| 摘要 |
A method and system for providing secure access to accounts on a server connected to a computer network. According to the invention, session state information corresponding to a particular account user is encrypted and transmitted to the account user who transmits the encrypted session state information back with each request. When the account user submits a request to the server, the server decrypts the encrypted session state information and validates the session state information. If the session state information is valid, the server processes the user's request. Thus, the user becomes the source of the session state information, albeit in encrypted form, rather than a central database. |
