization code. The remote computer responds with the data or processing if the digital signature is successfully verified and the authorization code has been used fewer than the limited number of times.
-
Citations
26 Claims
-
1. A method on a central computer of providing data to a client computer, comprising the steps of:
-
accepting a request for data from a client computer; and
transmitting a partial response to the client computer, wherein the partial response contains a nonce value, and wherein the nonce value is digitally signed and is used to authorize a limited number of accesses to data on a remote computer. - View Dependent Claims (2, 3)
-
-
4. A method of controlling access to data on a remote computer, the method comprising the steps of:
-
accepting a request for a data item, wherein the request contains a nonce value which has been digitally signed with a digital signature;
verifying the nonce value, wherein the step of verifying the nonce value comprises the step of verifying the digital signature; and
responding to the request by returning the data item if the nonce value is valid and has been previously used fewer than a limited number of times. - View Dependent Claims (5, 6, 7, 8)
-
-
9. A method of obtaining service from a secure data server, the method comprising the steps of:
-
accepting a partial response from a first computer, wherein the partial response comprises a nonce value and a specification of a remote computer, and wherein the nonce value is signed with a digital signature;
transmitting a service request to the remote computer, wherein the service request comprises the nonce value; and
receiving a service response from the remote computer if the nonce value was valid. - View Dependent Claims (10)
-
-
11. A central computer system for providing data to a client computer, the system comprising:
-
a request message receiver for accepting a request for data from a client computer; and
a partial response transmitter transmitting for transmitting a partial response to the client computer, wherein the partial response contains a nonce value, and wherein the nonce value is digitally signed and is used to authorize a limited number of accesses to data on a remote computer. - View Dependent Claims (12, 13)
-
-
14. A system for controlling access to data on a computer, the system comprising:
-
a request receiver for accepting a request for a data item, wherein the request contains a nonce value, wherein the nonce value is digitally signed by a digital signature;
a nonce verifier for verifying the nonce value, wherein the nonce verifier performs at least a verification of the digital signature; and
a response generator for responding to the request by returning the data item if the nonce value is valid and has been previously used fewer than a limited number of times. - View Dependent Claims (15, 16)
-
-
17. A system for obtaining service from a secure data server, the system comprising the steps of:
-
a partial response receiver for accepting a partial response from a first computer, wherein the partial response comprises a nonce value and a specification of a remote computer, and wherein the nonce value is digitally signed by a digital signature;
a request transmitter for transmitting a service request to the remote computer, wherein the service request comprises the nonce value; and
a service response receiver for receiving a service response from the remote computer if the nonce value was valid. - View Dependent Claims (18)
-
-
19. A computer readable medium including computer instructions for controlling communications access to remote processors, the computer instructions comprising instructions for:
-
accepting a request for data from a client computer; and
transmitting a partial response to the client computer, wherein the partial response contains a nonce value, wherein the nonce value is digitally signed with a digital signature and the nonce value is used to authorize a limited number of accesses to data on a remote computer. - View Dependent Claims (20, 21)
-
-
22. A computer readable medium including computer instructions for controlling communications access to computer, the computer instructions comprising instructions for:
-
accepting a request for a data item, wherein the request contains a nonce value, wherein the nonce value is digitally signed with a digital signature;
verifying the nonce value, wherein the instructions for verifying comprise instructions for verifying the digital signature; and
responding to the request by returning the data item if the nonce value was verified by the instructions for verifying and the nonce value is valid and has been previously used fewer than a limited number of times. - View Dependent Claims (23, 24)
-
-
25. A computer readable medium including computer instructions for obtaining service from a secure data server, the computer instructions comprising instructions for:
-
accepting a partial response from a first computer, wherein the partial response comprises a nonce value and a specification of a remote computer, wherein the nonce value is digitally signed with a digital signature;
transmitting a service request to the remote computer, wherein the service request comprises the nonce value; and
receiving a service response from the remote computer if the nonce value was valid. - View Dependent Claims (26)
-
Specification