System and method for authenticating clients in a client-server environment

A server system and client technology, applied in the field of authentication, to achieve the effect of simplifying the digital signature authentication process

Inactive Publication Date: 2006-08-16
IBM CORP
View PDF0 Cites 18 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This can cause a lot of unnecessary network traffic between the client and server, since the server application itself ultimately determines the type of authentication
[0010] Furthermore, the existing digital signature authentication process has the disadvantage that some screens must be exchanged between the client and server until the client can provide its authentication information
This causes a lot of unnecessary network traffic

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System and method for authenticating clients in a client-server environment
  • System and method for authenticating clients in a client-server environment
  • System and method for authenticating clients in a client-server environment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0023] Referring to Figures 1A and 1B, there is shown a client-server environment in which the present invention is preferably used. It should be noted, however, that the present invention can be used on every client-server environment using a communication protocol that allows header extensions without interfering with normal protocol usage. Therefore, the present invention and its preferred embodiments will be illustrated and explained based on the presently known HTTP-protocol.

[0024] The HTTP-protocol (Hypertext Transfer Protocol) is an application layer protocol for distributed systems. It is a set of rules for exchanging files (text, graphics, images, sound, video, and other multimedia files). Any web server machine 3 contains an HTTP-daemon or a so-called HTTP-server 4, which is a program designed to wait for HTTP-requests and process them when they arrive. Furthermore, each client machine 1 contains a web browser or a so-called HTTP-client 2 which sends requests to...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The idea of the present invention is to replace the existing password / user ID based authentication process by a new digital signature authentication process in which preferably the first HTTP-request header is extended by the client authentication information independently of the authentication process used by the destination server and without server requesting authentication information. The authentication information preferably includes the client certificate containing the client public key, signed by certification authority, and preferably a hash value calculated over the HTTP-request header data being sent in the request, and encrypted with the Client's private key. The certificate and digital signature may be added during the creation of the HTTP-request header in the client system itself, or may be added later in a server acting as a gateway, proxy, or tunnel. A destination server that does not support the new digital signature authentication process will simply ignore the certificate and digital signature in the HTTP-request header and will automatically initiate its own authentication process. The present invention simplifies the existing digital signature authentication process and concurrently allows the coexistence of different authentication processes without changing the HTTP-protocol or causing unnecessary network traffic.

Description

technical field [0001] The present invention relates generally to authentication, and in particular to authentication in a client-server environment, and more particularly to authentication of clients in the Internet. Background technique [0002] Authentication is the process of determining whether someone or something is actually who or what it is claimed to be. In private or public computer networks, authentication is usually accomplished through the use of login passwords. Typically, each server maintains its own data persistence for storing authentication data. Therefore, a password that is usable by a client on one server may have been blocked by another client on another server. This increases the number of different authentication sets the client has to remember and maintain. In an application distributed over multiple servers with different user authentication systems (for example, accessing the application through a portal server that uses its own user database)...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06F21/34H04L29/08
CPCH04L63/0823H04L67/02H04L69/22H04L63/0884H04L9/32G06F17/00G06F15/00
Inventor J·哈格梅尔J·布鲁科罗斯T·库斯莫尔
Owner IBM CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap