WO2002045370A3 - Secure session management and authentication for web sites - Google Patents

Secure session management and authentication for web sites Download PDF

Info

Publication number
WO2002045370A3
WO2002045370A3 PCT/EP2001/012963 EP0112963W WO0245370A3 WO 2002045370 A3 WO2002045370 A3 WO 2002045370A3 EP 0112963 W EP0112963 W EP 0112963W WO 0245370 A3 WO0245370 A3 WO 0245370A3
Authority
WO
WIPO (PCT)
Prior art keywords
secure
cookie
web
session management
authentication
Prior art date
Application number
PCT/EP2001/012963
Other languages
French (fr)
Other versions
WO2002045370A2 (en
Inventor
Wei Dong Kou
Lev Mirlas
Yan Chun Zhao
Original Assignee
Ibm
Ibm Deutschland
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ibm, Ibm Deutschland filed Critical Ibm
Priority to AU2002217011A priority Critical patent/AU2002217011A1/en
Priority to JP2002546382A priority patent/JP4056390B2/en
Priority to DE60116903T priority patent/DE60116903T2/en
Priority to EP01999093A priority patent/EP1346548B1/en
Publication of WO2002045370A2 publication Critical patent/WO2002045370A2/en
Publication of WO2002045370A3 publication Critical patent/WO2002045370A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/30Definitions, standards or architectural aspects of layered protocol stacks
    • H04L69/32Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
    • H04L69/322Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
    • H04L69/329Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the application layer [OSI layer 7]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload

Abstract

The present invention comprises a system and method for secure session management and authentication between web sites and web clients. The method includes both secure and non-secure communication protocols, means for switching between secure and non-secure communication protocols, a session cookie and an authcode cookie. The session cookie is used for session management and the authcode cookie is used for authentication. The session cookie is transmitted using a non-secure communication protocol when the web client accesses a non-secure web page, whereas, the authcode cookie is transmitted using a secure communication protocol when the web client accesses a secure web page. Session management architecture and usage of two distinct cookies along with both secure and non-secure communication protocols prevents unauthorized users from accessing sensitive web client or web site information.
PCT/EP2001/012963 2000-11-30 2001-11-09 Secure session management and authentication for web sites WO2002045370A2 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
AU2002217011A AU2002217011A1 (en) 2000-11-30 2001-11-09 Secure session management and authentication for web sites
JP2002546382A JP4056390B2 (en) 2000-11-30 2001-11-09 Secure session management and authentication for websites
DE60116903T DE60116903T2 (en) 2000-11-30 2001-11-09 SECURE SESSION MANAGEMENT AND AUTHENTICATION FOR WEBSITES
EP01999093A EP1346548B1 (en) 2000-11-30 2001-11-09 Secure session management and authentication for web sites

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CA002327078A CA2327078C (en) 2000-11-30 2000-11-30 Secure session management and authentication for web sites
CA2,327,078 2000-11-30

Publications (2)

Publication Number Publication Date
WO2002045370A2 WO2002045370A2 (en) 2002-06-06
WO2002045370A3 true WO2002045370A3 (en) 2003-03-13

Family

ID=4167768

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2001/012963 WO2002045370A2 (en) 2000-11-30 2001-11-09 Secure session management and authentication for web sites

Country Status (9)

Country Link
US (1) US7216236B2 (en)
EP (1) EP1346548B1 (en)
JP (1) JP4056390B2 (en)
CN (1) CN100486243C (en)
AT (1) ATE316731T1 (en)
AU (1) AU2002217011A1 (en)
CA (1) CA2327078C (en)
DE (1) DE60116903T2 (en)
WO (1) WO2002045370A2 (en)

