US 9,813,382 B2
Cryptographic binding of multiple secured connections
Sunil Agrawal, Milpitas, CA (US); and Andrei Sheretov, Campbell, CA (US)
Assigned to ADOBE SYSTEMS INCORPORATED, San Jose, CA (US)
Filed by Sunil Agrawal, Milpitas, CA (US); and Andrei Sheretov, Campbell, CA (US)
Filed on Mar. 7, 2007, as Appl. No. 11/715,607.
Prior Publication US 2014/0032902 A1, Jan. 30, 2014
Int. Cl. H04L 12/58 (2006.01); H04L 29/06 (2006.01); G06F 21/41 (2013.01); H04L 29/08 (2006.01)
CPC H04L 63/0428 (2013.01) [G06F 21/41 (2013.01); H04L 51/22 (2013.01); H04L 63/0815 (2013.01); H04L 67/02 (2013.01)] 5 Claims
OG exemplary drawing
 
1. A non-transitory machine-readable medium including instructions stored thereon which when executed by a machine causes the machine to perform operations comprising:
performing the following operations as part of login of a user from a client device into a subordinate web service of a single sign-on web service:
transmitting a request, from the client device, to login into the subordinate web service;
receive redirection to login to a master web service of the single sign-in web service;
establishing a first secured connection between the client device and the master web service;
transmitting user authentication from the client device to the master web service over the first secured connection between the client device and the master web service;
receiving, by the client device, a Hypertext Transfer Protocol (HTTP) cookie for the single sign-on web service over the first secured connection between the client device and the master web service, in response to the user authentication being authenticated by the master web service; and
establishing a second secured connection by the client device with the subordinate web service using a cryptographic key in the HTTP cookie for the single sign-on service, wherein the cryptographic key in a single cookie establishes multiple secured connections for different subordinate web services without requiring a public/private key exchange, wherein establishing the second secured connection comprises establishing a Transport Layer Security (TLS) connection with the subordinate web service.