Server Private Key Encryption based User Authentication Management
Original Publication Date: 2001-Nov-10
Included in the Prior Art Database: 2003-Jun-20
Disclosed is a user authentication mechanism using server private key encryption to improve user authentication performance by minimizing or eliminating the database access for checking the user ID and password validity. With existing technology for authentication management, User authentications of application server login's, such as the basic authentication method for Web application servers, require the database access to confirm the validation of user ID and password combinations. The larger the system is designed such as the one for B to C area, the heavier the user authentication load becomes. Benefit of this mechanism is, by improving the performance of User Authentication, more e-business application system can be realized without huge system investment, which will eventually drive more traditional business practices move into e-business arena. Application Area and Advantages This mechanism is especially powerful in Web based large scale system deployment. One of the issues of the large scale Web system is the performance of the user authentication. In B to C e-business system environment, it is common to have more than several million users and requires high performance user authentication capability. The current user authentication is heavily dependent on verifying the user ID and its associated password by retrieving information from the database, which will most likely become the bottle-neck of the total system performance.