Encryption key updating for multiple site automated login
First Claim
1. A system comprising:
- means for generating a first key having a first version number;
means for providing tickets encoded consistent with the first key, the ticket having a version number corresponding to the first version number;
means for generating a second key having a second version number; and
when the second key becomes current at a site, providing tickets encoded consistent with the second key, the ticket having a version number corresponding to the second version number;
wherein said keys comprise key data and executable code for decrypting tickets.
1 Assignment
0 Petitions
Accused Products
Abstract
A version number is associated with an encrypted key executable to allow real time updating of keys for a system which facilitates users signing on to multiple websites on different domains using an encrypted ticket. Two keys may be used at each site during updating of keys, each having an associated one digit Hex version tag. When a key is to be updated with a new key, the existing or old key is provided an expiration time. A second key is provided from the system in a secure manner with a new version number and made the current key which provides decryption of the encrypted ticket. The system tracks both keys while they are concurrent. After the existing key expires, only the second, or updated key is used to provide login services for users. The system periodically flushes old keys.
57 Citations
14 Claims
-
1. A system comprising:
-
means for generating a first key having a first version number;
means for providing tickets encoded consistent with the first key, the ticket having a version number corresponding to the first version number;
means for generating a second key having a second version number; and
when the second key becomes current at a site, providing tickets encoded consistent with the second key, the ticket having a version number corresponding to the second version number;
wherein said keys comprise key data and executable code for decrypting tickets. - View Dependent Claims (2, 3)
-
-
4. A system comprising:
-
means for generating a first key in the form of an executable having a first version number;
means for generating a second key in the form of an executable having a second version number; and
means for providing an indication to a login server identifying which key is current for each site such that the tickets are properly encoded. - View Dependent Claims (5, 6)
-
-
7. A system comprising:
-
means for generating a new key with a new version number to take the place of an old key with an old version number;
means for storing the new key on a site to be logged into by a user;
means for changing a current key indication to the new key;
means for allowing current logged in users to continue using the old key; and
means for redirecting new users to a login server to obtain a ticket consistent with the new key;
wherein keys are generated in an executable form which includes key information as well as code for decrypting tickets using the key information. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
-
Specification