Appeal No. 1997-3178
Application 08/464,069
In an alternate embodiment of the authentication
arrangement, the CSS 24 and the LA 26 may be combined
into a single entity. Yet, in accordance with the
exemplary embodiment of the invention described below,
the CSS and LA are separate nodes. The CSS 24 is
accessed at registration to store a user's long-term
credential in a database directory and is thereafter
accessed at login by the workstation 12 to retrieve
that credential for authentication purposes, as
described below.
This portion of Kaufman is not very helpful in
explaining how the claim limitations are met and we do not
understand why the Examiner relies on the embodiment where
the CSS and the LA are combined. Nevertheless, we find that
Kaufman anticipates claims 25, 29, and 32, and 36.
The CSS (certificate storage server) node 24 shown in
figure 3 holds a "digital data structure" including the
"username" N, which we find corresponds to the claimed
"identifying information identifying the legitimate computer
user" in claims 25 and 32. The data structure in CSS 24
also includes a doubly encrypted "credential" {{U} , H2}H1 LA-PUB
which contains an encrypted private key U (col. 4,
lines 26-32). For purposes of discussion, we take the
encrypted quantity {U} to be the claimed "secret digital
H1
information." {U} is concatenated with hash total H2 and
H1
encrypted with the public key of the login agent (LA),
- 16 -
Page: Previous 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 Next
Last modified: November 3, 2007