System for seamlessly updating service keys with automatic recovery
First Claim
1. A method for maintaining security in a communication system that provides a service to a client, the method comprising:
- receiving an error message with an authenticator in response to an access request.
4 Assignments
0 Petitions
Accused Products
Abstract
Application servers are programmed such that when an application server changes a compromised service key, the compromised key is saved by the application server until all tickets that may have been issued under the compromised key expire. Whenever the application server receives a ticket from a client issued under the compromised key, it generates an authenticator for an error message using the session key extracted from the ticket and sends the error message with this authenticator to the client. Clients are programmed to be able to receive error messages from application servers that have changed their service keys. Because the error messages include an authenticator generated by the application server using the session key extracted from the compromised ticket, the client is able to rely on the error message. The client is able to automatically request a new ticket from a key distribution center in response to a successful authentication of the error message.
59 Citations
18 Claims
-
1. A method for maintaining security in a communication system that provides a service to a client, the method comprising:
receiving an error message with an authenticator in response to an access request. - View Dependent Claims (3, 4, 5, 6, 7, 8)
-
2. A method for automatically recovering from a service key change in a communication system, the method comprising:
-
receiving a ticket from a client, the ticket being encrypted with a service key;
determining that the service key has been compromised;
decrypting the ticket using the compromised service key;
generating an error message; and
generating an authenticator for the error message, the authenticator being keyed with a session key obtained from the ticket.
-
-
9. A method for seamlessly updating a compromised service key, the method comprising:
-
providing a session key from the a client to an application server, the session key being encrypted by the compromised service key;
using the compromised service key to derive the session key; and
sending an error message from the application server to the client, the error message being accompanied by an authenticator keyed with the session key. - View Dependent Claims (10, 11, 12, 13, 15, 16)
-
-
14. A method for allowing a client to recover from a change in an application server service key, the method comprising:
-
receiving an authenticated error message from an application server;
authenticating the error message; and
in response to a successful authentication of the error message, requesting a new ticket for accessing the application server.
-
-
17. A processor readable storage medium, having encoded thereon processor readable program code, such that said processor readable program code is operable to cause a processor to perform a method for allowing a client to recover from a change in an application server service key, the method comprising:
-
receiving an authenticated error message from an application server;
authenticating the error message; and
in response to a successful authentication of the error message, requesting a new ticket from a key distribution center for the application server.
-
-
18. A processor readable storage medium, having encoded thereon processor readable program code, such that said processor readable program code is operable to cause a processor to perform a method for allowing a client to recover from a change in an application server service key from a compromised service key to a new service key, the method comprising:
-
receiving a ticket from a client encrypted with a compromised service key;
decrypting the ticket using the compromised service key; and
sending to the client an authenticator along with an error message, where the authenticator is keyed with a session key from the ticket encrypted with the compromised service key.
-
Specification