The patent's assignee for patent number 8490165 is
News editors obtained the following quote from the background information supplied by the inventors: "The disclosure relates generally to an improved data processing system and more specifically to restoring secure sessions.
"Servers are frequently used to control access to resources by one or more clients. The resources may be stored on the server or on a network to which the server is connected. A user wishing to access a resource to which access is controlled by the server typically connects to the server to request the access. Access is controlled based on the identity of the user or the client. In other words, access to the resource may be granted to one user connecting to the server on a particular client, while access to the resource may be denied to another user connecting the server on the same client or another client.
"The server requests identification information from the client in order to determine whether the user is to be granted or denied the requested type of access to the requested resources. A resource, for example, is a file, a folder, a drive, an application, a database, or any other suitable information or organization of information. In some examples, the client requests the identification information from the user. The client may request the identification information by prompting the user to enter a user name and/or password, a biometric input, an access card, or another suitable identifier.
"A client frequently accesses more than one resource on the server over a period of time. Sessions are created to avoid requesting the identification information from the client for each resource that is accessed. Sessions are commonly created when a server first transmits the requested identification information by sending session information to the client for the purpose of creating a cookie on the client. The cookie contains an identifier for the session. When creating the session, the server also stores the session identifier in a database of sessions. Upon transmitting subsequent requests for resources on the server, the client transmits the identifier for the session from the cookie to the server with the request. The client only transmits the identifier for the session from the cookie when the domain of the server receiving the request is the same as the domain of the server that set the cookie. For example, if a cookie is created with an identifier for a session on a server in the 'yahoo.com' domain, the client will transmit the identifier from the cookie to future requests to 'yahoo.com', but not to requests to 'google.com.' The server uses the identifier to make decisions about which resources may be returned or whether a session has existed for more than a particular period of time and has expired.
"Servers are commonly taken offline to perform maintenance, to be moved, or due to hardware or software failures. Session data may be lost when the server is taken offline. Another server may provide access to the requested resources. For example, the servers may be configured in a cluster. If another server provides access to the requested resources, the client is requested by the second server to send identifying information to create a new session on the second server and have continued access to the resources. The identification information of the user may be requested again.
"Accordingly, it would be advantageous to have a method, a computer program product, and an apparatus which takes into account one or more of the issues discussed above as well as possibly other issues."
As a supplement to the background information on this patent, VerticalNews correspondents also obtained the inventor's summary information for this patent: "The different illustrative embodiments provide a method, a computer program product, and an apparatus for restoring secure sessions. A determination is made whether cached information for a session for the requestor is stored at the data processing system using a session cookie responsive to receiving a request at a data processing system from a requestor to access a resource. Access to the resource is controlled using the cached information and a number of privileges for the requestor associated with the cached information responsive to a determination that the cached information for the session is stored at the data processing system. A migration cookie is requested from the requestor responsive to an absence of a determination that the cached information for the session is stored at the data processing system. The cached information is generated for the session using the migration cookie."
For additional information on this patent, see: Wray,
Keywords for this news article include: Information Technology, Information and Data Processing,
Our reports deliver fact-based news of research and discoveries from around the world. Copyright 2013, NewsRx LLC
Most Popular Stories
- Slow Week Ahead of December FOMC Meeting
- Hispanics Seek to Grow School Board Members
- 'Knockout Game': Myth or Menace?
- U.S. Companies Eager for Iranian Business
- Questions Remain in Jenni Rivera's Death
- Entrepreneurs' Next Creation May Be New Laws
- Banks Fret as Volcker Vote Approaches
- Bitcoin Used to Buy Tesla Car
- GM Bailout Saved 1.2 Million U.S. Jobs, Report Says
- Paul Walker Fans Pay Respects