公开(公告)号：US10411907B2

公开(公告)日：2019-09-10

申请号：US15415451

申请日：2017-01-25

Applicant: salesforce.com, inc.

Inventor： Prasad Peddada ,  Taher Elgamal

IPC: H04L9/32 ,  H04W12/06 ,  H04L29/06 ,  H04L9/08 ,  G06F21/31

Abstract: An ID service on an app server interacts with a corresponding identity app installed on a user device such as a smart phone. At setup, the ID service receives the user's public key and only a segment of the corresponding private key. A special challenge message is created and partially decrypted using the private key segment on the server side, and then decryption is completed on the client app using the remaining segment(s) of the private key to recover the challenge. A token authenticator based on the result of the decryption is sent back to the identity service, for it to verify validity of the result and, if it is valid, enable secure login without requiring a password.

公开(公告)号：US20230032867A1

公开(公告)日：2023-02-02

申请号：US17387033

申请日：2021-07-28

Applicant: salesforce.com, inc.

Inventor： Prasad Peddada ,  Taher Elgamal ,  Joseph Salowey

IPC: H04L9/32

Abstract: Methods, systems, and devices supporting data processing are described. In some systems, a first service executing on a datacenter may receive a request to establish a secure connection and a certificate from a second service. The datacenter may be provisioned with an indication of certificates that have been revoked by a certificate authority (CA). The first service may validate a certificate chain for the certificate from the second service based on the certificates that have been revoked by the CA. If a certificate of the certificate chain has been revoked, the first service may not establish the connection with the second service. If the certificates of the certificate chain have not been revoked, the first service may establish a secure connection with the second service. The services may communicate in accordance with validating the certificate chain.

公开(公告)号：US11489828B2

公开(公告)日：2022-11-01

申请号：US17112525

申请日：2020-12-04

Applicant: salesforce.com, inc.

Inventor： Prasad Peddada ,  Taher Elgamal

IPC: H04L29/06 ,  H04L9/40

Abstract: A service may leverage a mutual transport layer security (mTLS) service to authenticate a client that is configured with a client certificate chain. The client may request access to the service, and the service may transmit a redirection response to the client. The redirection response may indicate an endpoint for the mTLS service that is associated with the tenant. In response to receiving the redirection response, the client may perform a digital handshake with the mTLS service, and the mTLS service may validate the client digital certificate and digitally sign the client digital certificate. The mTLS may transmit a redirection response, which redirects the client to the service where the client presents an indication of the digitally signed digital certificate chain. The service may validate the chain of trust associated with the digitally signed digital certificate chain and issue an indication that the client is authenticated to access the service.

公开(公告)号：US20220247554A1

公开(公告)日：2022-08-04

申请号：US17162766

申请日：2021-01-29

Applicant: salesforce.com, inc.

Inventor： Prasad Peddada ,  Taher Elgamal

IPC: H04L9/08 ,  H04L9/30

Abstract: Methods and systems for securing customer data in a multi-tenant database environment are described. A security module running on a database server may generate a private key-public key pair in response to receiving a request to store client data in a database. The security module may then transmit a request to derive a symmetric key to a key server, the request including the generated public key. The key server may derive a symmetric key, using key agreement and a key derivation function, based on the received public key and a private key managed by the key server. The security module may then receive the symmetric key from the key server and encrypt the client data. To facilitate decryption, the public key used to generate the symmetric key and an identifier for the private key managed by the key server may be stored in metadata associated with the client data.

公开(公告)号：US20220131688A1

公开(公告)日：2022-04-28

申请号：US17646823

申请日：2022-01-03

Applicant: salesforce.com, inc.

Inventor： Prasad Peddada ,  Taher Elgamal

IPC: H04L9/08 ,  G06F16/182 ,  H04L9/32 ,  G06K19/06 ,  H04L9/30 ,  H04L67/01

Abstract: A client may transmit an authentication request to a server. The server may initiate a key agreement process using a short-lived private key generated at the server and a public key of the device, generate a shared secret, and derive a symmetric key. The symmetric key may be used to encrypt a random challenge. Further, the server initiates a key agreement process for the client using the partial private key that was generated for the client and the short-lived public key generated at the server. A partial key agreement result and the encrypted random challenge may be transmitted to the client. The client may complete the key agreement process using the partial key agreement result and a respective portion of the private key. The client may derive the encryption key and decrypt the random challenge. An indication of the random challenge may be transmitted to the server, which authenticates the client.

公开(公告)号：US11290282B2

公开(公告)日：2022-03-29

申请号：US16694924

申请日：2019-11-25

Applicant: salesforce.com, inc.