Families Citing this family (169)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7058817B1 (en) 1999-07-02 2006-06-06 The Chase Manhattan Bank System and method for single sign on process for websites with multiple applications and services
US8571975B1 (en) 1999-11-24 2013-10-29 Jpmorgan Chase Bank, N.A. System and method for sending money via E-mail over the internet
US7426530B1 (en) * 2000-06-12 2008-09-16 Jpmorgan Chase Bank, N.A. System and method for providing customers with seamless entry to a remote server
US10185936B2 (en) 2000-06-22 2019-01-22 Jpmorgan Chase Bank, N.A. Method and system for processing internet payments
CA2342578A1 (en) * 2001-03-29 2002-09-29 Ibm Canada Limited-Ibm Canada Limitee Method and apparatus for security of a network server
DE10115895C1 (en) * 2001-03-30 2002-12-19 Siemens Ag Method for generating a representation for the retrieval of an information page that has already been called up
US8849716B1 (en) 2001-04-20 2014-09-30 Jpmorgan Chase Bank, N.A. System and method for preventing identity theft or misuse by restricting access
US6741990B2 (en) * 2001-05-23 2004-05-25 Intel Corporation System and method for efficient and adaptive web accesses filtering
AU2002312381A1 (en) 2001-06-07 2002-12-16 First Usa Bank, N.A. System and method for rapid updating of credit information
US7054939B2 (en) * 2001-06-28 2006-05-30 Bellsouth Intellectual Property Corportion Simultaneous visual and telephonic access to interactive information delivery
US7266839B2 (en) 2001-07-12 2007-09-04 J P Morgan Chase Bank System and method for providing discriminated content to network users
US7058673B2 (en) * 2001-08-02 2006-06-06 America Online, Inc. Method for generating positive integer number in Chinese number system
JP2003108520A (en) * 2001-09-28 2003-04-11 Canon Inc Information providing server, terminal device, its control method and information providing system
US7275260B2 (en) 2001-10-29 2007-09-25 Sun Microsystems, Inc. Enhanced privacy protection in identification in a data communications network
US20030084171A1 (en) * 2001-10-29 2003-05-01 Sun Microsystems, Inc., A Delaware Corporation User access control to distributed resources on a data communications network
US7496751B2 (en) * 2001-10-29 2009-02-24 Sun Microsystems, Inc. Privacy and identification in a data communications network
US20030084302A1 (en) * 2001-10-29 2003-05-01 Sun Microsystems, Inc., A Delaware Corporation Portability and privacy with data communications network browsing
WO2003038561A2 (en) 2001-11-01 2003-05-08 First Usa Bank, N.A. System and method for establishing or modifying an account with user selectable terms
US7315944B2 (en) * 2001-11-13 2008-01-01 Ericsson Inc. Secure handling of stored-value data objects
US7987501B2 (en) 2001-12-04 2011-07-26 Jpmorgan Chase Bank, N.A. System and method for single session sign-on
US20180165441A1 (en) 2002-03-25 2018-06-14 Glenn Cobourn Everhart Systems and methods for multifactor authentication
US20030208594A1 (en) * 2002-05-06 2003-11-06 Urchin Software Corporation. System and method for tracking unique visitors to a website
US7100049B2 (en) * 2002-05-10 2006-08-29 Rsa Security Inc. Method and apparatus for authentication of users and web sites
US7143174B2 (en) * 2002-06-12 2006-11-28 The Jpmorgan Chase Bank, N.A. Method and system for delayed cookie transmission in a client-server architecture
US7058660B2 (en) * 2002-10-02 2006-06-06 Bank One Corporation System and method for network-based project management
US8301493B2 (en) 2002-11-05 2012-10-30 Jpmorgan Chase Bank, N.A. System and method for providing incentives to consumers to share information
EP1560109A4 (en) * 2002-11-06 2011-05-18 Panasonic Corp Print system, print device, and print instruction method
US7233927B1 (en) * 2002-11-27 2007-06-19 Microsoft Corporation Method and system for authenticating accounts on a remote server
US8527636B2 (en) * 2002-12-02 2013-09-03 Sap Aktiengesellschaft Session-return enabling stateful web applications
US20040193605A1 (en) * 2003-03-25 2004-09-30 Weisman Mitchell T. Control of access to computers in a computer network
US7254542B2 (en) 2003-03-31 2007-08-07 International Business Machines Corporation Portal data passing through non-persistent browser cookies
US7299492B2 (en) * 2003-06-12 2007-11-20 International Business Machines Corporation Multi-level multi-user web services security system and method
