×

Pass-thru for client authentication

  • US 7,644,275 B2
  • Filed: 04/15/2003
  • Issued: 01/05/2010
  • Est. Priority Date: 04/15/2003
  • Status: Expired due to Fees
First Claim
Patent Images

1. An apparatus comprising:

  • a first server for presenting evidence to a Domain Controller (DC) of a first authentication context being submitted from a client to the first server to obtain a delegable credential by;

    the first server providing information to the client, wherein the client generates signed data, a client credential, and a premaster secret to communicate with the first server;

    the first server authenticating the client using the client credential thereby establishing a secure channel between the client and the first server;

    the first server presenting a first authentication to the Domain Controller;

    the first server requesting a second authentication context from that same client to a second server using the client credential, wherein the Domain Controller assures the second server that the first server authenticated the client;

    the first server being a front end server and the second server being a back end server; and

    the first server proving to the Domain Controller that the first server authenticated the client, the proving being by the first server presenting evidence of that authentication to the Domain Controller thereby establishing another secure channel between the client and the second server;

    the first server requesting a third authentication context from the same client to a third server and proving to the Domain Controller that the client authenticated itself to the first server wherein a series of secure and distinct channels is established between the client and each of the servers.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×