Method and system for providing client privacy when requesting content from a public server
First Claim
1. A method of providing client privacy when requesting content from an application server, comprising the steps of:
- receiving a request for a ticket granting ticket (TGT ticket) from a client;
generating the TGT ticket with an identity of the client encrypted therein;
sending the TGT ticket to the client;
receiving a request for a service ticket (ST ticket) for the application server from the client that includes the TGT ticket and that does not provide the identity of the client in the clear;
generating the ST ticket with the identity of the client encrypted therein; and
sending the ST ticket to the client without providing the identity of the client in the clear.
4 Assignments
0 Petitions
Accused Products
Abstract
Method and system for providing client privacy on the Internet when the client requests content from a public application server. The method is well-suited to key management protocols that utilize the concept of tickets. The client name or identity is encrypted in all key management messages where the client is requesting a ticket for a specific application server. The key management messages are between the client and a key distribution center (KDC) and between the client and the specific application server. The KDC does not provide the client name or identity in the clear in such messages. This prevents the client'"'"'s identity from being linked with the content provided by the specific application server, which results in improved user privacy.
-
Citations
16 Claims
-
1. A method of providing client privacy when requesting content from an application server, comprising the steps of:
-
receiving a request for a ticket granting ticket (TGT ticket) from a client;
generating the TGT ticket with an identity of the client encrypted therein;
sending the TGT ticket to the client;
receiving a request for a service ticket (ST ticket) for the application server from the client that includes the TGT ticket and that does not provide the identity of the client in the clear;
generating the ST ticket with the identity of the client encrypted therein; and
sending the ST ticket to the client without providing the identity of the client in the clear. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 16)
-
-
11. A system for providing client privacy when requesting content from an application server, comprising:
-
an authentication server configured to receive a request for a ticket granting ticket (TGT ticket) from a client, generate the TGT ticket with an identity of the client encrypted therein, and send the TGT ticket to the client; and
a ticket granting server configured to receive a request for a service ticket (ST ticket) for the application server from the client that includes the TGT ticket and that does not provide the identity of the client in the clear, generate the ST ticket with the identity of the client encrypted therein, and send the ST ticket to the client without providing the identity of the client in the clear. - View Dependent Claims (12, 13, 14, 15)
-
Specification