CA2686265A1 (en) * 2003-06-17 2004-12-17 Ibm Canada Limited - Ibm Canada Limitee Multiple identity management in an electronic commerce site
US7490237B1 (en) * 2003-06-27 2009-02-10 Microsoft Corporation Systems and methods for caching in authentication systems
US8429249B2 (en) * 2003-07-11 2013-04-23 Ca, Inc. System and method for configuring servlet-based components as dynamic content components
US20050076230A1 (en) * 2003-10-02 2005-04-07 George Redenbaugh Fraud tracking cookie
DE10349015A1 (en) * 2003-10-17 2005-05-19 Siemens Ag Operating procedure for a server and corresponding objects
US7886032B1 (en) * 2003-12-23 2011-02-08 Google Inc. Content retrieval from sites that use session identifiers
US20050166053A1 (en) * 2004-01-28 2005-07-28 Yahoo! Inc. Method and system for associating a signature with a mobile device
EP1870814B1 (en) 2006-06-19 2014-08-13 Texas Instruments France Method and apparatus for secure demand paging for processor devices
US8261336B2 (en) * 2004-06-15 2012-09-04 Emc Corporation System and method for making accessible a set of services to users
US8346593B2 (en) 2004-06-30 2013-01-01 Experian Marketing Solutions, Inc. System, method, and software for prediction of attitudinal and message responsiveness
US7487361B2 (en) * 2004-06-30 2009-02-03 International Business Machines Corporation Dynamic cache lookup based on dynamic data
JP2006023827A (en) * 2004-07-06 2006-01-26 Fujitsu Ltd Document data management device, document data management method and document data management program
JP4710267B2 (en) * 2004-07-12 2011-06-29 株式会社日立製作所 Network system, data relay device, session monitor system, and packet monitor relay device
US7571322B2 (en) * 2004-08-10 2009-08-04 Microsoft Corporation Enhanced cookie management
JP2006092116A (en) * 2004-09-22 2006-04-06 Canon Inc Web server and control method therefor
US8732004B1 (en) 2004-09-22 2014-05-20 Experian Information Solutions, Inc. Automated analysis of data to generate prospect notifications based on trigger events
US7848749B2 (en) * 2004-11-08 2010-12-07 Alcatel-Lucent Usa Inc. Method and apparatus for activating a dormant mobile unit in a distributed network
JP2006243924A (en) * 2005-03-01 2006-09-14 Nec Corp Secure session management program for website, session management method, and session management system
US20060224518A1 (en) * 2005-04-05 2006-10-05 International Business Machines Corporation Partial credential processing for limited commerce interactions
WO2006115984A2 (en) * 2005-04-21 2006-11-02 Securedpay Solutions, Inc. Portable handheld device for wireless order entry and real time payment authorization and related methods
US9692725B2 (en) 2005-05-26 2017-06-27 Citrix Systems, Inc. Systems and methods for using an HTTP-aware client agent
US9407608B2 (en) 2005-05-26 2016-08-02 Citrix Systems, Inc. Systems and methods for enhanced client side policy
US8943304B2 (en) 2006-08-03 2015-01-27 Citrix Systems, Inc. Systems and methods for using an HTTP-aware client agent
US9621666B2 (en) 2005-05-26 2017-04-11 Citrix Systems, Inc. Systems and methods for enhanced delta compression
US20070022015A1 (en) * 2005-07-22 2007-01-25 Tarinelli Gillian J System and method for the on-line purchase of products through a guest registration
US8583926B1 (en) 2005-09-19 2013-11-12 Jpmorgan Chase Bank, N.A. System and method for anti-phishing authentication
JP2007140901A (en) * 2005-11-18 2007-06-07 Fuji Xerox Co Ltd Image processing system
US7765275B2 (en) * 2006-01-27 2010-07-27 International Business Machines Corporation Caching of private data for a configurable time period
JP2007213397A (en) * 2006-02-10 2007-08-23 Fuji Xerox Co Ltd Data management program, data management device and switching method of protocol
US20070204156A1 (en) * 2006-02-28 2007-08-30 Mark Jeghers Systems and methods for providing access to network resources based upon temporary keys
US20070204167A1 (en) * 2006-02-28 2007-08-30 Aladdin Knowledge Systems Ltd. Method for serving a plurality of applications by a security token
US20070299928A1 (en) * 2006-06-22 2007-12-27 Pooja Kohli Maintaining sessions using cookie updation
EP3518503B1 (en) * 2006-08-03 2021-04-21 Citrix Systems Inc. Systems and methods for using an http-aware client agent
US8561155B2 (en) 2006-08-03 2013-10-15 Citrix Systems, Inc. Systems and methods for using a client agent to manage HTTP authentication cookies
