Method and system for authentication in a computer network

US 9,088,561 B2
Filed: 02/28/2005
Issued: 07/21/2015
Est. Priority Date: 05/19/2004
Status: Active Grant

First Claim

Patent Images

1. A method for authentication in a computer network, comprising:

transmitting a get_authToken message from a Universal Discovery Description and Integration (UDDI) client to a UDDI server, the get_authToken message specified in a UDDI standard as a single interaction that does not include an explicit challenge-response request, the get_authToken message requesting authentication information from the server, the get_authToken message comprising user information with at least one error in the user information, the error provided by the UDDI client specifically to trigger a challenge-response exchange with the UDDI server to request the authentication information, the challenge-response exchange providing the security of multiple interactions with the UDDI server using a mechanism specified as a single interaction, the challenge-response exchange comprising;

receiving a second message from the UDDI server in response to the get_authToken message, the second message comprising an error message and a nonce;

encrypting the nonce;

transmitting a second get_authToken message to the server in response to the second message, the second get_authToken message comprising non-erroneous and complete user information and the encrypted nonce; and

receiving authentication information from the server in response to the second get_authToken message; and

wherein the user information comprises user information with at least one username present and at least one missing password.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Method and system for authentication in a computer network is provided. A first message from a client to a server is transmitted, where the first message includes erroneous user information. In response to the first message, a second message is transmitted from the server to the client, where the second message includes an error message and a nonce. The client transmits a third message to the server in response to the second message, where the third message includes non-erroneous user information and the nonce. The server then provides authentication in response to the client'"'"'s third message.

Citations

13 Claims

1. A method for authentication in a computer network, comprising:
- transmitting a get_authToken message from a Universal Discovery Description and Integration (UDDI) client to a UDDI server, the get_authToken message specified in a UDDI standard as a single interaction that does not include an explicit challenge-response request, the get_authToken message requesting authentication information from the server, the get_authToken message comprising user information with at least one error in the user information, the error provided by the UDDI client specifically to trigger a challenge-response exchange with the UDDI server to request the authentication information, the challenge-response exchange providing the security of multiple interactions with the UDDI server using a mechanism specified as a single interaction, the challenge-response exchange comprising;
  
  receiving a second message from the UDDI server in response to the get_authToken message, the second message comprising an error message and a nonce;
  
  encrypting the nonce;
  
  transmitting a second get_authToken message to the server in response to the second message, the second get_authToken message comprising non-erroneous and complete user information and the encrypted nonce; and
  
  receiving authentication information from the server in response to the second get_authToken message; and
  
  wherein the user information comprises user information with at least one username present and at least one missing password.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, wherein the UDDI client had the non-erroneous and complete user information prior to transmitting the erroneous user information.
  - 3. The method of claim 1, wherein the second get_authToken message includes the nonce which has been signed using a PKI private key.
  - 4. The method of claim 1, wherein the authentication comprises an authentication token.

5. A system for authentication in a computer network, comprising:
- a system for transmitting a get_authToken message from a Universal Discovery Description and Integration (UDDI) client to a UDDI server, the get_authToken message specified in a UDDI standard as a single interaction that does not include an explicit challenge-response request, the get_authToken message requesting authentication information from the server, the get_authToken message comprising user information with at least one error in the user information, the error provided by the UDDI client specifically to trigger a challenge-response exchange with the UDDI server to request the authentication information, the challenge-response exchange providing the security of multiple interactions with the UDDI server using a mechanism specified as a single interaction, the challenge-response exchange comprising;
  
  a system for receiving a second message from the UDDI server in response to the get_authToken message, the second message comprising an error message and a nonce;
  
  a system for encrypting the nonce;
  
  a system for transmitting a second get_authToken message to the server in response to the second message, the second get_authToken message comprising non-erroneous and complete user information and the encrypted nonce; and
  
  a system for receiving authentication information from the server in response to the second get_authToken message; and
  
  wherein the user information comprises user information with at least one username present and at least one missing password.
- View Dependent Claims (6, 7, 8)
- - 6. The system of claim 5, wherein the UDDI client had the non-erroneous and complete user information prior to transmitting the erroneous user information.
  - 7. The system of claim 5, wherein the third message includes the nonce which is signed using a PKI private key.
  - 8. The system of claim 5, wherein the authentication comprises an authentication token.

9. A computer readable storage medium including computer executable code for authentication in a computer network, comprising:
- code for transmitting a get_authToken message from a Universal Discovery Description and Integration (UDDI) client to a UDDI server, the get_authToken message specified in a UDDI standard as a single interaction that does not include an explicit challenge-response request, the get_authToken message requesting authentication information from the server, the get_authToken message comprising user information with at least one error in the user information, the error provided by the UDDI client specifically to trigger a challenge-response exchange with the UDDI server to request the authentication information, the challenge-response exchange providing the security of multiple interactions with the UDDI server using a mechanism specified as a single interaction, the challenge-response exchange comprising;
  
  code for receiving a second message from the UDDI server in response to the get_authToken message, the second message comprising an error message and a nonce;
  
  code for encrypting the nonce;
  
  code for transmitting a second get_authToken message to the server in response to the second message, the second get_authToken message comprising non-erroneous and complete user information and the encrypted nonce; and
  
  code for receiving authentication information from the server in response to the second get_authToken message; and
  
  wherein the user information comprises user information with at least one username present and at least one missing password.
- View Dependent Claims (10, 11, 12)
- - 10. The computer readable storage medium of claim 9, wherein the UDDI client had the non-erroneous and complete user information prior to transmitting the erroneous user information.
  - 11. The computer readable storage medium of claim 9, wherein the third message includes the nonce which is signed using a PKI private key.
  - 12. The computer readable storage medium of claim 9, wherein the authentication comprises an authentication token.

13. A method for authentication in a computer network, comprising:
- receiving correct user information;
  
  transmitting to a UDDI server a first message requesting authentication information from the server, the first message comprising user information with at least one error in the user information provided by a client, the error provided by the client specifically to trigger a challenge-response exchange with the UDDI server to request the authentication information, the challenge-response exchange comprising;
  
  receiving a second message from the UDDI server in response to the first message, the second message comprising an error message and a nonce;
  
  encrypting the nonce;
  
  transmitting a third message to the server in response to the second message, the third message comprising non-erroneous and complete user information and the encrypted nonce; and
  
  receiving authentication information from the server in response to the third message; and
  
  wherein the user information comprises user information with at least one username present and at least one missing password.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Original Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Inventors
Rogers, Tony, Betts, Christopher
Primary Examiner(s)
Hirl, Joseph P
Assistant Examiner(s)
GYORFI, THOMAS A

Application Number

US11/068,149
Publication Number

US 20060020793A1
Time in Patent Office

3,795 Days
Field of Search

713/185, 709227-229
US Class Current

1/1
CPC Class Codes

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0838   using one-time-passwords

H04L 9/3228   One-time or temporary data,...

Method and system for authentication in a computer network

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for authentication in a computer network

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links