Patent Grant
7941533
1. Field of the Invention
The present invention relates to session management, and more particularly to single sign-on session management across multiple servers without requiring a central session management server.
2. Description of the Related Art
As known in the field of electronic information access, it is common for protected resources on a server to require some form of authentication or certification before the protected resources are provided to a client user. As an example, the client user at a computer with a browser application, such as INTERNET EXPLORER or NETSCAPE, connects to the server over the Internet and attempts to access, down-load or view a protected resource. Before allowing access to the protected resource, the server must verify that the client user is allowed access to the protected resource. This may take the form of validating the user's credentials against a list of authorized users through a log-in process. Once the user is authenticated through the log-in process, the user is granted credentials and a session between the client and the server is established. It is common for a client user to want access to protected resources on multiple servers. Unless there is some form of sharing or communication between the servers, the client user must log-in to each of the servers. This is not particularly advantageous, and to overcome these disadvantages, single sign-on session management servers have been developed and fielded. Examples of these types of session management systems are the system provided by ENTRUST, of Plano Tex., called GETACCESS, and the system provided by NETEGRITY of Waltham Mass., called NETEGRITY SITEMINDER. It is common with these types of single sign-on session management systems to use a central session management server, connected to the protected resource servers. In some configurations, central session management is hosted on a single server. In other configurations, a number of servers host the central session management, with the individual servers inter-connected and acting as a single logical server. A single logical server requires an exchange of information between the individual servers to maintain a consistent data set.
The central session management server validates the session credentials of client users. This system architecture allows a single sign-on and shared use of the session credentials. However, a central session management server is a potential single point for managing and controlling all sessions in the system and is therefore vulnerable as a single point of failure. A central session management server can also limit network performance for session updates. As a network scales, there are more applications in the single sign-on environment and more traffic to and from the session manager. Therefore, in addition to being a single point of failure, this type of architecture with a central session management server can impose additional network traffic loads. The additional network traffic loads can have a significant effect when session management is distributed over a wide area network, where bandwidth tends to be more restricted than over a local area network.
One of the reasons that systems use a central session management server is to provide a central location to check for session invalidity. This requires a check for credential invalidity each time a client accesses a server application. However, session invalidity is a very rare event. Therefore, checking for credential validity creates a significant volume of overhead to detect a rare event.
What is needed is a system and method that provides single session sign-on without requiring a central session management server, without providing a single point of failure, or without the associated network traffic load.
The preceding description is not to be construed as an admission that any of the description is prior art relative to the present invention.
In one embodiment, the invention provides a method and system for single sign-on session management by establishing a session credential, validating the session credential at a first server, granting access to a first protected resource of the first server, validating the session credential at a second server, and granting access to a second protected resource of the second server. In this embodiment, communication with a third server is not required to validate the session credential at either the first server or the second server.
In one embodiment, the invention provides a method and system for single sign-on session management by providing a list of authorized users to a first server and to a second server, establishing a session credential using the list of authorized users, validating the session credential at the first server, validating the session credential at a second server, providing an update to the list of authorized users to the first server and to the second server, and changing the session credential based on the update to the list. Communication with a third server is not required to validate the session credential at either the first server or the second server.
In one embodiment, the invention provides a system for single sign-on session management comprising a first server with a first resource, a session management plug-in running on the first server, a second server with a second resource, a session management plug-in running on the second server, a first network providing a connection of the second server to the first server, and a client with a session credential, the client connectable to the first server and to the second server by the first network. The first server validates the session credential using the session management plug-in running on the first server without requiring a connection to either the second server or any other server and the second server validates the session credential using the session management plug-in running on the second server without requiring a connection to either the first server or any other server.
The foregoing specific aspects of the invention are illustrative of those which can be achieved by the present invention and are not intended to be exhaustive or limiting of the possible aspects or advantages that can be realized. Thus, the aspects of this invention will be apparent from the description herein or can be learned from practicing the invention, both as embodied herein or as modified in view of any variations which may be apparent to those skilled in the art. Accordingly the present invention resides in the novel parts, constructions, arrangements, combinations and improvements herein shown and described.
The foregoing features and other aspects of the invention are explained in the following description taken in conjunction with the accompanying figures wherein:
It is understood that the drawings are for illustration only and are not limiting.
In order to understand the various embodiments of the methods and systems of the instant invention, it is helpful to understand existing systems and methods. Referring to
Referring to
At steps 204, 206, server 104 checks to see if the request includes a cookie or token.
If there is no cookie present, then at steps 208, 210, client 102 is redirected to log-in server 112.
At steps 212, 214, log-in server 112 sends a log-in page to client 102 and client 102 provides log-in information.
At step 216, log-in server 112 checks the log-in information provided by the client user against a master list and grants access by issuing a credential to the user if the log-in information for the client user is correct. Although not illustrated, if the log-in information is not correct the client may be given other opportunities to provide the correct log-in information before possibly being locked out of the system.
The credential that log-in server 112 grants to the user is typically in the form of a token or cookie that is sent to the client browser application. Once the client user 102 has received the credential in the form of the cookie, every time they want access to a protected resource on server 104, the client user sends that cookie with the request to server 104.
On the re-direct at step 230, now that the client user has received a credential at step 216, the browser is redirected back to server 104. However, this time, when server 104 checks for a cookie at steps 204, 206, (the cookie containing the client credential) the cookie is found and the cookie or part of the cookie is sent to session management server 116 (SMS) to check for validity.
It is understood that some companies use the term SMS to refer to proprietary systems or services. However, here the term SMS refers generically to a session management server, without limit to any particular brand or company.