US8036979B1 (en) 2006-10-05 2011-10-11 Experian Information Solutions, Inc. System and method for generating a finance attribute from tradeline data
US10110687B2 (en) * 2006-10-06 2018-10-23 International Business Machines Corporation Session based web usage reporter
WO2008049457A1 (en) * 2006-10-23 2008-05-02 Real Enterprise Solutions Development B.V. Methods, programs and a system of providing remote access
US20080141352A1 (en) * 2006-12-11 2008-06-12 Motorola, Inc. Secure password distribution to a client device of a network
US8079067B2 (en) * 2007-01-05 2011-12-13 Seiko Epson Corporation Streaming content in guest mode
US9912766B2 (en) * 2007-03-23 2018-03-06 Yahoo Holdings, Inc. System and method for identifying a link and generating a link identifier for the link on a webpage
JP4946564B2 (en) * 2007-03-27 2012-06-06 富士通株式会社 Authentication processing method and system
US8285656B1 (en) 2007-03-30 2012-10-09 Consumerinfo.Com, Inc. Systems and methods for data verification
US20080262937A1 (en) * 2007-04-18 2008-10-23 Kerry Wayne Willis Method and system for performing automated group purchasing
US8473735B1 (en) 2007-05-17 2013-06-25 Jpmorgan Chase Systems and methods for managing digital certificates
US8489740B2 (en) * 2007-05-18 2013-07-16 Red Hat, Inc. Method and an apparatus to generate message authentication codes at a proxy server for validating a web session
US8452882B2 (en) * 2007-05-18 2013-05-28 Red Hat, Inc. Method and an apparatus to validate a web session in a proxy server
US20080294540A1 (en) 2007-05-25 2008-11-27 Celka Christopher J System and method for automated detection of never-pay data sets
US8266062B2 (en) * 2007-06-27 2012-09-11 Microsoft Corporation Server side reversible hash for telephone-based licensing mechanism
CN101127603B (en) * 2007-08-16 2010-08-04 中兴通讯股份有限公司 A method for single point login of portal website and IMS client
US8543638B2 (en) * 2007-09-24 2013-09-24 Microsoft Corporation Security system for a browser-based environment
US20090089311A1 (en) * 2007-09-28 2009-04-02 Yahoo! Inc. System and method for inclusion of history in a search results page
US7996521B2 (en) 2007-11-19 2011-08-09 Experian Marketing Solutions, Inc. Service for mapping IP addresses to user segments
US7970946B1 (en) * 2007-11-27 2011-06-28 Google Inc. Recording and serializing events
US8997076B1 (en) 2007-11-27 2015-03-31 Google Inc. Auto-updating an application without requiring repeated user authorization
US9137018B2 (en) * 2007-12-19 2015-09-15 The Directv Group, Inc. Method and system for providing a generic program guide data from a primary content provider to a user network device through a partner service provider
US8621646B2 (en) * 2007-12-19 2013-12-31 The Directv Group, Inc. Method and system for authenticating a user receiving device into a primary service provider system to communicate with a partner service provider
US8533852B2 (en) * 2007-12-19 2013-09-10 The Directv Group, Inc. Method and system for securely communicating between a primary service provider and a partner service provider
US8453251B2 (en) * 2007-12-19 2013-05-28 The Directv Group, Inc. Method and system for securely communicating between a user network device, a primary service provider and a partner service provider
US8321682B1 (en) 2008-01-24 2012-11-27 Jpmorgan Chase Bank, N.A. System and method for generating and managing administrator passwords
US8090877B2 (en) 2008-01-26 2012-01-03 Citrix Systems, Inc. Systems and methods for fine grain policy driven cookie proxying
US8229969B1 (en) * 2008-03-04 2012-07-24 Open Invention Network Llc Maintaining web session data spanning multiple application servers in a session database
CN101251858B (en) * 2008-03-12 2010-04-14 腾讯科技(深圳)有限公司 Data managing method in multiple page browsers and browsers
GB2459529A (en) * 2008-04-28 2009-11-04 Ice Organisation Online transaction authentication using two servers
US8103607B2 (en) * 2008-05-29 2012-01-24 Red Hat, Inc. System comprising a proxy server including a rules engine, a remote application server, and an aspect server for executing aspect services remotely
US8312033B1 (en) 2008-06-26 2012-11-13 Experian Marketing Solutions, Inc. Systems and methods for providing an integrated identifier
US8438622B2 (en) * 2008-07-10 2013-05-07 Honesty Online, Llc Methods and apparatus for authorizing access to data
US8204180B1 (en) * 2008-08-08 2012-06-19 Intervoice Limited Partnership Systems and methods for preventing sensitive information from being communicated into a non-secure environment
