Method and system for binding kerberos-style authenticators to single clients

Number of patents in Portfolio can not be more than 2000

United States of America Patent

PATENT NO 7392390
APP PUB NO 20030172269A1
SERIAL NO

10318349

Stats

ATTORNEY / AGENT: (SPONSORED)

Importance

Loading Importance Indicators... loading....

Abstract

See full text

A method and system are directed towards enabling authentication in a distributed environment. The method employs a hashed salted password associated with a user in part to pre-authenticate the user. If the user is pre-authenticated, a ticket is transmitted to a client. The ticket includes a cryptographic digest of a concatenation of the local and remote addresses that is exclusive or'ed with a timestamp to generate a modified authenticator. The modified authenticator is directed at binding the timestamp to the client to minimize reuse of an authenticator. A packet that includes the authenticator is sent to a server. The server is configured to determine another remote and local IP address associated with the packet. Employing the remote and local addresses, the server extracts the timestamp from the modified authenticator. If the timestamp is within a pre-determined time window, the user may be authenticated.

Loading the Abstract Image... loading....

First Claim

See full text

Family

Loading Family data... loading....

Patent Owner(s)

Patent OwnerAddressTotal Patents
VALVE CORPORATIONBELLEVUE, WA50

International Classification(s)

  • [Classification Symbol]
  • [Patents Count]

Inventor(s)

Inventor Name Address # of filed Patents Total Citations
Newcombe, Christopher Richard Kirkland, WA 16 553

Cited Art Landscape

Patent Info (Count) # Cites Year
 
Other [Check patent profile for assignment information] (1)
2003/0009,365 System and method of content management and distribution 40 2001
 
SIERRA ENTERTAINMENT, INC. (1)
5819082 Data storage optimization using an access order resource list 19 1995
 
BULL S.A. (1)
6338072 Device and process for dynamically controlling the allocation of resources in a data processing system 52 1998
 
GENERAL ATOMICS (1)
6678700 System of and method for transparent management of data objects in containers across distributed heterogenous resources 88 2000
 
SONY CORPORATION (2)
* 6009528 Communication system and communication apparatus 30 1996
6105074 Data processing method and device 20 1999
 
VISA INTERNATIONAL SERVICE ASSOCIATION (1)
6018717 Method and apparatus for acquiring access using a fast smart card transaction 193 1998
 
PTC INC. (1)
5850535 Roll-back during regeneration on a computer-aided design system 34 1995
 
HITACHI, LTD. (1)
5619716 Information processing system having a configuration management system for managing the software of the information processing system 153 1995
 
ORACLE AMERICA, INC. (7)
6438141 Method and management of communications over media of finite bandwidth 103 1998
6675382 Software packaging and distribution system 165 1999
6848028 Microprocessor having a page prefetch cache for database applications 17 2000
6799276 Method and apparatus for restraining connection request stream associated with high volume burst client in a distributed network 41 2000
7131111 Development of manifest for java embedded server bundle 21 2001
6766428 Method and apparatus for storing prior versions of modified values to facilitate reliable execution 23 2001
6912520 System and method for providing a persistent object framework for managing persistent objects 33 2001
 
APPLE INC. (2)
5764992 Method and apparatus for automatic software replacement 246 1995
5732275 Method and apparatus for managing and automatically updating software programs 234 1996
 
MCAFEE, LLC (1)
6122657 Internet computer system with methods for dynamic filtering of hypertext tags and content 116 1997
 
KABUSHIKI KAISHA TOSHIBA (1)
5835601 File editing system and shared file editing system with file content secrecy, file version management, and asynchronous editing 169 1995
 
INTERNATIONAL BUSINESS MACHINES CORPORATION (10)
4999766 Managing host to workstation file transfer 77 1988
5349643 System and method for secure initial program load for diskless workstations 174 1993
5606693 Distributed database management over a network 122 1995
5915112 Remote procedure interface with support for multiple versions 157 1996
* 6223166 Cryptographic encoded ticket issuing and collection system for remote purchasers 182 1997
6269400 Method for discovering and registering agents in a distributed network 34 1998
6119203 Mechanism for sharing data cache resources between data prefetch operations and normal load/store operations in a data processing system 55 1998
6578102 Tracking and control of prefetch data in a PCI bus system 28 2000
6829649 Method an congestion control system to allocate bandwidth of a link to dataflows 35 2000
6807542 Method and apparatus for selective and quantitative rights management 50 2001
 
SAP SE (1)
6351775 Loading balancing across servers in a computer network 378 1997
 