At steps 218, 220, SMS 116 checks for validity of the credential contained within the cookie. If the credential information is valid, then at step 221, SMS 116 updates the session record of client user 102 and then at step 222, SMS 116 informs server 104, which sends the protected resource to client user 102 at step 224. Client user 102 receives the requested protected resource at step 226.
It is possible that a cookie is present with the initial request for a protected resource, as determined at steps 204, 206, but the credential information is either not valid or is not correct, as determined at steps 218, 220. In this case, at step 208, client user 102 is redirected to log-in server 112, where the previously described log-in steps 210 through 216 are performed.
There are a number of reasons that credential information contained within the cookie may be invalid, such as expiration of a session time-out value or activity time-out value.
To simplify somewhat,
Referring now to
Servers 404, 406, 408 each run a respective instance of a session management service (SMS) plug-in 405, 407, 409.
Referring to
At steps 504, 506, server 404 checks for a cookie in the request.
If a cookie is present in the request, then at steps 508, 510, server 404 checks to see if the cookie is valid, and if valid, at steps 512, 514 server 404 sends the protected resource that was requested by client user 102.
If server 404 determines at steps 504, 506 that a cookie is not present with the request, or at steps 508, 510 that the cookie is not valid, then at steps 516, 518 the client user is re-directed to log-in server 112.
The log-in process illustrated at steps 212 through 216 of
To simplify somewhat,
Using a cryptographically generated cookie, such as described elsewhere, once credentialed by server 404, client 102 will also be able to access protected resources on the other servers (406, 408).
In the embodiments of the invention that are illustrated in
Referring now to
At steps 804, 806, server 704 checks for a cookie in the request.
If a cookie is present in the request, then at steps 808, 810, the session management plug-in 710 of server 704 checks to see if the cookie is valid, and if valid, at steps 812, 814 server 704 sends the protected resource that was requested by client user 102.
If server 704 or session management plug-in 710 determines at steps 804, 806 that a cookie is not present with the request, or at steps 808, 810 that the cookie is not valid, then at steps 816, 818 the client user is re-directed to log-in plug-in 705.
It is also possible, although not illustrated, that log-in plug-in 705 and server 704 merely sends the log-in page at step 212, bypassing redirection steps 816 and 818.
The log-in process illustrated at steps 212 through 216 of
As illustrated and described, it is clear that client user 102 can successfully log-in at any of servers 704, 706, 708. This has the benefit of eliminating the need for a separate log-in server and also eliminates the need for a separate session management server to validate each client request for a protected resource. Instead, log-in and validation of the client user session credentials occurs entirely within server 704, 706, 708 using respective plug-ins and avoids the need for communication between servers 704, 706, 708 and any other server. In this manner, client user 102 can log-in and access protected resources on any of servers 704, 706, 708. This is because neither the log-in nor the credential validation process relies on a separate session management server or a separate log-in server. Instead, log-in and session management is replicated by plug-ins and handled within each of servers 704, 706, 708. Further, if a cryptographically generated cookie is available, such as described elsewhere, the session credentials from log-in to one server are valid and useable on any of the other servers.
At steps 902, 904, global repository 118 sends a list of authorized client users and authorized accesses to each of log-in plug-ins 705, 707, 709. This may be a push of the information, or log-in plug-ins 705, 707, 709 may individually request the information from repository 118 on a regular basis. Log-in plug-ins 705, 707, 709 use this list of authorized client users and their respective access to create a session credential for any authorized client user 102 that attempts to gain access to a protected resource on any of servers 704, 706, 708. Once the log-in plug-in creates the session credential, client user 102 uses the credential in their requests for protected resources from any of servers 704, 706, 708. This is possible as long as the credential remains valid.
During either regular updates, or on an ad hoc basis, at step 906, repository 118 determines whether there is a change in the authorized users. The change can be addition or deletion of users, addition or deletion of particular accesses of users or changes to user entitlements. If there is no change in the authorized users, repository loops or does nothing. However, if there is a change in the authorized users, then at step 908, repository 118 pushes the update of the list of authorized users out to each of log-in plug-ins 705, 707, 709. To ensure that the most current information on authorized users is available to every log-in plug-in, this update is normally a push operation from repository 118, rather than a scheduled pull by log-in plug-ins 705, 707, 709.
In steps that are not illustrated in
Assuming the client credentials are valid, then at step 914, server 704, or log-in plug-in 705 determines whether there has been a change in the list of authorized users. For example, a change in the list of authorized users could occur when repository 118 pushes an update to the list at step 908 and the log-in plug-in stores the update at step 904.
If there has been no change in the list of authorized users, then at steps 916, 918, server 704 provides the protected resource to client user 102.
However, if there has been a change in the list of authorized users, then at steps 920, 922 the client user is checked against the updated list to determine if the user remains authorized, or whether their current accesses must be changed.
If the particular client user was not affected by the update to the list, then at steps 916, 918 the requested protected resource is provided.
However, if the particular client user is no longer authorized, or their access has been changed for that particular resource, then at steps 924, 926 the access is denied and the client user is directed to the log-in page of the log-in plug-in 705. Alternatively, although not illustrated, the client user may be denied access to that particular protected resource, but allowed access to other protected resources.
An Example of Cryptographically Generated Cookies
Where session management is moved from a single or central server to individual plug-ins running on the individual servers, it is advantageous for credentials granted by one server to be useable by another server. Otherwise, the credentials do not truly provide single session sign-on. Therefore, a technique for creating and using cryptographically generating cookies is provided.
An example of a cryptographically generated cookie is provided below.
The layout of the data in the cookie is as follows:
1. Version, a 32-bit signed integer, network byte order
2. User ID, a 32-bit signed integer, network byte order. This field contains the user ID from the Global Repository
3. Last Activity, a 64-bit signed integer, network byte order. This field contains the time of last activity in milliseconds and in GMT, per the Java Date Implementation.
