VERIFYING REQUESTS FOR ACCESS TO A SERVICE PROVIDER USING AN AUTHENTICATION COMPONENT

US 20160241547A1
Filed: 01/12/2016
Published: 08/18/2016
Est. Priority Date: 06/15/2011
Status: Active Grant

First Claim

Patent Images

1. In a computing environment, a method performed at least in part on at least one processor, comprising:

processing at least one verification request for accessing a service provider, including examining at least one security token, wherein each of the at least one security token and a public key is configured using at least one user identifier, accessing an authentication component that is generated using at least one revoked security token or at least one valid security token, and applying the authentication component to the public key to verify the security token, wherein the authentication component is configured to prove validity of the at least one security token.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The subject disclosure is directed towards processing requests for accessing a service provider. After examining at least one security token, a public key and a portion of attribute information are identified. An authentication component is accessed and applied to the public key. A unique user identifier is employed in generating the public key. The authentication component is generated using information from at least one revoked security token or at least one valid security token. The authentication component is configured to prove validity of the at least one security token.

25 Citations

View as Search Results

20 Claims

1. In a computing environment, a method performed at least in part on at least one processor, comprising:
- processing at least one verification request for accessing a service provider, including examining at least one security token, wherein each of the at least one security token and a public key is configured using at least one user identifier, accessing an authentication component that is generated using at least one revoked security token or at least one valid security token, and applying the authentication component to the public key to verify the security token, wherein the authentication component is configured to prove validity of the at least one security token.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 wherein accessing the authentication component further comprises accessing an accumulator representing the at least one revoked security token or the at least one valid security token.
  - 3. The method of claim 2 further comprising computing the accumulator using at least one private key and at least one user identifier associated with the at least one revoked security token or the at least one valid security token.
  - 4. The method of claim 3 wherein accessing the authentication component further comprises generating at least one witness value using a private key corresponding with the at least one security token, wherein the at least one witness value complements the accumulator.
  - 5. The method of claim 3, wherein accessing the authentication component further comprises updating at least one witness value using the accumulator and a new accumulator.
  - 6. The method of claim 5, wherein accessing the authentication component further comprises generating the authentication component using the at least one witness value and the attribute information.
  - 7. The method of claim 1, wherein accessing the authentication component further comprises determining membership or non-membership within the at least one revoked security token or the at least one valid security token.
  - 8. The method of claim 1, wherein the each of the at least one security token comprises at least a portion of attribute information.
  - 9. The method of claim 1, wherein examining the at least one security token further comprises computing the at least one user identifier.

10. In a computing environment, a system, comprising:
- a verification mechanism coupled to an authentication service for issuing at least one security token and computing an authentication component using a private key associated with the at least one user identifier and at least one private key associated with at least one revoked security token or at least one valid security token, wherein the at least one security token is configured using at least one user identifier, and wherein the verification mechanism is configured to apply the authentication component to a public key associated with the at least one user identifier to provide validity of the at least one security token.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. The system of claim 10, wherein the verification mechanism selects at least one portion of attribute information.
  - 12. The system of claim 10, wherein the verification mechanism applies the authentication component to a public key stored in a security token of the at least one security token, wherein the security token of the at least one security token comprises an encoding of the at least one portion of the attribute information.
  - 13. The system of claim 10, wherein authentication service compares at least one witness value with an accumulator representing the at least one revoked security token or the at least one valid security token.
  - 14. The system of claim 10, wherein the authentication service updates at least one witness value using the accumulator and a new accumulator, wherein the at least one witness value is used to generate the authentication component.
  - 15. The system of claim 10, wherein the verification mechanism determines membership or non-membership within the at least one revoked security token or the at least one valid security token.
  - 16. The system of claim 10, wherein the authentication service computes the at least one user identifier.

17. One or more computer-readable media having computer-executable instructions, which when executed perform steps, comprising:
- processing a security token from at least one user;
  
  accessing an authentication component associated with the security token, wherein each of the at least one security token and the public key is generated using at least one user identifier; and
  
  accessing an authentication component for proving validity of the at least one security token to the service provider, wherein the authentication component is generated using at least one user identifier associated with at least one revoked security token or at least one valid security token and at least a portion of the attribute information.
- View Dependent Claims (18, 19, 20)
- - 18. The one or more computer-readable media of claim 17 having further computer-executable instructions comprising:
    - applying the authentication component to the public key.
  - 19. The one or more computer-readable media of claim 17 having further computer-executable instructions comprising:
    - determining membership or non-membership within the at least one revoked security token or the at least one valid security token.
  - 20. The one or more computer-readable media of claim 17 having further computer-executable instructions comprising:
    - selecting the at least a portion of the attribute information to be encoded on a security of the at least one security token that is communicated to the service provider.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Inventors
Nguyen, Duy Lan, Acar, Tolga

Granted Patent

US 10,623,398 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06Q 20/341   Active cards, i.e. cards in...

H04L 2209/84   Vehicles

H04L 63/0435   wherein the sending and rec...

H04L 63/0442   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0823   using certificates cryptogr...

H04L 63/0853   using an additional device,...

H04L 9/0866   involving user or device id...

H04L 9/3073   involving pairings, e.g. id...

H04L 9/3234   involving additional secure...

H04L 9/3268   using certificate validatio...

VERIFYING REQUESTS FOR ACCESS TO A SERVICE PROVIDER USING AN AUTHENTICATION COMPONENT

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

25 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

VERIFYING REQUESTS FOR ACCESS TO A SERVICE PROVIDER USING AN AUTHENTICATION COMPONENT

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

25 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links