Automatic re-authentication

US 7,475,421 B2
Filed: 01/25/2006
Issued: 01/06/2009
Est. Priority Date: 04/01/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A server system programmed to perform actions comprising:

authenticating a client device for a particular server session;

sharing auto-reconnect data with the client device, the auto-reconnect data including a session ID associated with the particular server session and a first random number;

after losing communications with the client device, sharing a second random number with the client device, and receiving from the client device the session ID and a session verifier that is derived at least in part from the first and second random numbers;

validating the session verifier;

upon successfully validating the session verifier, automatically re-authenticating the client device for the particular server session.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Upon successfully authenticating a client device with a server system, the client device and server system share auto-reconnect data. Upon subsequently losing and re-establishing communications with the server system, the client sends an auto-authenticate request to the server. The auto-authenticate request includes a session verifier that is based at least in part on the shared auto-reconnect data. The server validates the session verifier. If the validation is successful, the server automatically re-authenticates the client device.

52 Citations

View as Search Results

14 Claims

1. A server system programmed to perform actions comprising:
- authenticating a client device for a particular server session;
  
  sharing auto-reconnect data with the client device, the auto-reconnect data including a session ID associated with the particular server session and a first random number;
  
  after losing communications with the client device, sharing a second random number with the client device, and receiving from the client device the session ID and a session verifier that is derived at least in part from the first and second random numbers;
  
  validating the session verifier;
  
  upon successfully validating the session verifier, automatically re-authenticating the client device for the particular server session.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. A server system as recited in claim 1, wherein said re-authenticating is performed without requesting user credentials.
  - 3. A server system as recited in claim 1, wherein said sharing auto-reconnect data is performed through a secure data communications channel.
  - 4. A server system as recited in claim 1, wherein automatically re-authenticating the client device for the particular server session includes automatically re-authenticating the client device based at least partially on the session ID.
  - 5. A server system as recited in claim 1, whereinthe session verifier comprises a one-way hash based at least in part on the first and second random numbers.
  - 6. A server system as recited in claim 1, wherein said actions further comprise periodically changing at least a portion of the auto-reconnect data and sending at least said changed portion to the client device.
  - 7. A server system as recited in claim 1, further comprising periodically changing the first random number and sending it to the client device.

8. A client device programmed to perform actions comprising:
- providing user credentials to a server system to authenticate the client device with the server system;
  
  initiating a server session on a server system, the server session being associated with the client device;
  
  sharing auto-reconnect data with the server system, the auto-reconnect data including a session ID and a first random number;
  
  after losing and re-establishing communications with the server system, sharing a second random number with the server system, and deriving a session verifier at least in part from the first and second random numbers;
  
  requesting automatic re-authentication by the server system without providing user credentials, wherein said requesting comprises sending the session ID and the session verifier to the server system.
- View Dependent Claims (9, 10)
- - 9. A client device as recited in claim 8, wherein said actions further comprise periodically sharing a changed first random number with the server system.
  - 10. A client device as recited in claim 8, wherein the auto-reconnect data is received from the server system.

11. A methods comprising:
- establishing data communications between a client device and a server system;
  
  authenticating the client device for a particular server session;
  
  sharing auto-reconnect data between client device and the server system, the auto-reconnect data including a session ID associated with the particular server session and a first random number;
  
  re-establishing data communications between the client device and the server system after a communications failure;
  
  after re-establishing data communications, sharing a second random number between the client device and the server device;
  
  deriving a client session verifier at the client device at least in part from the first and second random numbers;
  
  providing the client session verifier and the session ID from the client device to the server system;
  
  deriving a server session verifier at the server system at least in part from the first and second random numbers;
  
  validating the client session verifier by comparing it to the server session verifier;
  
  upon successfully validating the session verifier, automatically re-authenticating the client device for the particular server session.
- View Dependent Claims (12, 13, 14)
- - 12. A method as recited in claim 11, whereinthe client session verifier and server session verifier comprise a one-way hash based at least in part on the first and second random numbers.
  - 13. A method as recited in claim 11, further comprising periodically changing at least a portion of the auto-reconnect data and sharing at least said changed portion between the client device and the server device.
  - 14. A method as recited in claim 11, further comprising periodically changing the first random number and sharing it between the client device and the server device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Garms, Jason, Field, Scott A., Abdo, Nadim Y., Loh, Alvin, Overton, Adam J., Parsons, John E. Jr.
Primary Examiner(s)
Revak; Christopher A

Application Number

US11/275,711
Publication Number

US 20060117106A1
Time in Patent Office

1,077 Days
Field of Search

None
US Class Current

726/3
CPC Class Codes

G06F 13/107   Terminal emulation

H04L 63/08   for authentication of entit...

H04L 63/126   the source of the received ...

H04L 67/14   Session management for real...

Automatic re-authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

52 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Automatic re-authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

52 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links