HTTP AUTHENTICATION AND AUTHORIZATION MANAGEMENT
First Claim
1. A computer implemented method, comprising:
- receiving at a processing node a current public epoch key of a current epoch key pair, wherein one attribute of the current public epoch key is a current key epoch ID that identifies the current epoch of the current public epoch key;
receiving at the processing node authorized user data associated with a request;
decrypting at the processing node the authorized user data using the public epoch key;
determining if the decryption of the authorized user data was successful;
if the decryption of the authorized user data was successful,identifying at the processing node a user epoch ID from the decrypted authorized user data;
comparing at the processing node the user epoch ID to the current key epoch ID of the current public epoch key;
determining at the processing node whether the user epoch ID is a valid epoch id;
if the user epoch ID is a valid epoch ID, processing the decrypted user data and the request.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems, methods and apparatus for a distributed security that provides authentication and authorization management. The system can include an epoch processor that is used to validate authentication and authorization data that is valid only for an epoch. The epoch processor can maintain a public key that can be used to decrypt the authentication and authorization data during the epoch that the key is valid. The epoch processor can receive a new public key during each epoch. The epoch processor can also determine if the authentication or authorization data was fraudulently generated based on the contents of the data, and verifying whether the data is valid for the epoch in which it was decrypted.
-
Citations
20 Claims
-
1. A computer implemented method, comprising:
-
receiving at a processing node a current public epoch key of a current epoch key pair, wherein one attribute of the current public epoch key is a current key epoch ID that identifies the current epoch of the current public epoch key; receiving at the processing node authorized user data associated with a request; decrypting at the processing node the authorized user data using the public epoch key; determining if the decryption of the authorized user data was successful; if the decryption of the authorized user data was successful, identifying at the processing node a user epoch ID from the decrypted authorized user data; comparing at the processing node the user epoch ID to the current key epoch ID of the current public epoch key; determining at the processing node whether the user epoch ID is a valid epoch id; if the user epoch ID is a valid epoch ID, processing the decrypted user data and the request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. Software stored in a computer readable medium and comprising instructions executable by a data processing system and upon such execution cause the data processing system to perform operations comprising:
-
receiving a current public epoch key of a current epoch key pair, wherein one attribute of the current public epoch key is a current key epoch ID that identifies the current epoch of the current public epoch key; receiving a request for content and authorized user data associated with the request; decrypting the authorized user data using the public epoch key; identifying a user epoch ID from the decrypted authorized user data; determining if the user epoch ID is a valid epoch id; and if the user epoch ID is a valid epoch ID, processing the decrypted user data and the request. - View Dependent Claims (18, 19, 20)
-
Specification