NTT DOCOMO DCMR COMMUNICATIONS LABORATORIES USA, INC. (1)
2002/0075,844 Integrating public and private network resources for optimized broadband wireless access and method 495 2001
 
HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P. (3)
5305389 Predictive cache system 223 1991
6292889 Distributed computer network including hierarchical resource information structure and related method of distributing resources 104 1997
5960189 Automatic computer upgrading 112 1998
 
ATREVE SOFTWARE, INC. (1)
6317786 Web service 159 1998
 
UNITED STATES OF AMERICA AS REPRESENTED BY THE ADMINISTRATOR OF THE NATIONAL AERONAUTICS AND SPACE ADMINISTRATION (1)
4920487 Method of up-front load balancing for local memory parallel processors 55 1988
 
MOORE, NANCY BARCLAY (2)
6122372 System and method for encapsulating transaction messages with verifiable data generated identifiers 31 1997
5982893 System and method for processing transaction messages 26 1998
 
Teknowledge Corporation (1)
6029175 Automatic retrieval of changed files by a network software agent 626 1996
 
IPAYMENT, INC. (1)
6752313 Method and system for establishing a credit card transaction processing merchant account 19 2001
 
RAMBUS INC. (1)
5808690 Image generation system, methods and computer program products using distributed processing 38 1996
 
FUJITSU LIMITED (1)
5634107 Data processor and method of processing data in parallel 45 1995
 
ACCENTURE GLOBAL SERVICES LIMITED (1)
6256773 System, method and article of manufacture for configuration management in a development architecture framework 634 1999
 
B.E. Technology, LLC (1)
6771290 Computer interface method and apparatus with portable network organization system and targeted advertising 340 2001
 
AUDIBLE WORDS, CORPORATION (1)
5926624 Digital information library and delivery system with logic for generating files targeted to the playback device 681 1996
 
INTEL CORPORATION (6)
5325526 Task scheduling in a multicomputer system 140 1992
5737495 Method and apparatus for managing multimedia data files in a computer network by streaming data files into separate streams based on file attributes 96 1995
5757919 Cryptographically protected paging subsystem 244 1996
5933835 Method and apparatus for managing multimedia data files in a computer network by streaming data files into separate streams based on file attributes 106 1997
* 6950523 Secure storage of private keys 43 2000
6938005 Digital content distribution 54 2000
 
MRJ, INC. (1)
6314409 System for controlling access and distribution of digital property 601 1998
 
SONY COMPUTER ENTERTAINMENT INC. (1)
2002/0035,526 Method and system for managing fees of contents, computer program and recording medium 12 2001
 
ROCKWELL AUTOMATION TECHNOLOGIES, INC. (1)
6487455 Distributed real time operating system 21 1999
 
Telsima Inc. (1)
2002/0059,408 Dynamic traffic management on a shared medium 48 2001
 
XEROX CORPORATION (1)
6754821 System, method and article of manufacture for transition state-based cryptography 11 2000
 
LINKEDIN CORPORATION (1)
6466979 Adaptive system for optimizing a physical connection in a communication session 19 1998
 
METASWITCH NETWORKS LTD (1)
6684396 Method for upgrading running software processes without compromising fault-tolerance 43 2000
 
INKTOMI CORPORATION (1)
7035943 Web server content replication 63 1999
 
INTERNATIONAL COMPUTERS LIMITED (1)
5999740 Updating mechanism for software 326 1997
 
SofTel, Inc. (1)
5613089 Method and apparatus for remotely controlling and monitoring the use of computer software 61 1996
 
MITSUBISHI ELECTRONICS AMERICA, INC. (1)
6505255 Method for formatting and routing data between an external network and an internal network 83 1999
 
AT&T LABS, INC. (1)
5343526 Method for establishing licensor changeable limits on software usage 70 1992
 
GOAHEAD SOFTWARE INC. (1)
6986133 System and method for securely upgrading networked devices 75 2001
 
JPMORGAN CHASE BANK, N.A. (1)
6473793 Method and apparatus for selectively allocating and enforcing bandwidth usage requirements on network users 218 1999
 
