| 发明名称 |
Securely processing client credentials used for web-based access to resources |
| 摘要 |
The present invention provides for securely processing client credentials used for Web-based access to resources. A login page with an interface for entering user credentials is presented at a client and entered user credentials are sent to the server. In response to receiving user credentials, the server generates a unique session identifier for the client. The server also derives a digital signature for the user credentials based on a current key in a rotating key store and the unique session identifier. The server then encrypts the digital signature and the user credentials based on an encryption key derived from the current key and the unique session identifier. When encrypted credentials are received back at the client, keys from the rotating key store are used to attempt to validate the credentials. If user credentials can not be validated, a user is again presented with the login page. |
| 申请公布号 |
EP1422907(A2) |
申请公布日期 |
2004.05.26 |
| 申请号 |
EP20030026812 |
申请日期 |
2003.11.20 |
| 申请人 |
MICROSOFT CORPORATION |
发明人 |
BRACEWELL, SHAWN DEREK;WARD, RICHARD B.;SIMPSON, RUSSELL LEE, JR.;BATTHISH, KARIM MICHEL |
| 分类号 |
G06F21/20;H04L29/06;G06F15/00;G09C1/00;H04L9/08;H04L9/16;H04L9/32 |
主分类号 |
G06F21/20 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
|
| 地址 |
|