4. Session Start timestamp, a 64-bit signed integer, network byte order. This field contains the time at which the session started in milliseconds and in GMT, per the Java Date Implementation.
5. Maximum Session Idle Time, a 64 bit signed integer, network byte order. This field contains the maximum session idle time during the current session in milliseconds. The value will only increase in value during a session. One purpose of this field is to allow different idle time restrictions for different applications. For example if the current session was idle for 6 minutes on an application where the idle time restriction is 10 minutes, this field will reflect that 6 minutes of idle time. However, the session will not be terminated. If the user then attempts to connect to a different application, which has a maximum idle time restriction of 5 minutes, the user will not be allowed access because the maximum session idle time during the current session (6 minutes) is longer than the idle time restriction of the application (5 minutes).
6. Message Authenticator, a 160-bit HMAC. This field contains an SHA-1 HMAC of fields 1-5, computed using a key which is shared amongst the runtimes.
The entire credential is Base64-encoded into text format when it is placed in the client browser.
Using a cookie of this format, every time that client user 102 requests a protected resource from a server, the SMS plug-in of the server first checks for and decrypts the cookie, and then checks for validity of the cookie. Each of the SMS plug-ins can perform these checks because the key is shared by all of the servers.
Referring now to
At steps 1004, 1006 the SMS plug-in checks decryption validity. If the decryption is not valid, the plug-in generates an error message at step 1028 and ends.
If the decryption is valid, then at steps 1008, 1010, the SMS plug-in checks the time since last activity. If the time has exceeded a pre-set time, the plug-in generates an error message at step 1028 and ends.
If the time since last activity is valid, then at steps 1012, 1014, the SMS plug-in checks the time since session start. If the time has exceeded a pre-set time, the plug-in generates an error message at step 1028 and ends.
If the time since session start is valid, then at steps 1016, 1018, the server checks the maximum idle time value. If the maximum idle time exceeds the idle time restriction of the current application, the plug-in generates an error message at step 1028 and ends.
If the maximum idle time value is valid, then at steps 1020, 1022, the server checks the user ID. The server may perform this check, or it may be performed by the log-in plug-in running on the server. If the user ID is not valid, the server or plug-in generates an error message at step 1028 and ends or loops for further action, such as through any of the known techniques.
If the user ID is valid, then at step 1024, a new cryptographically generated cookie is created, updating the time of last activity. At step 1026, the new cookie is sent to the client with the protected resource.
It is possible that some of the checks illustrated in
Although illustrative embodiments have been described herein in detail, it should be noted and will be appreciated by those skilled in the art that numerous variations may be made within the scope of this invention without departing from the principle of this invention and without sacrificing its chief advantages.
One such variation is the use of credentials to personalize content even though the requested resource may not be protected. In this way, the visual presentation or content is personalized according to the user.
Unless otherwise specifically stated, the terms and expressions have been used herein as terms of description and not terms of limitation. There is no intention to use the terms or expressions to exclude any equivalents of features shown and described or portions thereof and this invention should be defined in accordance with the claims that follow.
