Invention Grant
- Patent Title: Peer-to-peer authentication and authorization
- Patent Title (中): 对等认证和授权
-
Application No.: US11110592Application Date: 2005-04-20
-
Publication No.: US07350074B2Publication Date: 2008-03-25
- Inventor: Rohit Gupta , Todd R. Manion , Ravi T. Rao , Sandeep K. Singhal
- Applicant: Rohit Gupta , Todd R. Manion , Ravi T. Rao , Sandeep K. Singhal
- Applicant Address: US WA Redmond
- Assignee: Microsoft Corporation
- Current Assignee: Microsoft Corporation
- Current Assignee Address: US WA Redmond
- Agency: Marshall, Gerstein & Borun LLP
- Main IPC: H04K1/00
- IPC: H04K1/00 ; H04L9/00 ; H04L9/32
Abstract:
An authentication mechanism uses a trusted people store that can be populated on an individual basis by users of computing devices, and can comprise certificates of entities that the user wishes to allow to act as certification authorities. Consequently, peer-to-peer connections can be made even if neither device presents a certificate or certificate chain signed by a third-party certificate authority, so long as each device present a certificate or certificate chain signed by a device present in the trusted people store. Once authenticated, a remote user can access trusted resources on a host device by having local processes mimic the user and create an appropriate token by changing the user's password or password type to a hash of the user's certificate and then logging the user on. The token can be referenced in a standard manner to determine whether the remote user is authorized to access the trusted resource.
Public/Granted literature
- US20060242405A1 Peer-to-peer authentication and authorization Public/Granted day:2006-10-26
Information query
