×

Secure and anonymous distributed authentication

  • US 9,565,019 B1
  • Filed: 08/18/2015
  • Issued: 02/07/2017
  • Est. Priority Date: 09/28/2012
  • Status: Active Grant
First Claim
Patent Images

1. A method of providing access to storage of a central entity, the method comprising:

  • at a computing device of the central entity, sharing a secret with a tenant server of a tenant organization of a plurality of tenant organizations, the tenant server being configured to provide authentication services for accessing the storage at the central entity, the central entity being remote from the tenant server;

    at the computing device of the central entity, receiving a storage request from an end client device, the end client device being remote from the central entity;

    at the computing device of the central entity, extracting an identification of the tenant organization from a core portion of the storage request, the core portion including the identification of the tenant and inner lease terms identifying an inner lease between the tenant organization and a client of the tenant organization;

    at the computing device of the central entity, selecting the shared secret of the tenant organization identified by the extracted identification of the tenant organization;

    at the computing device of the central entity, cryptographically combining the core portion and the selected shared secret to generate a preliminary test signature;

    at the computing device of the central entity, performing a computation using the preliminary test signature and a body portion of the storage request to generate a final test signature, the body portion including the core portion and an object identifier;

    at the computing device of the central entity, comparing the final test signature with a signature from the storage request; and

    at the computing device of the central entity, selectively permitting the end client device to access an object identified by the object identifier depending on a result of a selection operation, the selection operation indicating a lack of permission when the comparison is negative and the selection operation indicating permission only when the comparison is positive.

View all claims
  • 9 Assignments
Timeline View
Assignment View
    ×
    ×