Method and system for maintaining client server security associations in a distributed computing system
First Claim
Patent Images
1. A method for maintaining a secure association between a client and a server in a distributed computing system, said method comprising the steps of:
- issuing a security token to the client;
sending, by the client, the security token to the server with a first request by the client to the server;
validating, for the server, the security token sent by the client;
computing a session identifier as a cryptographic signature function of the security token at the client; and
tagging each subsequent request by the client to the server with the session identifier such that the session identifier may be cryptographically verified at the server.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for maintaining a secure association between a client and a server in a distributed computing system by computing a session identifier as a function of a Kerberos-based authentication ticket. The session identifier is independently derived or verified by the client and the server upon a first request by the client to the server, and each subsequent request by the client to the server is tagged with this session identifier to provide a reliable security association.
117 Citations
12 Claims
-
1. A method for maintaining a secure association between a client and a server in a distributed computing system, said method comprising the steps of:
-
issuing a security token to the client; sending, by the client, the security token to the server with a first request by the client to the server; validating, for the server, the security token sent by the client; computing a session identifier as a cryptographic signature function of the security token at the client; and tagging each subsequent request by the client to the server with the session identifier such that the session identifier may be cryptographically verified at the server. - View Dependent Claims (2, 3, 4)
-
-
5. A distributed computing system comprising:
-
at least one client; at least one server; a communications network interconnecting the client and the server; means for issuing a security token to the client; means for sending, by the client, the security token to the server with a first request by the client to the server; means for validating, for the server, the security token sent by the client; means for computing a session identifier as a cryptographic signature function of the security token at said at least one client; and means for tagging each subsequent request by the client to the server with the session identifier such that the session identifier may be cryptographically verified at the server. - View Dependent Claims (6, 7, 8)
-
-
9. A computer readable medium comprising means for maintaining a secure association between a client and a server in a distributed computing system, including:
-
means for issuing a security token to the client; means for sending, by the client, the security token to the server with a first request by the client to the server; means for validating, for the server, the security token sent by the client; means for computing a session identifier as a cryptographic signature function of the security token at the client; and means for tagging each subsequent request by the client to the server with the session identifier such that the session identifier may be cryptographically verified at the server. - View Dependent Claims (10, 11, 12)
-
Specification