| Number | Name | Date | Kind |
|---|---|---|---|
| 3896266 | Waterbury | Jul 1975 | A |
| 3938091 | Atalla et al. | Feb 1976 | A |
| 4321672 | Braun et al. | Mar 1982 | A |
| 4567359 | Lockwood | Jan 1986 | A |
| 4633397 | Macco | Dec 1986 | A |
| 4695880 | Johnson et al. | Sep 1987 | A |
| 4696491 | Stenger | Sep 1987 | A |
| 4713761 | Sharpe et al. | Dec 1987 | A |
| 4725719 | Oncken et al. | Feb 1988 | A |
| 4745468 | Von Kohorn | May 1988 | A |
| 4799156 | Shavit | Jan 1989 | A |
| 4801787 | Suzuki | Jan 1989 | A |
| 4823264 | Deming | Apr 1989 | A |
| 4882675 | Nichtberger et al. | Nov 1989 | A |
| 4926255 | Von Kohorn | May 1990 | A |
| 4941090 | McCarthy | Jul 1990 | A |
| 4964043 | Galvin | Oct 1990 | A |
| 4992940 | Dworkin | Feb 1991 | A |
| 5016270 | Katz | May 1991 | A |
| 5050207 | Hitchcock | Sep 1991 | A |
| 5084816 | Boese | Jan 1992 | A |
| 5117355 | McCarthy | May 1992 | A |
| 5157717 | Hitchcock | Oct 1992 | A |
| 5189606 | Burns et al. | Feb 1993 | A |
| 5202826 | McCarthy | Apr 1993 | A |
| 5220501 | Lawlor | Jun 1993 | A |
| 5233654 | Harvey et al. | Aug 1993 | A |
| 5235509 | Mueller et al. | Aug 1993 | A |
| 5241594 | Kung | Aug 1993 | A |
| 5265033 | Vajk | Nov 1993 | A |
| 5287268 | McCarthy | Feb 1994 | A |
| 5297026 | Hoffman | Mar 1994 | A |
| 5317683 | Hager et al. | May 1994 | A |
| 5321841 | East | Jun 1994 | A |
| 5351186 | Bullock | Sep 1994 | A |
| 5381332 | Wood | Jan 1995 | A |
| 5412708 | Katz | May 1995 | A |
| 5420405 | Chasek | May 1995 | A |
| 5446740 | Yien | Aug 1995 | A |
| 5450134 | Legate | Sep 1995 | A |
| 5450537 | Hirai et al. | Sep 1995 | A |
| 5465206 | Hilt et al. | Nov 1995 | A |
| 5467269 | Flaten | Nov 1995 | A |
| 5469576 | Dauerer et al. | Nov 1995 | A |
| 5473143 | Vak | Dec 1995 | A |
| 5473732 | Change | Dec 1995 | A |
| 5485370 | Moss et al. | Jan 1996 | A |
| 5506961 | Carlson et al. | Apr 1996 | A |
| 5511117 | Zazzera | Apr 1996 | A |
| 5513102 | Auriemma | Apr 1996 | A |
| 5532920 | Hartrick | Jul 1996 | A |
| 5534855 | Shockley et al. | Jul 1996 | A |
| 5537314 | Kanter | Jul 1996 | A |
| 5537473 | Saward | Jul 1996 | A |
| 5544086 | Davis et al. | Aug 1996 | A |
| 5546452 | Andrews | Aug 1996 | A |
| 5551021 | Harada | Aug 1996 | A |
| 5557334 | Legate | Sep 1996 | A |
| 5557518 | Rosen | Sep 1996 | A |
| 5560008 | Johnson et al. | Sep 1996 | A |
| 5568489 | Yien | Oct 1996 | A |
| 5570295 | Isenberg | Oct 1996 | A |
| 5570465 | Tsakanikas | Oct 1996 | A |
| 5576951 | Lockwood | Nov 1996 | A |
| 5583778 | Wind | Dec 1996 | A |
| 5590197 | Chen | Dec 1996 | A |
| 5590199 | Krajewski et al. | Dec 1996 | A |
| 5592378 | Cameron | Jan 1997 | A |
| 5592560 | Deaton et al. | Jan 1997 | A |
| 5594837 | Noyes | Jan 1997 | A |
| 5598557 | Doner | Jan 1997 | A |
| 5602936 | Lynn | Feb 1997 | A |
| 5603025 | Tabb | Feb 1997 | A |
| 5604490 | Blakley et al. | Feb 1997 | A |
| 5606496 | D'Agostino | Feb 1997 | A |
| 5611052 | Dykstra | Mar 1997 | A |
| 5621201 | Langhans | Apr 1997 | A |
| 5621789 | McCalmont | Apr 1997 | A |
| 5621812 | Deaton et al. | Apr 1997 | A |
| 5625767 | Bartell | Apr 1997 | A |
| 5634101 | Blau | May 1997 | A |
| 5638457 | Deaton et al. | Jun 1997 | A |
| 5640577 | Scharmer | Jun 1997 | A |
| 5642419 | Rosen | Jun 1997 | A |
| 5642515 | Jones et al. | Jun 1997 | A |
| 5644493 | Motai | Jul 1997 | A |
| 5653914 | Holmes et al. | Aug 1997 | A |
| 5657383 | Gerber | Aug 1997 | A |
| 5657388 | Weiss | Aug 1997 | A |
| 5659165 | Jennings | Aug 1997 | A |
| 5664115 | Fraser | Sep 1997 | A |
| 5666493 | Wojcik et al. | Sep 1997 | A |
| 5671285 | Newman | Sep 1997 | A |
| 5675637 | Szlam et al. | Oct 1997 | A |
| 5675662 | Deaton et al. | Oct 1997 | A |
| 5677955 | Doggett et al. | Oct 1997 | A |
| 5678046 | Cahill et al. | Oct 1997 | A |
| 5682524 | Freund | Oct 1997 | A |
| 5684870 | Maloney | Nov 1997 | A |
| 5689100 | Carrithers et al. | Nov 1997 | A |
| 5692132 | Hogan | Nov 1997 | A |
| 5699528 | Hogan | Dec 1997 | A |
| 5703344 | Bezy et al. | Dec 1997 | A |