US9262147B1 (en) 2008-12-30 2016-02-16 Google Inc. Recording client events using application resident on removable storage device
US7941550B1 (en) 2009-02-12 2011-05-10 Sprint Communications Company L.P. Multiple cookie handling
US8639920B2 (en) 2009-05-11 2014-01-28 Experian Marketing Solutions, Inc. Systems and methods for providing anonymized user profile data
US8195818B2 (en) * 2009-06-22 2012-06-05 Oracle International Corporation Enforcing communication security for selected resources
US9608826B2 (en) 2009-06-29 2017-03-28 Jpmorgan Chase Bank, N.A. System and method for partner key management
US8924553B2 (en) * 2009-08-31 2014-12-30 Red Hat, Inc. Multifactor validation of requests to thwart cross-site attacks
US8775818B2 (en) * 2009-11-30 2014-07-08 Red Hat, Inc. Multifactor validation of requests to thwart dynamic cross-site attacks
US8904521B2 (en) * 2009-11-30 2014-12-02 Red Hat, Inc. Client-side prevention of cross-site request forgeries
US8850219B2 (en) 2010-05-13 2014-09-30 Salesforce.Com, Inc. Secure communications
US9152727B1 (en) * 2010-08-23 2015-10-06 Experian Marketing Solutions, Inc. Systems and methods for processing consumer information for targeted marketing applications
JP5669497B2 (en) * 2010-09-22 2015-02-12 キヤノン株式会社 Information processing apparatus, information processing apparatus control method, and program
US9147042B1 (en) 2010-11-22 2015-09-29 Experian Information Solutions, Inc. Systems and methods for data verification
US9965613B2 (en) * 2010-12-03 2018-05-08 Salesforce.Com, Inc. Method and system for user session discovery
CN103392320B (en) 2010-12-29 2016-08-31 思杰系统有限公司 Encrypted item is carried out the system and method that multilamellar labelling determines to provide extra safely effectively encrypted item
US8661519B2 (en) 2011-06-03 2014-02-25 Microsoft Corporation Redirection using token and value
JP5677899B2 (en) * 2011-06-16 2015-02-25 株式会社三菱東京Ufj銀行 Information processing apparatus and information processing method
US8955078B2 (en) 2011-06-30 2015-02-10 Cable Television Laboratories, Inc. Zero sign-on authentication
FR2985400B1 (en) * 2012-01-03 2013-12-20 Alcatel Lucent SECURE TRANSMISSION OF DATA
US8949952B2 (en) * 2012-04-25 2015-02-03 Cisco Technology, Inc. Multi-stack subscriber sign on
US9705729B2 (en) 2012-06-01 2017-07-11 Dell Products L.P. General client engine with load balancing for client-server communication
CN102769625A (en) * 2012-07-25 2012-11-07 亿赞普(北京)科技有限公司 Client-side Cookie information acquisition method and device
CN102970297B (en) * 2012-11-27 2015-03-04 飞天诚信科技股份有限公司 Travel recording method
US9697263B1 (en) 2013-03-04 2017-07-04 Experian Information Solutions, Inc. Consumer data request fulfillment system
US9533213B2 (en) * 2013-03-14 2017-01-03 Chris M. Clark Web-based scoring system for golf tournaments
US9419957B1 (en) 2013-03-15 2016-08-16 Jpmorgan Chase Bank, N.A. Confidence-based authentication
JP6128958B2 (en) 2013-05-28 2017-05-17 キヤノン株式会社 Information processing server system, control method, and program
US10193993B2 (en) * 2013-05-30 2019-01-29 Ebay Inc. Systems and methods of token piggybacking
US9716740B2 (en) * 2013-06-14 2017-07-25 Dell Products L.P. Web-based transcoding to clients for client-server communication
US9300669B2 (en) 2013-06-14 2016-03-29 Dell Products L.P. Runtime API framework for client-server communication
US9407725B2 (en) 2013-06-14 2016-08-02 Dell Products L.P. Generic transcoding service for client-server communication
KR101492821B1 (en) 2013-07-30 2015-02-12 캠프모바일 주식회사 Method and system for transmitting key securely to hypertext transfer protocol page
EP2849110A1 (en) 2013-09-13 2015-03-18 Gemalto SA Server using unpredictable scrambled cookie names
CN103577585B (en) * 2013-11-08 2018-02-23 北京国双科技有限公司 The identification method and device of user in internet
US10102536B1 (en) 2013-11-15 2018-10-16 Experian Information Solutions, Inc. Micro-geographic aggregation system
US9529851B1 (en) 2013-12-02 2016-12-27 Experian Information Solutions, Inc. Server architecture for electronic data quality processing
US10148726B1 (en) 2014-01-24 2018-12-04 Jpmorgan Chase Bank, N.A. Initiating operating system commands based on browser cookies
US10262362B1 (en) 2014-02-14 2019-04-16 Experian Information Solutions, Inc. Automatic generation of code for attributes
