Systems and methods for state-less authentication
First Claim
1. A method of enabling access to a resource of a processing system in a security context upon log in, comprising the steps of:
- verifying a user'"'"'s identity information, provided by a user to an access authorization component of the processing system during a secure communication session, based on a comparison with stored authorization information comprising at least one of a user identifier, an organization identifier, a sub-organization identifier, a key, an authentication certificate, a user location, a user role, and a user position identifying the user to the processing system;
generating a security context based on the verifying of the user'"'"'s identity information for access to the resource;
providing the security context to the user; and
sending, by the user to the processing system, the security context and a request for access to the resource.
8 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for providing user logon and state-less authentication are described in a distributed processing environment. Upon an attempted access by a user to an online resource, transaction, or record, a logon component asks the user to supply a logon ID and a password. The logon component verifies the provided information, and upon successful identification, a security context is constructed from information relevant to the user. The security context is sent to the user and is presented to the system each time the user attempts to invoke a new resource, such as a program object, transaction, record, or certified printer avoiding the need for repeated logon processing.
-
Citations
18 Claims
-
1. A method of enabling access to a resource of a processing system in a security context upon log in, comprising the steps of:
-
verifying a user'"'"'s identity information, provided by a user to an access authorization component of the processing system during a secure communication session, based on a comparison with stored authorization information comprising at least one of a user identifier, an organization identifier, a sub-organization identifier, a key, an authentication certificate, a user location, a user role, and a user position identifying the user to the processing system;
generating a security context based on the verifying of the user'"'"'s identity information for access to the resource;
providing the security context to the user; and
sending, by the user to the processing system, the security context and a request for access to the resource. - View Dependent Claims (2, 3, 4, 5, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
6-9. -9. (canceled)
-
18-41. -41. (canceled)
Specification
-
- Resources
-
Current AssigneeAlto Dynamics, LLC (IP Investments Group LLC)
-
Original AssigneeeOriginal, Inc.
-
InventorsBisbee, Stephen F., Twaddell, Gordon W., Peterson, Ellis K., Becker, Keith F., Moskowitz, Jack J.
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current1/1
-
CPC Class CodesF23H 17/12 Fire-barsG06F 16/00 Information retrieval; Data...G06F 21/33 using certificatesG06F 21/41 where a single sign-on prov...H04L 2209/56 Financial cryptography, e.g...H04L 63/0435 wherein the sending and rec...H04L 63/083 using passwords cryptograph...H04L 63/123 received data contents, e.g...H04L 9/3226 using a predetermined code,...Y10S 707/99931 Database or file accessingY10S 707/99936 Pattern matching access
