| US 7,487,360 B1 | ||
| Secure authentication and authorization for transaction processing | ||
| Robert Lennie, Sunnyvale, Calif. (US); Carl Chen, Mountain View, Calif. (US); and Gabe Dalbec, San Jose, Calif. (US) | ||
| Assigned to PalmSource, Inc., Sunnyvale, Calif. (US) | ||
| Filed on Nov. 26, 2003, as Appl. No. 10/723,367. | ||
| Application 10/723367 is a continuation of application No. 09/607683, filed on Jun. 30, 2000, granted, now 6,754,825. | ||
| This patent is subject to a terminal disclaimer. | ||
| Int. Cl. H04K 1/00 (2006.01); H04L 9/00 (2006.01); G06F 7/00 (2006.01); G06K 9/00 (2006.01) | ||
| U.S. Cl. 713—181 [713/182; 726/26; 380/44; 707/1] | 24 Claims |
| 22. An apparatus for processing a query comprising:
means for accessing said query wherein said query comprises user identification data, said query further comprising an unencrypted
portion comprising unencrypted data and an encrypted portion comprising an encrypted buffer encrypted using a first encryption
key, said encrypted buffer also encrypted using a second encryption key;
means for obtaining said second encryption key;
means for decrypting at least a portion of said encrypted portion using said second encryption key;
means for decrypting said encrypted buffer using said first encryption key; and
means for determining authentication by comparing said user identification data to user identification data contained within
said encrypted buffer;
wherein said query further comprises a request buffer encrypted using said second encryption key and further comprising means
for transmitting said unencrypted request buffer to a site providing service related to said query provided said query is
determined to be authentic and authorized.
|