| 摘要 |
<p>Cryptographically assured data structures are created (Fig. 2) to enable a single sign on and/or authentication method for securely transferring user authentication information from a first computer (110) to a second computer (120) to allow the user (100) to seamlessly interact with the second computer (120) without necessarily re-authenticating himself thereto. Thus, if a second computer trusts the methods used by a first computer (110) to authenticate a user, then the second computer can use a cryptographically assured cookie created by the first computer to authenticate the user, without requiring the user to perform an explicit authentication step at the second computer. More particularly, a cryptographically assured cookie (150) is made by creating a cryptographically assured voucher (160) of a user characteristic (170) at the first computer, and embedding the voucher into a cookie for transmission to the user's computer (100) and hence to the second computer (120).</p> |
