Browse Prior Art Database

Authentication Architecture for WebApplication.

IP.com Disclosure Number: IPCOM000015099D
Original Publication Date: 2002-Jul-20
Included in the Prior Art Database: 2003-Jun-20
Document File: 2 page(s) / 28K

Publishing Venue

IBM

Abstract

Authentication Architecture for WebApplication. Structure of the Web application attestation using Cookie -The technique of guaranteeing attestation between the HTTP server which can use HTTP Cookie, and a client ranging over a session. Client attestation over a session cannot be performed in a HTTP protocol. Moreover, if the Web application server currently generally used is used, construction of a supple authentication system cannot be performed. ·In this invention, the data of HTTP Cookie is enciphered, snoop by the others is prevented by not carrying out preservation to the hard disk of a client, and user authentication only by application can be performed. Without being caught by restriction of a Web application server, if the technique of this invention is used, a user's attestation function can be made and it can be crowded.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 55% of the total text.

Page 1 of 2

Authentication Architecture for WebApplication. Structure of the Web application attestation using Cookie

  -The technique of guaranteeing attestation between the HTTP server which can
use HTTP Cookie, and a client ranging over a session.

Client attestation over a session cannot be performed in a HTTP protocol.
Moreover, if the Web application server currently generally used is used,
construction of a supple authentication system cannot be performed.
·In this invention, the data of HTTP Cookie is enciphered, snoop by the others
is prevented by not carrying out preservation to the hard disk of a client,
and user authentication only by application can be performed.

Without being caught by restriction of a Web application server, if the
technique of this invention is used, a user's attestation function can be made
and it can be crowded.

The project and product with which invention is related :

-All the Web application servers that can operate HTTP Cookie.
-The web browser which mounts processing of HTTP Cookie.

Composition of invention :

1) Data flow

WebClient WebServer
···| P[userid , password] |
···|-------------------------------->|

···| C[name=value] |
···|<--------------------------------|

···| C[name=value] |
···|-------------------------------->|

···| C[name=value] |
···|<--------------------------------|

···| C[name=value] |
···|-------------------------------->|

···| |

* "P" in a figure expresses the POST method of HTTP, and "C" expresses H...