| 5710886 | Christensen et al. | Jan 1998 | A |
| 5710887 | Chelliah | Jan 1998 | A |
| 5710889 | Clark et al. | Jan 1998 | A |
| 5715298 | Rogers | Feb 1998 | A |
| 5715314 | Payne | Feb 1998 | A |
| 5715399 | Bezos | Feb 1998 | A |
| 5715402 | Popolo | Feb 1998 | A |
| 5715450 | Ambrose | Feb 1998 | A |
| 5724424 | Gifford | Mar 1998 | A |
| 5727163 | Bezos | Mar 1998 | A |
| 5734838 | Robinson | Mar 1998 | A |
| 5737414 | Walker et al. | Apr 1998 | A |
| 5740231 | Cohn et al. | Apr 1998 | A |
| 5754840 | Rivette | May 1998 | A |
| 5758126 | Daniels et al. | May 1998 | A |
| 5758328 | Giovannoli | May 1998 | A |
| 5761288 | Gray | Jun 1998 | A |
| 5761647 | Boushy | Jun 1998 | A |
| 5761661 | Coussens | Jun 1998 | A |
| 5764789 | Pare et al. | Jun 1998 | A |
| 5765141 | Spector | Jun 1998 | A |
| 5765143 | Sheldon | Jun 1998 | A |
| 5768382 | Schneier et al. | Jun 1998 | A |
| 5774122 | Kojima | Jun 1998 | A |
| 5778178 | Arunachalam | Jul 1998 | A |
| 5784562 | Diener | Jul 1998 | A |
| 5787403 | Randle | Jul 1998 | A |
| 5787404 | Fernandez-Holmann | Jul 1998 | A |
| 5790650 | Dunn | Aug 1998 | A |
| 5790785 | Klug et al. | Aug 1998 | A |
| 5793861 | Haigh | Aug 1998 | A |
| 5794178 | Caid | Aug 1998 | A |
| 5794207 | Walker | Aug 1998 | A |
| 5794259 | Kikinis | Aug 1998 | A |
| 5796395 | De Hond | Aug 1998 | A |
| 5797127 | Walker et al. | Aug 1998 | A |
| 5798508 | Walker et al. | Aug 1998 | A |
| 5802498 | Comesanas | Sep 1998 | A |
| 5802502 | Gell | Sep 1998 | A |
| 5805719 | Pare et al. | Sep 1998 | A |
| 5805803 | Birrell et al. | Sep 1998 | A |
| 5815657 | Williams et al. | Sep 1998 | A |
| 5815683 | Vogler | Sep 1998 | A |
| 5818936 | Moshayekhi | Oct 1998 | A |
| 5819092 | Ferguson | Oct 1998 | A |
| 5819285 | Damico | Oct 1998 | A |
| 5825863 | Walker | Oct 1998 | A |
| 5825870 | Miloslavsky | Oct 1998 | A |
| 5826241 | Stein | Oct 1998 | A |
| 5826245 | Sandberg-Diment | Oct 1998 | A |
| 5826250 | Trefler | Oct 1998 | A |
| 5828734 | Katz | Oct 1998 | A |
| 5828751 | Walker et al. | Oct 1998 | A |
| 5828812 | Khan et al. | Oct 1998 | A |
| 5828833 | Belville et al. | Oct 1998 | A |
| 5832460 | Bednar | Nov 1998 | A |
| 5832476 | Tada | Nov 1998 | A |
| 5835087 | Herz | Nov 1998 | A |
| 5835580 | Fraser | Nov 1998 | A |
| 5835603 | Coutts | Nov 1998 | A |
| 5838906 | Doyle | Nov 1998 | A |
| 5842178 | Giovannoli | Nov 1998 | A |
| 5842211 | Horadan | Nov 1998 | A |
| 5844553 | Hao | Dec 1998 | A |
| 5845259 | West et al. | Dec 1998 | A |
| 5845260 | Nakano et al. | Dec 1998 | A |
| 5847709 | Card | Dec 1998 | A |
| 5848143 | Andrews | Dec 1998 | A |
| 5848400 | Chang | Dec 1998 | A |
| 5848427 | Hyodo | Dec 1998 | A |
| 5852812 | Reeder | Dec 1998 | A |
| 5857079 | Claus et al. | Jan 1999 | A |
| 5862223 | Walker | Jan 1999 | A |
| 5864830 | Armetta et al. | Jan 1999 | A |
| RE36116 | McCarthy | Feb 1999 | E |
| 5870718 | Spector | Feb 1999 | A |
| 5870724 | Lawlor | Feb 1999 | A |
| 5870725 | Bellinger et al. | Feb 1999 | A |
| 5871398 | Schneier et al. | Feb 1999 | A |
| 5873072 | Kight | Feb 1999 | A |
| 5873096 | Lim | Feb 1999 | A |
| 5880769 | Nemirofsky | Mar 1999 | A |
| 5883810 | Franklin et al. | Mar 1999 | A |
| 5884032 | Bateman | Mar 1999 | A |
| 5884270 | Walker et al. | Mar 1999 | A |
| 5884272 | Walker et al. | Mar 1999 | A |
| 5884274 | Walker et al. | Mar 1999 | A |
| 5884288 | Chang | Mar 1999 | A |
| 5889863 | Weber | Mar 1999 | A |
| 5892900 | Ginter et al. | Apr 1999 | A |
| 5898780 | Liu et al. | Apr 1999 | A |
| 5899982 | Randle | May 1999 | A |
| 5903881 | Schrader | May 1999 | A |
| 5909486 | Walker et al. | Jun 1999 | A |
| 5910988 | Ballard | Jun 1999 | A |
| 5913202 | Motoyama | Jun 1999 | A |
| 5914472 | Foladare et al. | Jun 1999 | A |
| 5915244 | Jack et al. | Jun 1999 | A |
| 5918214 | Perkowski | Jun 1999 | A |
| 5918217 | Maggioncalda | Jun 1999 | A |
| 5918239 | Allen et al. | Jun 1999 | A |
| 5920847 | Kolling et al. | Jul 1999 | A |
| 5921864 | Walker et al. | Jul 1999 | A |
