System and method for authenticating entities to users

US 7,562,222 B2
Filed: 03/23/2005
Issued: 07/14/2009
Est. Priority Date: 05/10/2002
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating that a communication originated from an entity, comprising:

providing a token from the entity to a user;

receiving the token from the user by a registry, the registry comprising a processor and a memory coupled to the processor;

attempting to authenticate by the registry at least a portion of the token as originating from the entity; and

responsive to the token being authenticated, displaying information associated with the user by the registry;

wherein the associated information displayed to the user differs from information associated with at least one other user and displayed to the at least one other user, the associated information displayed to the user comprises customization information selected by or supplied by the user, and the associated information displayed to the user comprises a shared secret between the user and the registry; and

wherein the token comprises a shared cookie between the entity and the registry.

View all claims

16 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method communicates information from an entity that a registry can use to authenticate the entity to a user. If the registry authenticates the entity, it displays information that represents a shared secret between the registry and the user.

302 Citations

20 Claims

1. A method of authenticating that a communication originated from an entity, comprising:
- providing a token from the entity to a user;
  
  receiving the token from the user by a registry, the registry comprising a processor and a memory coupled to the processor;
  
  attempting to authenticate by the registry at least a portion of the token as originating from the entity; and
  
  responsive to the token being authenticated, displaying information associated with the user by the registry;
  
  wherein the associated information displayed to the user differs from information associated with at least one other user and displayed to the at least one other user, the associated information displayed to the user comprises customization information selected by or supplied by the user, and the associated information displayed to the user comprises a shared secret between the user and the registry; and
  
  wherein the token comprises a shared cookie between the entity and the registry.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1 wherein the cookie comprises a shared-domain cookie.
  - 3. The method of claim 1 wherein:
    - the token additionally comprises information in a link;
      
      the receiving step is responsive to a user pressing the link; and
      
      the attempting step is responsive to the information in the link.
  - 4. The method of claim 1 further comprising a step of providing a token from the entity to the registry via a secure back-channel.
  - 5. The method of claim 1 wherein the token comprises a device ID.

6. An apparatus for use by a registry in authenticating that a communication originated horn an entity, the apparatus comprising:
- a processor; and
  
  a memory coupled to the processor;
  
  wherein the processor is operative;
  
  to receive the token from a user, the token having been provided to the user by the entity;
  
  to attempt to authenticate at least a portion of the token as originating from the entity; and
  
  responsive to the token being authenticated, to display to the user information associated with the user by the registry;
  
  wherein the associated information displayed to the user differs from information associated with at least one other user and displayed to the at least one other user, the associated information displayed to the user comprises customization information selected by or supplied by the user, and the associated information displayed to the user comprises a shared secret between the user and the registry; and
  
  wherein the token comprises a shared cookie between the entity and the registry.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The apparatus of claim 6 wherein the cookie comprises a shared-domain cookie.
  - 8. The apparatus of claim 6 wherein:
    - the token additionally comprises information in a link; and
      
      the apparatus receives the token from the user responsive to a user pressing the link and attempts to authenticate at least a portion of the token responsive to the information in the link.
  - 9. The apparatus of claim 6 wherein the apparatus receives the token from the entity via a secure back-channel.
  - 10. The apparatus of claim 6 wherein the token comprises a device ID.

11. An article of manufacture comprising a machine-readable storage medium encoded with executable instructions for use by a registry in authenticating that a communication originated from an entity, the instructions, when executed by a processor associated with the registry, implementing die steps of:
- receiving a token from a user, the token having been provided to the user by the entity;
  
  attempting to authenticate at least a portion of the token as originating from the entity; and
  
  responsive to the token being authenticated, displaying to the user information associated with the user by the registry;
  
  wherein the associated information displayed to the user differs from information associated with at least one other user and displayed to the at least one other user, the associated information displayed to the user comprises customization information selected by or supplied by the user, and the associated information displayed to the user comprises a shared secret between the user and the registry; and
  
  wherein the token comprises a shared cookie between the entity and the registry.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The article of claim 11 wherein the cookie comprises a shared-domain cookie.
  - 13. The article of claim 11 wherein:
    - the token additionally comprises information in a link; and
      
      the registry receives the token from the user responsive to a user pressing the link and attempts to authenticate at least a portion of the token responsive to the information in the link.
  - 14. The article of claim 11 wherein the registry receives the token from the entity via a secure back-channel.
  - 15. The article of claim 11 wherein the token comprises a device ID.

16. A system for authenticating that a communication originated from an entity server, comprising:
- an entity server, comprising a processor and a memory coupled to the processor, wherein the processor is operative to provide a token to a user system, the user system being operative to transmit the token to the registry server; and
  
  a registry server, comprising a processor and a memory coupled to the processor, wherein the processor is operative;
  
  to attempt to authenticate at least a portion of the token as originating from the entity server; and
  
  responsive to the token being authenticated, to transmit to the user system information associated with the user system by the registry server;
  
  wherein the user system displays at least a portion of the associated information;
  
  wherein the associated information displayed by the user system differs from information associated with at least one other user system and displayed by the at least one other user system, the associated information displayed by the user system comprises customization information selected by or supplied by the user system, and the associated information displayed by the user system comprises a shared secret between the user system and the registry server; and
  
  wherein the token comprises a shred cookie between the entity server and the registry server.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The system of claim 16 wherein the cookie comprises a shared-domain cookie.
  - 18. The system of claim 16 wherein:
    - the token additionally comprises information in a link; and
      
      the registry sewer receives the token from the user system responsive to a user pressing the link and attempts to authenticate at least a portion of the token responsive to the information in the link.
  - 19. The system of claim 16 wherein the registry server receives the token from the entity server via a secure back-channel.
  - 20. The system of claim 16 wherein the token comprises a device ID.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Emc IP Holding Company LLC (Dell Technologies Inc.)
Original Assignee
RSA Security Incorporated (Symphony Technology Group LLC)
Inventors
Gasparini, Louis A, Harris, William H
Primary Examiner(s)
Moazzami; Nasser G
Assistant Examiner(s)
ABEDIN, SHANTO

Application Number

US11/088,349
Publication Number

US 20050268100A1
Time in Patent Office

1,574 Days
Field of Search

713/170, 713/156, 713/176, 713/185, 713/168, 713/155, 726/2, 726/3, 726/1, 726/5, 726/10
US Class Current

713/170
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/60   Digital content management,...

H04L 63/0823   using certificates cryptogr...

H04L 63/1441   Countermeasures against mal...

H04L 63/1483   service impersonation, e.g....

H04L 63/168   above the transport layer

H04L 9/3213   using tickets or tokens, e....

H04L 9/3247   involving digital signatures

System and method for authenticating entities to users

First Claim

16 Assignments

0 Petitions

Accused Products

Abstract

302 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for authenticating entities to users

First Claim

16 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

302 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links