Patent search ap:("salesforce.com Page inc.") AND inv:"Taher ELGAMAL"

1.

发明申请
SECURE REMOTE USER AUTHENTICATION LEVERAGING PUBLIC KEY CRYPTOGRAPHY AND KEY SPLITTING 审中-公开

公开(公告)号：US20180212785A1

公开(公告)日：2018-07-26

申请号：US15415451

申请日：2017-01-25

Applicant: salesforce.com, inc.

Inventor： Prasad PEDDADA , Taher ELGAMAL

IPC: H04L9/32 , H04L29/06 , H04L9/08

CPC classification number: H04L9/3271 , G06F21/31 , G06F2221/2111 , H04L9/085 , H04L9/3213 , H04L9/3297 , H04L63/0442 , H04W12/06

Abstract: An ID service on an app server interacts with a corresponding identity app installed on a user device such as a smart phone. At setup, the ID service receives the user's public key and only a segment of the corresponding private key. A special challenge message is created and partially decrypted using the private key segment on the server side, and then decryption is completed on the client app using the remaining segment(s) of the private key to recover the challenge. A token authenticator based on the result of the decryption is sent back to the identity service, for it to verify validity of the result and, if it is valid, enable secure login without requiring a password.

2.

发明申请
SECURE INTERNAL USER AUTHENCATION LEVERAGING PUBLIC KEY CRYPTOGRAPHY AND KEY SPLITTING 审中-公开

公开(公告)号：US20180212762A1

公开(公告)日：2018-07-26

申请号：US15476833

申请日：2017-03-31

Applicant: salesforce.com, inc.

Inventor： Prasad PEDDADA , Taher ELGAMAL

IPC: H04L9/08 , G06F21/34

CPC classification number: H04L9/085 , G06F21/34 , H04L9/3234 , H04L9/3271

Abstract: In a computing system, methods for secure OS level login authentication for internal users to access servers. Some or all servers in a group each utilize a local ID Service for generating and validating a challenge responsive to an OS login request. The challenge is processed in a centralized secure server HSM. Rather than copying individual user public keys to each host in the data center, we need only copy the public key of the HSM to each host in the group. When a user attempts OS level login to a host, it encrypts the challenge using the public key of the HSM and forwards the request for processing in the HSM. There, it decrypts the challenge using the private key in the HSM and re-encrypts the challenge with the public key of the individual user. The user's mobile device, previously registered, is required to complete the authentication process.

Patent Agency Ranking