Inventor： Shiloh Cory Heurich ,  Frank Siebenlist ,  Taher Elgamal ,  Clayten Tyler Joseph Hamacher ,  Matthew Steele ,  Pathik Ashok Solanki ,  Matthew B. Schechtman

IPC: H04L9/32 ,  H04L29/06

Abstract: In accordance with embodiments, there are provided mechanisms and methods for facilitating dynamic end-to-end integrity for data repositories in an on-demand services environment, where a database system-implemented method includes receiving, by the database system, a content file and metadata to be submitted to a data repository of the database system. The content file may include content, where the metadata may include identifying data associated with at least one of the content and a user associated with the content. The method may include verifying, by the database system, the identifying data of the metadata. The verification of the identifying data represents authentication of at least one of the user and the content. The method may include submitting, by the database system, the content file and the metadata to the data repository, upon authentication of at least one of the user and the content via successful verification of the identifying data.

公开(公告)号：US20220029796A1

公开(公告)日：2022-01-27

申请号：US16938632

申请日：2020-07-24

Applicant: salesforce.com, inc.

Inventor： Prasad Peddada ,  Taher Elgamal

IPC: H04L9/08 ,  H04L9/30 ,  H04L29/06 ,  H04L9/32 ,  G06K19/06 ,  G06F16/182

Abstract: A client may transmit an authentication request to a server. the server may initiate a key agreement process using a short-lived private key generated at the server and a public key of the device, generate a shared secret, and derive a symmetric key. The symmetric key may be used to encrypt a random challenge. Further, the server initiates a key agreement process for the client using the partial private key that was generated for the client and the short-lived public key generated at the server. A partial key agreement result and the encrypted random challenge may be transmitted to the client. The client may complete the key agreement process using the partial key agreement result and a respective portion of the private key. The client may derive the encryption key and decrypt the random challenge. An indication of the random challenge may be transmitted to the server, which authenticates the client.

公开(公告)号：US20220021524A1

公开(公告)日：2022-01-20

申请号：US16931210

申请日：2020-07-16

Applicant: salesforce.com, inc.

Inventor： Prasad Peddada ,  Taher Elgamal ,  Aaron Johnson ,  Ryan Guest

IPC: H04L9/08 ,  H04L9/30 ,  H04L9/32 ,  H04L9/06

Abstract: Methods and systems for securing customer data in a multi-tenant database environment are described. A key identifier received from a security server may be stored by an application server. The key identifier may be associated with a private key that is accessible by the security server and not accessible by the application server. A request to derive a symmetric key may be transmitted from the application server to the security server, the request including a public key generated by the application server, a salt value, and the key identifier. The symmetric key may then be derived based on the transmitted public key and the private key using a key derivation function. The application server may then receive and store the symmetric key in an in-memory cache, and be used to securely encrypt data received by the application server from client devices.

公开(公告)号：US11190344B2

公开(公告)日：2021-11-30

申请号：US16425729

申请日：2019-05-29

Applicant: salesforce.com, inc.

Inventor： Prasad Peddada ,  Taher Elgamal

IPC: H04L9/14 ,  H04L9/08 ,  H04L9/30 ,  H04L9/32

Abstract: A method is disclosed. The method includes, in a client device, acquiring first and second asymmetric cryptographic key pairs for a user, where each key pair includes a public key and a corresponding private key, securing the private key of the second key pair in a cryptographic processor, and splitting the private key of the first key pair into plural private key fragments, so that a sum of the plural private key fragments equals the private key of the first key pair. The method further includes storing at least one of the plural private key fragments on the client device, and registering the user with an identity service not hosted on the client device. Registering the user includes providing to the identity service, for use in securely authenticating the user, the public keys of the first and second key pairs, and the plural private key fragment(s) excluding the at least one private key fragment secured on the client device.

公开(公告)号：US10476855B1

公开(公告)日：2019-11-12

申请号：US15689098

申请日：2017-08-29

Applicant: salesforce.com, inc.

Inventor： Prasad Peddada ,  Taher Elgamal

IPC: H04L29/06 ,  H04L9/32 ,  H04L9/08 ,  G06F21/33

Abstract: Systems and methods for identify confirmation and transaction security are described. The system generates a challenge. The system transmits to a client computing system an encrypted challenge generated using the challenge and a public key of an asymmetric key pair to a client computing system. The system fragments a private key of the asymmetric key pair into a first, second and third private key fragments. The system generates a first partially decrypted challenge using the first private key fragment and the encrypted challenge. The system receives a second and a third partially decrypted challenges from the client computing system. The system generates a decrypted challenge using the first, second and third partially decrypted challenges. The system compares the decrypted challenge and the challenge for identity verification.