Method and apparatus for using a third party authentication server
First Claim
Patent Images
1. A method of authenticating a client, the method comprising in an authentication server:
- receiving a record ID for a user, the record ID being a random value generated for tracking authentication data and disassociating the authentication data from other client identity data, and a one-time key generated by a third party server and encrypted with a user'"'"'s public key by the server;
receiving the user'"'"'s authentication data from the client;
determining if the user'"'"'s authentication data matches stored data associated with the record ID; and
if so, decrypting the one-time key with a user'"'"'s private key, and returning the decrypted one-time key to the client.
4 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for a third party authentication server is described. The method includes receiving a record ID for a user, and a one-time key generated by the server and encrypted with a user'"'"'s public key by the server. The method further includes receiving the user'"'"'s authentication data from the client, and determining if the user'"'"'s authentication data matches the record ID. If the authentication data matches the record ID, decrypting the one-time key with the user'"'"'s private key, and returning the decrypted one-time key to the client.
157 Citations
31 Claims
-
1. A method of authenticating a client, the method comprising in an authentication server:
-
receiving a record ID for a user, the record ID being a random value generated for tracking authentication data and disassociating the authentication data from other client identity data, and a one-time key generated by a third party server and encrypted with a user'"'"'s public key by the server; receiving the user'"'"'s authentication data from the client; determining if the user'"'"'s authentication data matches stored data associated with the record ID; and if so, decrypting the one-time key with a user'"'"'s private key, and returning the decrypted one-time key to the client. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method of using an authentication server to authenticate a user to a third party server, the method comprising the third party server:
-
looking up a record ID associated with the user, the record ID being a random value generated to track the user'"'"'s authentication data and used to separate the user'"'"'s other identity information from the authentication data; generating a one-time key and encrypting the one-time key with a public key of the user, and sending the encrypted one-time key and the record ID to the user; receiving the authentication data, the authentication data being the decrypted one-time key decrypted with the user'"'"'s private key by the authentication server, such that the user does not have control of the user'"'"'s private key at any time; and permitting access to the server. - View Dependent Claims (15, 16)
-
-
17. An authentication system comprising:
-
an authentication server to receive a record ID for a user, the record ID being a randomly generated value used to separate the user'"'"'s other identity information from the user'"'"'s authentication data, and a one-time key generated by a third party server and encrypted with a user'"'"'s public key by the third party server; a comparison logic in the authentication server to receive user authentication data from a client and determine whether the user'"'"'s authentication data matches stored data associated with the record ID; and a decryption logic in the authentication server to decrypt the one-time key with a private key associated with the validated record ID, and to return the decrypted one-time key to the client. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
Specification