| 5923763 | Walker et al. | Jul 1999 | A |
| 5926796 | Walker et al. | Jul 1999 | A |
| 5926812 | Hilsenrath | Jul 1999 | A |
| 5930764 | Melchione | Jul 1999 | A |
| 5933816 | Zeanah | Aug 1999 | A |
| 5933817 | Hucal | Aug 1999 | A |
| 5933823 | Cullen | Aug 1999 | A |
| 5933827 | Cole | Aug 1999 | A |
| 5940812 | Tengel et al. | Aug 1999 | A |
| 5943656 | Crooks | Aug 1999 | A |
| 5944824 | He | Aug 1999 | A |
| 5945653 | Walker et al. | Aug 1999 | A |
| 5946388 | Walker et al. | Aug 1999 | A |
| 5947747 | Walker et al. | Sep 1999 | A |
| 5949044 | Walker et al. | Sep 1999 | A |
| 5949875 | Walker et al. | Sep 1999 | A |
| 5950173 | Perkowski | Sep 1999 | A |
| 5950174 | Brendzel | Sep 1999 | A |
| 5950206 | Krause | Sep 1999 | A |
| 5952639 | Ohki | Sep 1999 | A |
| 5952641 | Korshun | Sep 1999 | A |
| 5953710 | Fleming | Sep 1999 | A |
| 5956695 | Carrithers et al. | Sep 1999 | A |
| 5958007 | Lee et al. | Sep 1999 | A |
| 5960411 | Hartman et al. | Sep 1999 | A |
| 5961593 | Gabber et al. | Oct 1999 | A |
| 5963635 | Szlam et al. | Oct 1999 | A |
| 5963925 | Kolling et al. | Oct 1999 | A |
| 5963952 | Smith | Oct 1999 | A |
| 5963953 | Cram et al. | Oct 1999 | A |
| 5966695 | Melchione et al. | Oct 1999 | A |
| 5966699 | Zandi | Oct 1999 | A |
| 5967896 | Jorasch et al. | Oct 1999 | A |
| 5969318 | Mackenthun | Oct 1999 | A |
| 5970143 | Schneier et al. | Oct 1999 | A |
| 5970470 | Walker et al. | Oct 1999 | A |
| 5970478 | Walker et al. | Oct 1999 | A |
| 5970482 | Pham | Oct 1999 | A |
| 5970483 | Evans | Oct 1999 | A |
| 5978467 | Walker et al. | Nov 1999 | A |
| 5983196 | Wendkos | Nov 1999 | A |
| 5987434 | Libman | Nov 1999 | A |
| 5987454 | Hobbs | Nov 1999 | A |
| 5987498 | Athing et al. | Nov 1999 | A |
| 5991736 | Ferguson et al. | Nov 1999 | A |
| 5991738 | Ogram | Nov 1999 | A |
| 5991748 | Taskett | Nov 1999 | A |
| 5991751 | Rivette et al. | Nov 1999 | A |
| 5991780 | Rivette | Nov 1999 | A |
| 5995948 | Whitford | Nov 1999 | A |
| 5995976 | Walker et al. | Nov 1999 | A |
| 5999596 | Walker et al. | Dec 1999 | A |
| 5999907 | Donner | Dec 1999 | A |
| 6000033 | Kelly et al. | Dec 1999 | A |
| 6001016 | Walker et al. | Dec 1999 | A |
| 6003762 | Hayashida | Dec 1999 | A |
| 6005939 | Fortenberry et al. | Dec 1999 | A |
| 6006205 | Loeb et al. | Dec 1999 | A |
| 6006249 | Leong | Dec 1999 | A |
| 6009415 | Shurling et al. | Dec 1999 | A |
| 6009442 | Chen et al. | Dec 1999 | A |
| 6010404 | Walker et al. | Jan 2000 | A |
| 6012088 | Li et al. | Jan 2000 | A |
| 6012983 | Walker et al. | Jan 2000 | A |
| 6014439 | Walker et al. | Jan 2000 | A |
| 6014635 | Harris et al. | Jan 2000 | A |
| 6014636 | Reeder | Jan 2000 | A |
| 6014638 | Burge et al. | Jan 2000 | A |
| 6014641 | Loeb et al. | Jan 2000 | A |
| 6014645 | Cunningham | Jan 2000 | A |
| 6016810 | Ravenscroft | Jan 2000 | A |
| 6018714 | Risen, Jr. | Jan 2000 | A |
| 6018718 | Walker et al. | Jan 2000 | A |
| 6024640 | Walker et al. | Feb 2000 | A |
| 6026429 | Jones et al. | Feb 2000 | A |
| 6032134 | Weissman | Feb 2000 | A |
| 6032147 | Williams et al. | Feb 2000 | A |
| 6038547 | Casto | Mar 2000 | A |
| 6038552 | Fleischl et al. | Mar 2000 | A |
| 6041357 | Kunzelman et al. | Mar 2000 | A |
| 6041383 | Jeffords et al. | Mar 2000 | A |
| 6042006 | Van Tilburg et al. | Mar 2000 | A |
| 6044362 | Neely | Mar 2000 | A |
| 6045039 | Stinson et al. | Apr 2000 | A |
| 6049778 | Walker et al. | Apr 2000 | A |
| 6049782 | Gottesman et al. | Apr 2000 | A |
| 6049835 | Gagnon | Apr 2000 | A |
| 6055637 | Hudson et al. | Apr 2000 | A |
| 6061665 | Bahreman | May 2000 | A |
| 6064987 | Walker et al. | May 2000 | A |
| 6065120 | Laursen et al. | May 2000 | A |
| 6065675 | Teicher | May 2000 | A |
| 6070147 | Harms et al. | May 2000 | A |
| 6070153 | Simpson | May 2000 | A |
| 6070244 | Orchier et al. | May 2000 | A |
| 6073105 | Sutcliffe et al. | Jun 2000 | A |
| 6073113 | Guinan | Jun 2000 | A |
| 6075519 | Okatani et al. | Jun 2000 | A |
| 6076072 | Libman | Jun 2000 | A |
