发明名称 |
SECURE SESSION MANAGEMENT AND AUTHENTICATION FOR WEB SITES |
摘要 |
The present invention comprises a system and method for secure session management and authentication between web sites and web clients. The method includes both secure and non-secure communication protocols, means for switching between secure and non-secure communication protocols, a session cookie and an authcode cookie. The session cookie is used for session management and the authcode cookie is used for authentication. The session cookie is transmitted using a non-secure communication protocol when the web client accesses a non-secure web page, whereas, the authcode cookie is transmitted using a secure communication protocol when the web client accesses a secure web page. Session management architecture and usage of two distinct cookies along with both secure and non-secure communication protocols prevents unauthorized users from accessing sensitive web client or web site information. |
申请公布号 |
WO0245370(A3) |
申请公布日期 |
2003.03.13 |
申请号 |
WO2001EP12963 |
申请日期 |
2001.11.09 |
申请人 |
INTERNATIONAL BUSINESS MACHINES CORPORATION;IBM DEUTSCHLAND GMBH |
发明人 |
KOU, WEI DONG;MIRLAS, LEV;ZHAO, YAN, CHUN |
分类号 |
G06F15/00;G06F21/20;G09C1/00 |
主分类号 |
G06F15/00 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|