| US 7,490,237 B1 | ||
| Systems and methods for caching in authentication systems | ||
| Dinarte R. Morais, Redmond, Wash. (US); Ling Tony Chen, Bellevue, Wash. (US); Mark D. VanAntwerp, Redmond, Wash. (US); Boyd C. Multerer, Seattle, Wash. (US); and Gary A. Thompson, Redmond, Wash. (US) | ||
| Assigned to Microsoft Corporation, Redmond, Wash. (US) | ||
| Filed on Jun. 27, 2003, as Appl. No. 10/608,653. | ||
| Int. Cl. H04L 9/32 (2006.01); H04L 9/00 (2006.01) | ||
| U.S. Cl. 713—170 [713/181; 713/166; 726/5] | 21 Claims |
| 1. A process for verification of a client authentication request by a server which can decrease problems associated with sham
authentication requests, the process comprising:
receiving, in the server, a client authentication request including client-specific data;
comparing the client specific data to data stored in a first cache memory coupled to the server to determine whether the client
specific data meet a first threshold of validity;
if the client specific data meet the first threshold of validity, proceeding with the authentication process; and
if the client specific data do not meet the first threshold of validity, then storing in a second cache memory a portion of
the client specific data and an indication that the client specific data do not correspond to a valid client, wherein the
portion of the client specific data and the indication stored in the second cache memory identify a client name associated
with the client authentication request and associate the client name with a negative indication of validity regardless of
whether the client specific data includes valid proof of knowledge of privileged data, and then terminating the verification
process.
|