US9576030B1 (en) 2014-05-07 2017-02-21 Consumerinfo.Com, Inc. Keeping up with the joneses
US9929995B2 (en) * 2014-05-21 2018-03-27 Go Daddy Operating Company, LLC Third party messaging system for monitoring and managing domain names and websites
US10182046B1 (en) 2015-06-23 2019-01-15 Amazon Technologies, Inc. Detecting a network crawler
US9646104B1 (en) 2014-06-23 2017-05-09 Amazon Technologies, Inc. User tracking based on client-side browse history
US9712520B1 (en) * 2015-06-23 2017-07-18 Amazon Technologies, Inc. User authentication using client-side browse history
US11257117B1 (en) 2014-06-25 2022-02-22 Experian Information Solutions, Inc. Mobile device sighting location analytics and profiling system
US10445152B1 (en) 2014-12-19 2019-10-15 Experian Information Solutions, Inc. Systems and methods for dynamic report generation based on automatic modeling of complex data structures
US9614816B2 (en) * 2015-03-23 2017-04-04 Oracle International Corporation Dynamic encryption for tunneled real-time communications
US10290022B1 (en) 2015-06-23 2019-05-14 Amazon Technologies, Inc. Targeting content based on user characteristics
US10243957B1 (en) * 2015-08-27 2019-03-26 Amazon Technologies, Inc. Preventing leakage of cookie data
US10218698B2 (en) * 2015-10-29 2019-02-26 Verizon Patent And Licensing Inc. Using a mobile device number (MDN) service in multifactor authentication
US9767309B1 (en) 2015-11-23 2017-09-19 Experian Information Solutions, Inc. Access control system for implementing access restrictions of regulated database records while identifying and providing indicators of regulated database records matching validation criteria
CN106844288B (en) 2015-12-07 2022-03-22 创新先进技术有限公司 Random character string generation method and device
CN107025563A (en) * 2016-01-29 2017-08-08 福建天晴数码有限公司 Follow the trail of the method and system for delivering advertisement
US11244053B2 (en) * 2016-03-03 2022-02-08 Deviceatlas Limited Counterfeit electronic device detection
CN107547468B (en) * 2016-06-23 2020-03-03 广州市动景计算机科技有限公司 Network protocol switching device, method and terminal
US10678894B2 (en) 2016-08-24 2020-06-09 Experian Information Solutions, Inc. Disambiguation and authentication of device users
US10600108B2 (en) * 2016-09-26 2020-03-24 Target Brands, Inc. Web session security and computational load management
CN108153772A (en) * 2016-12-05 2018-06-12 天脉聚源(北京)科技有限公司 A kind of method and system for exempting from password login webpage
CA3050139A1 (en) 2017-01-31 2018-08-09 Experian Information Solutions, Inc. Massive scale heterogeneous data ingestion and user resolution
US10348701B2 (en) * 2017-03-02 2019-07-09 Citrix Systems, Inc. Protecting clients from open redirect security vulnerabilities in web applications
US10645177B2 (en) 2017-04-19 2020-05-05 International Business Machines Corporation Cookie based session timeout detection and management
CN107332821B (en) * 2017-05-27 2020-11-13 北京奇虎科技有限公司 Method and device for realizing communication between client and server
US11263283B1 (en) * 2018-06-22 2022-03-01 Proof of Concept LLC Method and system for asynchronous correlation of data entries in spatially separated instances of heterogeneous databases
CN109802925B (en) * 2017-11-17 2021-10-29 阿里巴巴(中国)有限公司 Authentication method and system for public WiFi access
US11500948B1 (en) 2018-06-01 2022-11-15 Proof of Concept, LLC Method and system for asynchronous correlation of data entries in spatially separated instances of heterogeneous databases
US10963434B1 (en) 2018-09-07 2021-03-30 Experian Information Solutions, Inc. Data architecture for supporting multiple search models
CN110619071B (en) * 2019-08-06 2022-08-05 微梦创科网络科技(中国)有限公司 Account access security monitoring and processing method and device
US11941065B1 (en) 2019-09-13 2024-03-26 Experian Information Solutions, Inc. Single identifier platform for storing entity data
US11682041B1 (en) 2020-01-13 2023-06-20 Experian Marketing Solutions, Llc Systems and methods of a tracking analytics platform
US11165586B1 (en) * 2020-10-30 2021-11-02 Capital One Services, Llc Call center web-based authentication using a contactless card
US11880377B1 (en) 2021-03-26 2024-01-23 Experian Information Solutions, Inc. Systems and methods for entity resolution
US11861023B2 (en) 2021-08-25 2024-01-02 International Business Machines Corporation Matching cryptographic computing resources to the predicted requirements for decrypting encrypted communications

