Authentication system for networked computer applications
First Claim
Patent Images
1. A method of authenticating a user within a networked computer system, the method comprising:
- providing an authentication server for authenticating a user;
providing a gatekeeper server;
creating an authentication token comprising a user ID of the user by the authentication server upon user authentication to uniquely identify the user, the authentication token being independent of the user credentials presented by the user and verifiable without a need for the user to re-present the user credentials;
providing an application server;
providing a first encryption key, said first encryption key being shared by the authentication server and the application server but not with the gatekeeper server;
encrypting the authentication token with the first encryption key, wherein the gatekeeper server is unable to access the encrypted authentication token created by the authentication server; and
using the encrypted authentication token by the application server to verify that the user is a subscriber to the application server.
3 Assignments
0 Petitions
Accused Products
Abstract
A system such as in a networked computer system comprising a user, an application server, a gatekeeper server and an authentication server. Communication within the system is managed by the gatekeeper server, wherein the user communicates with the authentication server and the application server through the gatekeeper server. Once the user has been initially authenticated by the authentication server, the user may request application services from a plurality of application servers within the networked computer system without having to be re-authenticated.
55 Citations
22 Claims
-
1. A method of authenticating a user within a networked computer system, the method comprising:
-
providing an authentication server for authenticating a user; providing a gatekeeper server; creating an authentication token comprising a user ID of the user by the authentication server upon user authentication to uniquely identify the user, the authentication token being independent of the user credentials presented by the user and verifiable without a need for the user to re-present the user credentials; providing an application server; providing a first encryption key, said first encryption key being shared by the authentication server and the application server but not with the gatekeeper server; encrypting the authentication token with the first encryption key, wherein the gatekeeper server is unable to access the encrypted authentication token created by the authentication server; and using the encrypted authentication token by the application server to verify that the user is a subscriber to the application server. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. An authentication system within a networked computer system, comprising:
-
an application server; a gatekeeper server; an authentication server; a user having user credentials, and a first encryption key shared by the application server and authentication server, wherein the first encryption key is not shared with the gatekeeper server, and wherein an encrypted authentication token created by the authentication server using the first encryption key is independent of the user credentials presented by the user and verifiable without a need for the user to re-present the user credentials, the encrypted authentication token being used to verify by the application server that the user is a subscriber to the application server. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer-readable token having a plurality of data nodes stored therein and representing a data structure for verifying authentication of a user, comprising:
-
a first data node comprising data identifying the data structure; a second data node comprising data indicating the time the data structure was created; and a third data node comprising unique data representing the user. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22)
-
Specification