MICROSOFT TECHNOLOGY LICENSING, LLC (16)
5742829 Automatic software installation on heterogeneous networked client computer systems 331 1995
5862339 Client connects to an internet access provider using algorithm downloaded from a central server based upon client's desired criteria after disconnected from the server 265 1996
6154767 Methods and apparatus for using attribute transition probability models for pre-fetching resources 61 1998
6195622 Methods and apparatus for building attribute transition probability models for use in pre-fetching resources 178 1998
6381742 Software package management 403 1998
6718549 Methods for managing the distribution of client bits to client computers 49 1999
6578054 Method and system for supporting off-line mode of operation and synchronization using resource state information 81 1999
6883168 Methods, systems, architectures and data structures for delivering software via a network 115 2000
7000230 Network-based software extensions 71 2000
6996599 System and method providing multi-tier applications architecture 21 2000
7143143 System and method for distributed caching using multicast replication 35 2000
6961341 Adaptive bandwidth throttling for network services 68 2001
* 2002/0150,253 Methods and arrangements for protecting information in forwarded authentication messages 89 2001
6871344 Configurations for binding software assemblies to application programs 55 2001
6868539 System and method providing single application image 44 2001
6748470 Method and system for locking multiple resources in a distributed environment 40 2001
 
NETIQ CORPORATION (1)
5829001 Database updates over a network 87 1997
 
WALKER ASSET MANAGEMENT LIMITED PARTNERSHIP (1)
5970143 Remote-auditing of computer generated outcomes, authenticated billing and access control, and software metering system using cryptographic and other protocols 727 1996
 
GOOGLE TECHNOLOGY HOLDINGS LLC (2)
5495533 Personal key archive 377 1994
6721786 Method and apparatus for balancing bandwidth usage in a browser 13 2000
 
BMC SOFTWARE, INC. (2)
6430608 Method and apparatus for accepting and rejecting files according to a manifest 48 1999
6738970 Method and apparatus for identifying changes made to a computer system due to software installation 31 1999
 
CAMSTAR SYSTEMS, INC. (1)
6711593 System and method for live update of a manufacturing system 68 2001
 
VERIZON PATENT AND LICENSING INC. (1)
5535276 Yaksha, an improved system and method for securing communications using split private key asymmetric cryptography 373 1994
 
VMWARE, INC. (1)
6735601 System and method for remote file access by computer 187 2000
 
FA HASSET CO., L.L.C. (1)
6584568 Network provider loop security system and method 21 1999
 
CIENA CORPORATION (3)
6694450 Distributed process redundancy 37 2000
6332198 Network device for supporting multiple redundancy schemes 75 2000
6880086 Signatures for facilitating hot upgrades of modular software components 253 2001
 
ADTRAN, INC. (1)
2003/0039,211 Distributed bandwidth allocation architecture 32 2001
 
ALCATEL-LUCENT USA INC. (1)
6871345 Self managing software agents with introspection 88 2000
 
DELL USA, L.P. (1)
6618810 Bios based method to disable and re-enable computers 43 1999
 
WEB 3000, INC. (1)
6366947 System and method for accelerating network interaction 126 1998
 
ENTRUST, INC. (1)
6453353 Role-based navigation of information resources 398 1999
 
NIFTY CORPORATION (1)
2002/0029,244 Client-server system, computer readable medium and computer-executable program product for updating software 9 2001
 
CLOUDING CORP. (1)
2002/0166,117 Method system and apparatus for providing pay-per-use distributed computing resources 108 2001
 
WISTRON CORPORATION (1)
6611812 Secure electronic content distribution on CDS and DVDs 310 1999
 
FACEBOOK, INC. (1)
6862616 System and method for facilitating distributed server administration of server systems that are scalable and version independent 17 2000
 
MATSUSHITA ELECTRIC INDUSTRIAL CO., LTD. (1)
6397258 File system 25 1999
 
MCAFEE, INC. (1)
* 6775704 System and method for preventing a spoofed remote procedure call denial of service attack in a networked computing environment 83 2000
 
AT&T CORP. (1)
6751608 Method and apparatus for improving end to end performance of a data network 37 2001
 
PEERDISTRICT COMPANY (1)
* 5924094 Independent distributed database system 246 1996
* Cited By Examiner

Patent Citation Ranking

Forward Cite Landscape

Patent Info (Count) # Cites Year
 
Other [Check patent profile for assignment information] (1)
* 2010/0269,155 Method and Apparatus for Registering Auto-Configured Network Addresses Based On Connection Authentication 10 2010
 
QUALCOMM INCORPORATED (7)
* 8862872 Ticket-based spectrum authorization and access control 1 2008
8548467 Ticket-based configuration parameters validation 2 2008
* 2010/0069,067 TICKET-BASED CONFIGURATION PARAMETERS VALIDATION 10 2008
* 2010/0070,760 TICKET-BASED SPECTRUM AUTHORIZATION AND ACCESS CONTROL 18 2008
9148335 Third party validation of internet protocol addresses 0 2008
* 2010/0083,354 THIRD PARTY VALIDATION OF INTERNET PROTOCOL ADDRESSES 6 2008
8913995 Ticket-based configuration parameters validation 1 2013
 
