Initial password security accentuated by triple encryption and hashed cache table management on the hosted site's server
First Claim
1. A method for providing a temporary password in an internet hosted environment comprising:
- providing a central user password database including at least one temporary password that is associated with a user, the at least one password being randomly generated and not being known to the user;
receiving a temporary password request from a client machine of the user at a hosted server, the temporary password request including a user ID (“
userID”
) and a business unit ID (“
BUID”
);
extracting the temporary password from the central user password database, the extracting step including using the userID as a key and verifying that the BUID in the temporary password request matches a BUID associated with the temporary password in the central user password database;
triply-sequenced encrypting of the temporary password at the hosted server of the internet hosted environment, the triply-sequenced encrypting including;
encrypting the user'"'"'s client machine'"'"'s domain name using the BUID as a key which results in a “
string X”
;
encrypting the temporary password using string X as a key which results in a “
string Y”
;
encrypting string Y using a public key of the user as the key which results in a “
string Z”
; and
transporting string Z to a client side of the internet hosted environment.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for remote services authentication in an internet hosted environment includes a high level process and functionality for a secure, practical and logically optimized inter-network authentication mechanism by employees, partners and customers of an enterprise into the hosted Internet site. The lightweight authentication and authorization mechanism can be most effectively implemented in Java as part of the application or web server servlet. The method for remote services authentication includes initial secure password establishment, subsequent authentication and authorization, as well as authentication and authorization upon resuming previously run sessions with the hosted server using Internet cookies.
155 Citations
19 Claims
-
1. A method for providing a temporary password in an internet hosted environment comprising:
-
providing a central user password database including at least one temporary password that is associated with a user, the at least one password being randomly generated and not being known to the user; receiving a temporary password request from a client machine of the user at a hosted server, the temporary password request including a user ID (“
userID”
) and a business unit ID (“
BUID”
);extracting the temporary password from the central user password database, the extracting step including using the userID as a key and verifying that the BUID in the temporary password request matches a BUID associated with the temporary password in the central user password database; triply-sequenced encrypting of the temporary password at the hosted server of the internet hosted environment, the triply-sequenced encrypting including; encrypting the user'"'"'s client machine'"'"'s domain name using the BUID as a key which results in a “
string X”
;encrypting the temporary password using string X as a key which results in a “
string Y”
;encrypting string Y using a public key of the user as the key which results in a “
string Z”
; andtransporting string Z to a client side of the internet hosted environment. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for use in remote services authentication in an internet hosted environment comprising:
-
accepting a login from a user at a hosted server with a combination of a user ID (“
userID”
) of the user, a business unit ID (“
BUID”
) of the user, and a random temporary password of the user which was sent earlier to the user using triple encryption and which was subsequently decrypted and entered into a login screen with a predetermined period, the triple encryption including;encrypting the user'"'"'s client machine'"'"'s domain name using the BUID as a key which results in a “
string X”
;encrypting the temporary password using string X as a key which results in a “
string Y”
; andencrypting string Y using a public key of the user as the key which results in a “
string Z”
; andlooking up a record in a cache using the userID as an index key to a cache table;
each record in the cache table including;a user ID (“
userID”
); anda credential comprising a hash of the userID and a temporary password. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A method for providing a temporary password in an internet hosted environment, the method comprising:
-
encrypting a temporary password at a hosted server of the internet hosted environment, the encrypting including; encrypting a client machine domain name of a user using a business unit ID (“
BUID”
) of the user as a key which results in a “
string X”
;encrypting the temporary password suing string X as a key which results in a “
string Y”
;encrypting string Y using a public key of the user as the key which results in a “
string Z”
; andtransporting string X to a client side of the internet hosted environment; and obtaining the temporary password by the client side;
wherein the obtaining step includes;encrypting the client machine domain name using the BUID as a key which results in string X; decrypting string Z using a private key of the user as a key which results in string Y; and decrypting string Y using string X as a key which results in the temporary password. - View Dependent Claims (19)
-
Specification