| 6081790 | Rosen | Jun 2000 | A |
| 6081810 | Rosenzweig et al. | Jun 2000 | A |
| 6085168 | Mori et al. | Jul 2000 | A |
| 6088444 | Walker et al. | Jul 2000 | A |
| 6088451 | He et al. | Jul 2000 | A |
| 6088683 | Jalili | Jul 2000 | A |
| 6088686 | Walker et al. | Jul 2000 | A |
| 6088700 | Larsen et al. | Jul 2000 | A |
| 6091817 | Bertina et al. | Jul 2000 | A |
| 6092196 | Reiche | Jul 2000 | A |
| 6095412 | Bertina et al. | Aug 2000 | A |
| 6098070 | Maxwell | Aug 2000 | A |
| 6101486 | Roberts et al. | Aug 2000 | A |
| 6104716 | Crichton et al. | Aug 2000 | A |
| 6105012 | Chang et al. | Aug 2000 | A |
| 6105865 | Hardesty | Aug 2000 | A |
| 6111858 | Greaves et al. | Aug 2000 | A |
| 6112181 | Shear et al. | Aug 2000 | A |
| 6115690 | Wong | Sep 2000 | A |
| 6119093 | Walker et al. | Sep 2000 | A |
| 6119099 | Walker et al. | Sep 2000 | A |
| 6128599 | Walker et al. | Oct 2000 | A |
| 6128602 | Northington et al. | Oct 2000 | A |
| 6131810 | Weiss et al. | Oct 2000 | A |
| 6134549 | Regnier et al. | Oct 2000 | A |
| 6134592 | Montulli | Oct 2000 | A |
| 6135349 | Zirkel | Oct 2000 | A |
| 6138106 | Walker et al. | Oct 2000 | A |
| 6138118 | Koppstein et al. | Oct 2000 | A |
| 6141651 | Riley et al. | Oct 2000 | A |
| 6141666 | Tobin | Oct 2000 | A |
| 6144946 | Iwamura | Nov 2000 | A |
| 6144948 | Walker et al. | Nov 2000 | A |
| 6145086 | Bellemore et al. | Nov 2000 | A |
| 6148293 | King | Nov 2000 | A |
| 6151584 | Papierniak et al. | Nov 2000 | A |
| 6154750 | Roberge et al. | Nov 2000 | A |
| 6154879 | Pare et al. | Nov 2000 | A |
| 6161182 | Nadooshan | Dec 2000 | A |
| 6164533 | Barton | Dec 2000 | A |
| 6170011 | Beck et al. | Jan 2001 | B1 |
| 6178511 | Cohen et al. | Jan 2001 | B1 |
| 6182052 | Fulton et al. | Jan 2001 | B1 |
| 6182142 | Win et al. | Jan 2001 | B1 |
| 6182225 | Hagiuda et al. | Jan 2001 | B1 |
| 6185242 | Arthur et al. | Feb 2001 | B1 |
| 6189029 | Fuerst | Feb 2001 | B1 |
| 6195644 | Bowie | Feb 2001 | B1 |
| 6199077 | Inala et al. | Mar 2001 | B1 |
| 6201948 | Cook et al. | Mar 2001 | B1 |
| 6202005 | Mahaffey | Mar 2001 | B1 |
| 6202054 | Lawlor et al. | Mar 2001 | B1 |
| 6202151 | Musgrave et al. | Mar 2001 | B1 |
| 6205480 | Broadhurst et al. | Mar 2001 | B1 |
| 6208978 | Walker et al. | Mar 2001 | B1 |
| 6208984 | Rosenthal | Mar 2001 | B1 |
| 6216115 | Barrameda et al. | Apr 2001 | B1 |
| 6219706 | Fan | Apr 2001 | B1 |
| 6222914 | McMullin | Apr 2001 | B1 |
| 6226623 | Schein et al. | May 2001 | B1 |
| 6226679 | Gupta | May 2001 | B1 |
| 6227447 | Campisano | May 2001 | B1 |
| 6230148 | Pare et al. | May 2001 | B1 |
| 6243688 | Kalina | Jun 2001 | B1 |
| 6243816 | Fang et al. | Jun 2001 | B1 |
| 6253327 | Zhang et al. | Jun 2001 | B1 |
| 6253328 | Smith, Jr. | Jun 2001 | B1 |
| 6260026 | Tomida et al. | Jul 2001 | B1 |
| 6266648 | Baker, III | Jul 2001 | B1 |
| 6266683 | Yehuda et al. | Jul 2001 | B1 |
| 6267292 | Walker et al. | Jul 2001 | B1 |
| 6269348 | Pare et al. | Jul 2001 | B1 |
| 6275944 | Kao et al. | Aug 2001 | B1 |
| 6289322 | Kitchen et al. | Sep 2001 | B1 |
| 6298330 | Gardenswartz et al. | Oct 2001 | B1 |
| 6298356 | Jawahar et al. | Oct 2001 | B1 |
| 6301567 | Leong et al. | Oct 2001 | B1 |
| 6308273 | Goertzel et al. | Oct 2001 | B1 |
| 6308274 | Swift | Oct 2001 | B1 |
| 6311275 | Jin et al. | Oct 2001 | B1 |
| 6317838 | Baize | Nov 2001 | B1 |
| 6324524 | Lent et al. | Nov 2001 | B1 |
| 6327573 | Walker et al. | Dec 2001 | B1 |
| 6327578 | Linehan | Dec 2001 | B1 |
| 6332192 | Boroditsky et al. | Dec 2001 | B1 |
| 6336104 | Walker et al. | Jan 2002 | B1 |
| 6343279 | Bissonette et al. | Jan 2002 | B1 |
| 6345261 | Feidelson | Feb 2002 | B1 |
| 6349242 | Mahaffey | Feb 2002 | B2 |
| 6349336 | Sit et al. | Feb 2002 | B1 |
| 6374359 | Shrader et al. | Apr 2002 | B1 |
| 6385591 | Mankoff | May 2002 | B1 |
| 6385652 | Brown et al. | May 2002 | B1 |
| 6401125 | Makarios et al. | Jun 2002 | B1 |
| 6401211 | Brezak, Jr. et al. | Jun 2002 | B1 |