VALVE CORPORATION (2)
8539038 Method and system for preloading resources 3 2011
8661557 Method and system for granting access to system and content 0 2011
 
CISCO TECHNOLOGY, INC. (1)
* 8291489 Method and apparatus for registering auto-configured network addresses based on connection authentication 4 2010
 
JAPAN COMMUNICATIONS, INC. (10)
7760882 Systems and methods for mutual authentication of network nodes 6 2005
* 7725716 Methods and systems for encrypting, transmitting, and storing electronic information and files 6 2005
* 2006/0064,588 Systems and methods for mutual authentication of network nodes 38 2005
* 2005/0289,655 Methods and systems for encrypting, transmitting, and storing electronic information and files 8 2005
* 2006/0075,467 Systems and methods for enhanced network access 52 2005
* 2006/0075,472 System and method for enhanced network client security 23 2005
* 2006/0075,506 Systems and methods for enhanced electronic asset protection 67 2005
* 2006/0072,583 Systems and methods for monitoring and displaying performance metrics 14 2005
* 2006/0023,738 Application specific connection module 5 2005
* 2006/0026,268 Systems and methods for enhancing and optimizing a user's experience on an electronic device 26 2005
 
MICROSOFT TECHNOLOGY LICENSING, LLC (4)
* 7636783 Trial-before-purchase subscription game infrastructure for peer-peer networks 22 2004
* 2006/0123,117 Trial-before-purchase subscription game infrastructure for peer-peer networks 12 2004
* 7844808 Computer compliance enforcement 2 2006
* 2008/0148,036 Computer Compliance Enforcement 4 2006
 
DELL SOFTWARE INC. (4)
* 8584218 Disconnected credential validation using pre-fetched service tickets 4 2011
* 2012/0192,256 DISCONNECTED CREDENTIAL VALIDATION USING PRE-FETCHED SERVICE TICKETS 13 2011
* 9288201 Disconnected credential validation using pre-fetched service tickets 0 2013
* 2014/0196,132 DISCONNECTED CREDENTIAL VALIDATION USING PRE-FETCHED SERVICE TICKETS 0 2013
 
INTUIT INC. (2)
* 8621598 Method and apparatus for securely invoking a rest API 5 2008
* 2009/0235,349 METHOD AND APPARATUS FOR SECURELY INVOKING A REST API 94 2008
 
FACEBOOK, INC. (4)
* 7765584 Simple, secure login with multiple authentication providers 33 2006
* 2007/0169,181 SIMPLE, SECURE LOGIN WITH MULTIPLE AUTHENTICATION PROVIDERS 26 2006
* 8196189 Simple, secure login with multiple authentication providers 3 2010
* 2010/0251,347 SIMPLE, SECURE LOGIN WITH MULTIPLE AUTHENTICATION PROVIDERS 35 2010
 
AMAZON TECHNOLOGIES, INC. (3)
* 9770654 Cross device operation of games 0 2009
8662997 Systems and methods for in-game provisioning of content 0 2009
* 9005017 Tracking game progress using player profiles 0 2012
 
SYMANTEC CORPORATION (2)
* 8639628 Token authentication system and method 4 2005
* 2007/0050,635 Token authentication system and method 44 2005
 
AT&T INTELLECTUAL PROPERTY, INC. (1)
* 2008/0320,116 Identification of endpoint devices operably coupled to a network through a network address translation router 4 2007
 
PRISM TECHNOLOGIES LLC (5)
8898746 Method for managing access to protected computer resources 4 2013
8661512 Method for managing access to protected computer resources 0 2013
9369469 Method for managing access to protected computer resources 0 2014
9413768 Method for managing access to protected computer resources 0 2016
9544314 Method for managing access to protected computer resources 0 2016
 
CANON KABUSHIKI KAISHA (2)
8353019 Security token destined for multiple or group of service providers 1 2010
* 2011/0239,283 SECURITY TOKEN DESTINED FOR MULTIPLE OR GROUP OF SERVICE PROVIDERS 43 2010
* Cited By Examiner

Maintenance Fees

Fee Large entity fee small entity fee micro entity fee due date
11.5 Year Payment $7400.00 $3700.00 $1850.00 Dec 24, 2019
Fee Large entity fee small entity fee micro entity fee
Surcharge - 11.5 year - Late payment within 6 months $160.00 $80.00 $40.00
Surcharge after expiration - Late payment is unavoidable $700.00 $350.00 $175.00
Surcharge after expiration - Late payment is unintentional $1,640.00 $820.00 $410.00