Method and apparatus for encoding and storing session data
First Claim
Patent Images
1. A method for storing session data on a client computer, comprising:
- encoding said session data in a tag-length-value format to create encoded configuration data, said encoded configuration data including a time stamp;
encrypting said encoded configuration data using a modified encryption key to create encrypted encoded configuration data;
concatenating a secret, a value that represents the length of the secret, and a value that represents the length of the length of the secret with said encrypted encoded configuration data to form a session cookie;
transmitting said session cookie to said client computer;
requesting said session cookie from said client computer;
receiving said session cookie from said client computer;
extracting said secret from said session cookie;
creating said modified encryption key by inserting said secret extracted from said session cookie into a standard encryption key at a predefined location; and
decrypting said session data from said cookie using said modified encryption key.
2 Assignments
0 Petitions
Accused Products
Abstract
Session data is encoded in a tag-length-value format and encrypted using a modified encryption key. A session cookie is then formed by concatenating the length of the length of the secret, the length of the secret, the secret itself, and the encoded and encrypted configuration data. The session cookie is transmitted from a server computer to a client computer, where it is stored.
118 Citations
13 Claims
-
1. A method for storing session data on a client computer, comprising:
-
encoding said session data in a tag-length-value format to create encoded configuration data, said encoded configuration data including a time stamp; encrypting said encoded configuration data using a modified encryption key to create encrypted encoded configuration data; concatenating a secret, a value that represents the length of the secret, and a value that represents the length of the length of the secret with said encrypted encoded configuration data to form a session cookie; transmitting said session cookie to said client computer; requesting said session cookie from said client computer; receiving said session cookie from said client computer; extracting said secret from said session cookie; creating said modified encryption key by inserting said secret extracted from said session cookie into a standard encryption key at a predefined location; and decrypting said session data from said cookie using said modified encryption key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
Specification