IDiyas

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 7992198 B1

PDFFull Text
Date of Patent:
Aug. 02, 2011

Filed:

Sep. 14, 2007

Unified authentication for web method platforms

Applicants:

Brian J. Guarraci, Redmond, WA (US);

Christopher C. White, Seattle, WA (US);

Niels Thomas Ferguson, Redmond, WA (US);

Jeffrey Dick Jones, Woodinville, WA (US);

Sean Patrick Nolan, Bellevue, WA (US);

Johnson T. Apacible, Mercer Island, WA (US);

Vijay Varadan, Bellevue, WA (US);

Inventors:

Brian J. Guarraci, Redmond, WA (US);

Christopher C. White, Seattle, WA (US);

Niels Thomas Ferguson, Redmond, WA (US);

Jeffrey Dick Jones, Woodinville, WA (US);

Sean Patrick Nolan, Bellevue, WA (US);

Johnson T. Apacible, Mercer Island, WA (US);

Vijay Varadan, Bellevue, WA (US);

Assignee:

Microsoft Corporation, Redmond, WA (US);

Attorney:

Turocy & Watson, LLP

Primary Examiner:

Nathan Flynn

Assistant Examiner:

Carolyn B Kosowski

Int. Cl.
CPC ...
G06F 7/04 (2006.01); G06F 15/16 (2006.01); G06F 17/30 (2006.01); G06F 21/00 (2006.01); H04L 29/06 (2006.01); H04L 9/32 (2006.01); G06F 15/173 (2006.01);
U.S. Cl.
CPC ...
Abstract

An authentication mechanism is provided for a web method platform that allows homogeneous access for different types of clients according to a bootstrapping procedure utilized to establish the session. Different clients can be assigned different levels of trust based in part on the bootstrapping procedure and/or information provided during the procedure. The bootstrapping procedure can produce a token that is used by the clients in subsequent requests to provide previous authentication or state information to the platform. The token can comprise a shared secret used to ensure integrity of communications in some cases, and the token can be opaque to the client. Tokens can expire and require a client to re-bootstrap to provide higher levels of authentication protection, and tokens can be shared among a plurality of application servers to facilitate effective handling of requests in a farmed environment.

Find Patent Forward Citations

Loading…