×

Tolerance factor-based secret decay

  • US 8,996,860 B1
  • Filed: 08/23/2012
  • Issued: 03/31/2015
  • Est. Priority Date: 08/23/2012
  • Status: Expired due to Fees
First Claim
Patent Images

1. A system for managing session information, comprising:

  • at least one processor; and

    memory storing instructions that, when executed by the at least one processor, cause the system to;

    receiving a first request including at least one security credential for a client device;

    in response to authenticating the client device using the at least one security credential, providing a response including a session token, the session token including at least a timestamp and an operation count for the session, the operation count for the session configured to be updated in response to operations performed for the session;

    receiving a second request including the session token;

    decreasing the value of a tolerance factor without processing the request when at least one of the timestamp falls outside the first allowable range of the current time for the session or the operation count from the session token falls outside the second allowable range of the current operation count for the session, the first and second allowable ranges each being determined based at least in part upon the tolerance factor for the session; and

    when the timestamp falls within a first allowable range of a current time for the session and the operation count from the cookie falls within a second allowable range of a current operation count for the session;

    processing the second request;

    increasing a value of the tolerance factor if the tolerance factor is below a maximum value; and

    sending a response to the second request including an updated session token, the updated session token including an updated timestamp and an updated operation count.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×