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5875296A (en) * 1997-01-28 1999-02-23 International Business Machines Corporation Distributed file system web server user authentication with cookies
US5963915A (en) * 1996-02-21 1999-10-05 Infoseek Corporation Secure, convenient and efficient system and method of performing trans-internet purchase transactions
US5966705A (en) * 1997-06-30 1999-10-12 Microsoft Corporation Tracking a user across both secure and non-secure areas on the Internet, wherein the users is initially tracked using a globally unique identifier
WO2000069110A1 (en) * 1999-05-11 2000-11-16 Sun Microsystems, Inc. Method and apparatus for authenticating users

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6535880B1 (en) * 2000-05-09 2003-03-18 Cnet Networks, Inc. Automated on-line commerce method and apparatus utilizing a shopping server verifying product information on product selection
US6049877A (en) * 1997-07-16 2000-04-11 International Business Machines Corporation Systems, methods and computer program products for authorizing common gateway interface application requests
US6101482A (en) 1997-09-15 2000-08-08 International Business Machines Corporation Universal web shopping cart and method of on-line transaction processing
US6470386B1 (en) * 1997-09-26 2002-10-22 Worldcom, Inc. Integrated proxy interface for web based telecommunications management tools
US6092196A (en) * 1997-11-25 2000-07-18 Nortel Networks Limited HTTP distributed remote user authentication system
JP2000276444A (en) 1999-03-19 2000-10-06 Canon Inc Communication equipment, communication system, and computer readable storage medium
GB2349960A (en) 1999-05-08 2000-11-15 Ibm Secure password provision
US6701438B1 (en) * 1999-06-14 2004-03-02 Sun Microsystems, Inc. Methods and apparatus for providing customizable security and logging protocols in a servlet engine
US6892307B1 (en) * 1999-08-05 2005-05-10 Sun Microsystems, Inc. Single sign-on framework with trust-level mapping to authentication requirements
US6691232B1 (en) * 1999-08-05 2004-02-10 Sun Microsystems, Inc. Security architecture with environment sensitive credential sufficiency evaluation
US6920560B2 (en) * 1999-12-30 2005-07-19 Clyde Riley Wallace, Jr. Secure network user states

