公开(公告)号：US20200244636A1

公开(公告)日：2020-07-30

申请号：US16256611

申请日：2019-01-24

Applicant: salesforce.com, inc.

Inventor： Chandra Sekhar Varanasi ,  Puneet Kumar Dawer ,  Neelamani Durga Siva Prasad Kolluru ,  Rama Krishnam Raju Chekuri ,  Amrendra Singh

IPC: H04L29/06 ,  H04L9/32 ,  G06F21/45

Abstract: Systems and methods for performing authentication may include encrypting, by a server computing system, a question based on a first password associated with a user and based on successful verification of user identification to generate an encrypted question; transmitting, by the server computing system, the encrypted question to a user computing system; receiving, by the server computing system, an encrypted response from the user computing system, the encrypted response associated with the encrypted question; decrypting, by the server computing system, the encrypted response based on the first password to generate a response; and establishing, by the server computing system, a login session with the user computing system based on successful verification of the response.

公开(公告)号：US11477190B2

公开(公告)日：2022-10-18

申请号：US16400192

申请日：2019-05-01

Applicant: salesforce.com, inc.

Inventor： Vinay Kumar Tiruvaipeta ,  Chandra Sekhar Varanasi

IPC: G06F21/00 ,  H04L9/40

Abstract: The disclosed subject matter provides authentication between a client device and a server. The server allocates a dynamic user ID contained within an authentication token that is provided to the client device. In response to each successful authentication with the server, a new dynamic user ID is generated and provided to the client device for use in a subsequent authentication session. In generating the new dynamic user ID for the client device, the server invalidates any previously-provided dynamic user IDs for the client device.

公开(公告)号：US20200351263A1

公开(公告)日：2020-11-05

申请号：US16400192

申请日：2019-05-01

Applicant: salesforce.com, inc.

Inventor： Vinay Kumar Tiruvaipeta ,  Chandra Sekhar Varanasi

IPC: H04L29/06

Abstract: The disclosed subject matter provides authentication between a client device and a server. The server allocates a dynamic user ID contained within an authentication token that is provided to the client device. In response to each successful authentication with the server, a new dynamic user ID is generated and provided to the client device for use in a subsequent authentication session. In generating the new dynamic user ID for the client device, the server invalidates any previously-provided dynamic user IDs for the client device.

公开(公告)号：US11140142B2

公开(公告)日：2021-10-05

申请号：US16256611

申请日：2019-01-24

Applicant: salesforce.com, inc.

Inventor： Chandra Sekhar Varanasi ,  Puneet Kumar Dawer ,  Neelamani Durga Siva Prasad Kolluru ,  Rama Krishnam Raju Chekuri ,  Amrendra Singh

IPC: H04L29/06 ,  G06F21/45 ,  H04L9/32

Abstract: Systems and methods for performing authentication may include encrypting, by a server computing system, a question based on a first password associated with a user and based on successful verification of user identification to generate an encrypted question; transmitting, by the server computing system, the encrypted question to a user computing system; receiving, by the server computing system, an encrypted response from the user computing system, the encrypted response associated with the encrypted question; decrypting, by the server computing system, the encrypted response based on the first password to generate a response; and establishing, by the server computing system, a login session with the user computing system based on successful verification of the response.

公开(公告)号：US20200311309A1

公开(公告)日：2020-10-01

申请号：US16365067

申请日：2019-03-26

Applicant: salesforce.com, inc.

Inventor： Puneet Kumar Dawer ,  Chandra Sekhar Varanasi ,  Neelamani Durga Siva Prasad Kolluru ,  Raju Rama Krishnam Chekuri ,  Amrendra Singh ,  Rakesh Garishakurthi

IPC: G06F21/62 ,  H04L9/30 ,  H04L9/14 ,  H04L9/32 ,  H04L9/08 ,  G06F21/60

Abstract: Techniques are disclosed relating to preventing unauthorized access to private user information by improving cookie security. Cookie data may be subject to interception and replay attempts by malicious users. In disclosed techniques, a server computing system receives a request from a user device that includes encrypted cookie data and device identification information encrypted using a first key of a key pair generated by the server system. The server system may decrypt encrypted cookie data included with the request using a server encryption key. Based on decrypting the cookie data, the server system may retrieve previously-stored device identification information. The server system may decrypt device identification information received with the request using a second key of the key pair. The server system may compare the decryption result with the previously-stored device identification information and, based on the comparison, determine whether to use the cookie data for the request.