Method and system for modular authentication and session management
First Claim
1. A method comprising:
- generating, by a computer for providing security, random data based on authentication credentials;
retrieving, by said computer, a timestamp;
creating, by said computer, an incremental token identifier;
concatenating, by said computer, said random data, said timestamp, and said incremental token identifier to create a Binary Large Object (BLOB);
applying, by said computer, an encryption algorithm with a fixed key to said BLOB to create a session token; and
issuing, by said computer, said session token to a client, wherein said session token includes data indicating a manner by which said client was validated and access type information identifying characteristics of a first request.
3 Assignments
0 Petitions
Accused Products
Abstract
Modular authentication and session management involves the use of discrete modules to perform specific tasks in a networked computing environment. There may be a separate authentication server that verifies the identity of the user and an authorization client that grants various levels of access to users. There may also be an authentication client that receives an initial request from a requesting application and forwards the request to the authentication server to verify the identity of the use. The authorization client may then be invoked to provide the necessary level of access. The use of discrete modules allows multiple business applications to use the same modules to perform user authentication tasks, thus alleviating the unnecessary multiplication of code.
24 Citations
21 Claims
-
1. A method comprising:
-
generating, by a computer for providing security, random data based on authentication credentials; retrieving, by said computer, a timestamp; creating, by said computer, an incremental token identifier; concatenating, by said computer, said random data, said timestamp, and said incremental token identifier to create a Binary Large Object (BLOB); applying, by said computer, an encryption algorithm with a fixed key to said BLOB to create a session token; and issuing, by said computer, said session token to a client, wherein said session token includes data indicating a manner by which said client was validated and access type information identifying characteristics of a first request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. An article of manufacture including a non-transitory computer readable storage medium having instructions stored thereon that are executable by a computer for providing security to cause said computer to perform operations comprising:
-
generating, by said computer, random data based on authentication credentials; retrieving, by said computer, a timestamp; creating, by said computer, an incremental token identifier; concatenating, by said computer, said random data, said timestamp, and said incremental token identifier to create a Binary Large Object (BLOB); applying, by said computer, an encryption algorithm with a fixed key to said BLOB to create a session token; and issuing, by said computer, said session token to a authentication client, wherein said session token includes data indicating a manner by which said client was validated and access type information identifying characteristics of a first request.
-
-
21. A system comprising:
-
a processor; a non-transitory memory configured to communicate with the processor; said tangible, non-transitory memory having instructions stored thereon that are executable by said processor to cause said processor to perform operations comprising; generating, by said processor, random data based on authentication credentials; retrieving, by said processor, a timestamp; creating, by said processor, an incremental token identifier; concatenating, by said processor, said random data, said timestamp, and said incremental token identifier to create a Binary Large Object (BLOB); applying, by said processor, an encryption algorithm with a fixed key to said BLOB to create a session token; and issuing, by said processor, said session token to a authentication client, wherein said session token includes data indicating a manner by which said client was validated and access type information identifying characteristics of a first request.
-
Specification