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5963915A (en) * 1996-02-21 1999-10-05 Infoseek Corporation Secure, convenient and efficient system and method of performing trans-internet purchase transactions
US5875296A (en) * 1997-01-28 1999-02-23 International Business Machines Corporation Distributed file system web server user authentication with cookies
US5966705A (en) * 1997-06-30 1999-10-12 Microsoft Corporation Tracking a user across both secure and non-secure areas on the Internet, wherein the users is initially tracked using a globally unique identifier
WO2000069110A1 (en) * 1999-05-11 2000-11-16 Sun Microsystems, Inc. Method and apparatus for authenticating users

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
KRISTOL D ET AL: "HTTP STATE MANAGEMENT MECHANISM", REQUEST FOR COMMENTS, February 1997 (1997-02-01), XP002901860 *

Also Published As

Publication number Publication date
US7216236B2 (en) 2007-05-08
EP1346548A2 (en) 2003-09-24
EP1346548B1 (en) 2006-01-25
JP4056390B2 (en) 2008-03-05
US20020099936A1 (en) 2002-07-25
CA2327078C (en) 2005-01-11
WO2002045370A2 (en) 2002-06-06
JP2004514996A (en) 2004-05-20
ATE316731T1 (en) 2006-02-15
CN100486243C (en) 2009-05-06
CN1478348A (en) 2004-02-25
DE60116903T2 (en) 2006-08-17
DE60116903D1 (en) 2006-04-13
AU2002217011A1 (en) 2002-06-11
CA2327078A1 (en) 2002-05-30

Similar Documents

Publication Publication Date Title
WO2002045370A3 (en) Secure session management and authentication for web sites
WO2002044858A3 (en) System and method for securing a non-secure communication channel
US20070180088A1 (en) Seamless roaming across multiple data networks
WO1998032065A3 (en) Improved network security device
WO2003021372A3 (en) System and method for providing two-way communications network transmissions over internet protocol
WO2001084765A3 (en) Method and system for transmission of access and application information over public ip networks
WO2003012578A3 (en) Virtual file-sharing network
EP1175061A3 (en) Computer systems, in particular virtual private networks
WO2001084797A3 (en) System and method for highly secure data communications
WO2004008675A3 (en) System and method for managing bandwidth utilization
WO2003038578A8 (en) User access control to distributed resources on a data communications network
WO2002025962A3 (en) Secured map messages for telecommunications networks
AU7694000A (en) Wide area network mobility for ip based networks
DE60043053D1 (en) SELF-GENERATION OF CERTIFICATES USING A SAFE MICROPROCESSOR IN A DIGITAL DATA TRANSMISSION DEVICE
WO2002073883A3 (en) Method and apparatus for establishing a protocol proxy for a mobile host terminal in a multimedia session
WO2001045049A8 (en) Secure gateway having user identification and password authentication
US6360269B1 (en) Protected keepalive message through the internet
WO2001095562A3 (en) Method for ensuring access to a transmission medium
WO2001099387A3 (en) Multi-session secured digital transmission process
GB9913102D0 (en) An element for a communications system
EP1661299A1 (en) Providing credentials
AU2002308764A1 (en) Dual mode service platform within network communication system
US6836474B1 (en) WAP session tunneling
WO2003025764A3 (en) Method and apparatus for transmitting data over a network
WO2002015512A3 (en) A method and an apparatus for granting use of a session of a packet data transmission standard designated by an identifier

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LV MA MD MG MK MN MW MX MZ NO NZ PH PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 609/DELNP/2003

Country of ref document: IN

WWE Wipo information: entry into national phase

Ref document number: 2002546382

Country of ref document: JP

WWE Wipo information: entry into national phase

Ref document number: 018197027

Country of ref document: CN

WWE Wipo information: entry into national phase

Ref document number: 2001999093

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2001999093

Country of ref document: EP

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

WWG Wipo information: grant in national office

Ref document number: 2001999093

Country of ref document: EP