发明授权
- 专利标题: Scalable session management using an encrypted session key
- 专利标题(中): 使用加密会话密钥进行可扩展会话管理
-
申请号: US13026793申请日: 2011-02-14
-
公开(公告)号: US08626929B2公开(公告)日: 2014-01-07
- 发明人: Wei Jiang , Ismail Cem Paya , John D. Whited , Wei-Quiang Michael Guo , Yordan Rouskov , Adam Back
- 申请人: Wei Jiang , Ismail Cem Paya , John D. Whited , Wei-Quiang Michael Guo , Yordan Rouskov , Adam Back
- 申请人地址: US WA Redmond
- 专利权人: Microsoft Corporation
- 当前专利权人: Microsoft Corporation
- 当前专利权人地址: US WA Redmond
- 代理机构: Lee & Hayes, PLLC
- 主分类号: G06F15/16
- IPC分类号: G06F15/16
摘要:
Scalable session management is achieved by generating a cookie that includes an encrypted session key and encrypted cookie data. The cookie data is encrypted using the session key. The session key is then signed and encrypted using one or more public/private key pairs. The encrypted session key can be decrypted and verified using the same private/public key pair(s). Once verified, the decrypted session key can then be used to decrypt and verify the encrypted cookie data. A first server having the private/public key pair(s) may generate the cookie using a randomly generated session key. A second server having the same private/public key pair(s) may decrypt and verify the cookie even if the session key is not initially installed on the second server. A session key cache may be used to provide session key lookup to save public/private key operations on the servers.
公开/授权文献
- US20110138179A1 Scalable Session Management 公开/授权日:2011-06-09