Authentication ticket processing apparatus and method with improved performance for self-contained ticket
First Claim
1. An authentication ticket processing apparatus comprising:
- an authentication ticket generator generating an authentication ticket including a valid period for a client in response to an authentication request;
a supplier supplying relevant user information including user ID information in response to a decoding request from a server regarding an authentication ticket associated with a service request when the client is to receive a series of services from a plurality of servers that are independently operable;
a memory storing and managing user information received from a user management database, the memory storing an expiration time period corresponding to a time period from receipt of information and providing access to the user management database, the expiration time period being loaded by the authentication ticket generator into the memory;
a user authentication controller checking, via a processor and when there is a need to acquire user information in response to the decoding request from the server, whether user information corresponding to the decoding request is stored in the memory, and acquiring the corresponding user information from the memory when the corresponding user information is stored in the memory;
a controller controlling data stored in the memory and deleting user information stored in the memory upon passage of the expiration time period,whereinthe valid period is separate from and independent of the expiration time period,the memory stores and associates the user information with information indicative of a time of receipt of information, the time of receipt of information being a time at which the user information is received from the user management database, andthe expiration time period is extended in response to an access of data of the memory.
1 Assignment
0 Petitions
Accused Products
Abstract
An authentication ticket processing apparatus includes a temporary data storage unit configured to keep user information upon receiving the user information from a user management database for managing user information, the temporary data storage unit allowing access thereto to be performed at higher speed than access to the user management database. The authentication ticket processing apparatus is configured such that, when there is a need to acquire user information in response to a decoding request from a server, a check is made whether user information corresponding to the decoding request is present in the temporary data storage unit, and the corresponding user information is acquired from the temporary data storage unit if the corresponding user information is present in the temporary data storage unit.
-
Citations
12 Claims
-
1. An authentication ticket processing apparatus comprising:
-
an authentication ticket generator generating an authentication ticket including a valid period for a client in response to an authentication request; a supplier supplying relevant user information including user ID information in response to a decoding request from a server regarding an authentication ticket associated with a service request when the client is to receive a series of services from a plurality of servers that are independently operable; a memory storing and managing user information received from a user management database, the memory storing an expiration time period corresponding to a time period from receipt of information and providing access to the user management database, the expiration time period being loaded by the authentication ticket generator into the memory; a user authentication controller checking, via a processor and when there is a need to acquire user information in response to the decoding request from the server, whether user information corresponding to the decoding request is stored in the memory, and acquiring the corresponding user information from the memory when the corresponding user information is stored in the memory; a controller controlling data stored in the memory and deleting user information stored in the memory upon passage of the expiration time period, wherein the valid period is separate from and independent of the expiration time period, the memory stores and associates the user information with information indicative of a time of receipt of information, the time of receipt of information being a time at which the user information is received from the user management database, and the expiration time period is extended in response to an access of data of the memory. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. An authentication ticket processing method comprising:
-
generating, at an authentication ticket generator, an authentication ticket including a valid period for a client in response to an authentication request; supplying, at a supplying unit, relevant user information including user ID information in response to a decoding request from a server regarding an authentication ticket associated with a service request when the client is to receive a series of services from a plurality of servers that are independently operable; storing and managing, in a memory, user information received from a user management database, the memory storing an expiration time period corresponding to a time period from receipt of information and providing access to the user management database, the expiration time period being loaded by the authentication ticket generator into the memory; storing and associating, at the memory, the user information with information indicative of a time of receipt of information, the time of receipt of information being a time at which the user information is received from the user management database; checking, at a user authentication controlling unit via a processor, when there is a need to acquire user information in response to the decoding request from the server, whether user information corresponding to the decoding request is stored in the memory; acquiring, at the user authentication controlling unit, the corresponding user information from the memory when the corresponding user information is stored in the memory; and deleting, at a control unit, the user information stored in the memory upon passage of the expiration time period, wherein the valid period is separate from and independent of the expiration time period, and the expiration time period is extended in response to an access of data of the memory. - View Dependent Claims (8, 9, 10, 11, 12)
-
Specification