Systems and methods for state-less authentication
DCFirst Claim
1. A method of accessing any of a plurality of resources wherein at least some of the resources do not share a common processing platform, the method comprising:
- establishing a secure communication session between a user computing device and a logon component, wherein the secure communication session comprises a temporary, interactive information exchange that is set up and then torn down;
verifying logon information provided by the user computing device to the logon component using the secure communication session and responsively generating a security context to be employed by the user computing device that is;
unique to a user of the user computing device;
necessary to access any of the plurality of resources without requiring any follow-on authorization communications between the accessed resource and the logon component.
5 Assignments
Litigations
0 Petitions
Accused Products
Abstract
Systems and methods for providing user logon and state-less authentication are described in a distributed processing environment. Upon an attempted access by a user to an online resource, transaction, or record, a logon component asks the user to supply a logon ID and a password. The logon component verifies the provided information, and upon successful identification, a security context is constructed from information relevant to the user. The security context is sent to the user and is presented to the system each time the user attempts to invoke a new resource, such as a program object, transaction, record, or certified printer avoiding the need for repeated logon processing.
54 Citations
19 Claims
-
1. A method of accessing any of a plurality of resources wherein at least some of the resources do not share a common processing platform, the method comprising:
-
establishing a secure communication session between a user computing device and a logon component, wherein the secure communication session comprises a temporary, interactive information exchange that is set up and then torn down; verifying logon information provided by the user computing device to the logon component using the secure communication session and responsively generating a security context to be employed by the user computing device that is; unique to a user of the user computing device; necessary to access any of the plurality of resources without requiring any follow-on authorization communications between the accessed resource and the logon component. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. An apparatus comprising:
-
at least one trusted computing environment component configured to facilitate; establishing a secure communication session between a user computing device and a logon component, wherein the secure communication session comprises a temporary, interactive information exchange that is set up and then torn down; verifying logon information provided by the user computing device to the logon component using the secure communication session and responsively generating a security context that is; unique to a user of the user computing device; necessary to access any of the plurality of resources without requiring any follow-on authorization communications between the accessed resource and the logon component. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A method to facilitate accessing protected on-line resources via corresponding secured transactions, comprising:
-
at a user computing device; presenting, to other than the on-line resources, at least a logon identifier; responsively receiving a corresponding stateless security context that is unique to the user, wherein no request history is retained at the user computing device and authentication using the stateless security context is independent of a particular state, application, transaction, or routine being invoked; using the stateless security context to access a plurality of differing on-line resources via a plurality of corresponding secured transactions. - View Dependent Claims (17, 18, 19)
-
Specification