HTTP AUTHENTICATION AND AUTHORIZATION MANAGEMENT
First Claim
Patent Images
1. A computer implemented method, comprising:
- receiving authenticated user data at an authority node;
defining a plurality of epochs, each epoch identified by an epoch id;
associating the authenticated user data with a current epoch ID for a current epoch;
obtaining a current epoch key pair for the current epoch, the current epoch key pair comprising a current public epoch key and a current private epoch key, wherein one attribute of the current public epoch key is the current epoch id;
encrypting the associated authenticated user data with the current private epoch key to generate authentication data;
providing the current public epoch key to an external security service; and
providing the authentication data to the external security service.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems, methods and apparatus for a distributed security that provides authentication and authorization management. The system can include an epoch manager that is used to generate authentication and authorization data that remain valid only for an epoch. The epoch manager can generate an epoch key pair that can be used to encrypt and decrypt the authentication and authorization data during the epoch that the key is valid. The epoch manager can also associate the contents of the data with the epoch in which it was created, so that at decrypting the epoch that the data was generated in can be identified.
81 Citations
20 Claims
-
1. A computer implemented method, comprising:
-
receiving authenticated user data at an authority node; defining a plurality of epochs, each epoch identified by an epoch id; associating the authenticated user data with a current epoch ID for a current epoch; obtaining a current epoch key pair for the current epoch, the current epoch key pair comprising a current public epoch key and a current private epoch key, wherein one attribute of the current public epoch key is the current epoch id; encrypting the associated authenticated user data with the current private epoch key to generate authentication data; providing the current public epoch key to an external security service; and providing the authentication data to the external security service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 18, 19, 20)
-
-
16. Software stored in a computer readable medium and comprising instructions executable by a data processing system and upon such execution cause the data processing system to perform operations comprising:
-
receiving authenticated user data; identifying a current epoch; identifying a current epoch ID associated with the current epoch; associating the authenticated user data with a current epoch id; obtaining a current epoch key pair for the current epoch, the current epoch key pair comprising a current public epoch key and a current private epoch key, wherein one attribute of the current public epoch key is the current epoch id; encrypting the associated authenticated user data with the current private epoch key to generate authentication data; and providing the current public epoch key and the authentication data to an external security service. - View Dependent Claims (17)
-
Specification