| 6408389 | Grawrock et al. | Jun 2002 | B2 |
| 6418457 | Schmidt et al. | Jul 2002 | B1 |
| 6421729 | Paltenghe et al. | Jul 2002 | B1 |
| 6421768 | Purpura | Jul 2002 | B1 |
| 6438219 | Karau et al. | Aug 2002 | B1 |
| 6438594 | Bowman-Amuah | Aug 2002 | B1 |
| 6453353 | Win et al. | Sep 2002 | B1 |
| 6460141 | Olden | Oct 2002 | B1 |
| 6490624 | Sampson et al. | Dec 2002 | B1 |
| 6493677 | von Rosen et al. | Dec 2002 | B1 |
| 6493685 | Ensel et al. | Dec 2002 | B1 |
| 6496824 | Wilf | Dec 2002 | B1 |
| 6496855 | Hunt et al. | Dec 2002 | B1 |
| 6496936 | French et al. | Dec 2002 | B1 |
| 6510523 | Perlman et al. | Jan 2003 | B1 |
| 6532284 | Walker et al. | Mar 2003 | B2 |
| 6535855 | Cahill et al. | Mar 2003 | B1 |
| 6535917 | Zamanzadeh et al. | Mar 2003 | B1 |
| 6535980 | Kumar et al. | Mar 2003 | B1 |
| 6557039 | Leong et al. | Apr 2003 | B1 |
| 6581040 | Wright et al. | Jun 2003 | B1 |
| 6584505 | Howard et al. | Jun 2003 | B1 |
| 6584508 | Epstein et al. | Jun 2003 | B1 |
| 6609113 | O'Leary et al. | Aug 2003 | B1 |
| 6609125 | Layne et al. | Aug 2003 | B1 |
| 6609198 | Wood et al. | Aug 2003 | B1 |
| 6618579 | Smith et al. | Sep 2003 | B1 |
| 6618806 | Brown et al. | Sep 2003 | B1 |
| 6623415 | Gates et al. | Sep 2003 | B2 |
| 6687222 | Albert et al. | Feb 2004 | B1 |
| 6691232 | Wood et al. | Feb 2004 | B1 |
| 6718482 | Sato et al. | Apr 2004 | B2 |
| 6725252 | Himmel et al. | Apr 2004 | B1 |
| 6725269 | Megiddo | Apr 2004 | B1 |
| 6751654 | Massarani et al. | Jun 2004 | B2 |
| 6754833 | Black et al. | Jun 2004 | B1 |
| 6766370 | Glommen et al. | Jul 2004 | B2 |
| 6772146 | Khemlani et al. | Aug 2004 | B2 |
| 6820202 | Wheeler et al. | Nov 2004 | B1 |
| 6826696 | Chawla et al. | Nov 2004 | B1 |
| 6832202 | Schuyler et al. | Dec 2004 | B1 |
| 6848000 | Reynolds | Jan 2005 | B1 |
| 6856970 | Campbell et al. | Feb 2005 | B1 |
| 6892231 | Jager | May 2005 | B2 |
| 6907566 | McElfresh et al. | Jun 2005 | B1 |
| 6938158 | Azuma | Aug 2005 | B2 |
| 6965939 | Cuomo et al. | Nov 2005 | B2 |
| 6976164 | King et al. | Dec 2005 | B1 |
| 7089585 | Dharmarajan | Aug 2006 | B1 |
| 7093020 | McCarty et al. | Aug 2006 | B1 |
| 7137006 | Grandcolas et al. | Nov 2006 | B1 |
| 20010012974 | Mahaffey | Aug 2001 | A1 |
| 20010032184 | Tenembaum | Oct 2001 | A1 |
| 20010047295 | Tenembaum | Nov 2001 | A1 |
| 20010051917 | Bissonette et al. | Dec 2001 | A1 |
| 20010054003 | Chien et al. | Dec 2001 | A1 |
| 20020007313 | Mai et al. | Jan 2002 | A1 |
| 20020007460 | Azuma | Jan 2002 | A1 |
| 20020010599 | Levison | Jan 2002 | A1 |
| 20020010668 | Travis et al. | Jan 2002 | A1 |
| 20020018585 | Kim | Feb 2002 | A1 |
| 20020019938 | Aarons | Feb 2002 | A1 |
| 20020032613 | Buettgenbach et al. | Mar 2002 | A1 |
| 20020032650 | Hauser et al. | Mar 2002 | A1 |
| 20020059141 | Davies et al. | May 2002 | A1 |
| 20020077978 | O'Leary et al. | Jun 2002 | A1 |
| 20020099826 | Summers et al. | Jul 2002 | A1 |
| 20020104006 | Boate et al. | Aug 2002 | A1 |
| 20020104017 | Stefan | Aug 2002 | A1 |
| 20020107788 | Cunningham | Aug 2002 | A1 |
| 20020152163 | Bezos et al. | Oct 2002 | A1 |
| 20020165949 | Na | Nov 2002 | A1 |
| 20020174010 | Rice, III | Nov 2002 | A1 |
| 20020184507 | Makower et al. | Dec 2002 | A1 |
| 20020188869 | Patrick | Dec 2002 | A1 |
| 20020191548 | Ylonen et al. | Dec 2002 | A1 |
| 20030018915 | Stoll | Jan 2003 | A1 |
| 20030023880 | Edwards et al. | Jan 2003 | A1 |
| 20030034388 | Routhenstein et al. | Feb 2003 | A1 |
| 20030037142 | Munger et al. | Feb 2003 | A1 |
| 20030046587 | Bheemarasetti et al. | Mar 2003 | A1 |
| 20030046589 | Gregg | Mar 2003 | A1 |
| 20030051026 | Carter et al. | Mar 2003 | A1 |
| 20030070069 | Belapurkar et al. | Apr 2003 | A1 |
| 20030070084 | Satomaa et al. | Apr 2003 | A1 |
| 20030074580 | Knouse et al. | Apr 2003 | A1 |
| 20030079147 | Hsieh et al. | Apr 2003 | A1 |
| 20030084345 | Bjornestad et al. | May 2003 | A1 |
| 20030084647 | Smith et al. | May 2003 | A1 |
| 20030088552 | Bennett et al. | May 2003 | A1 |
| 20030105981 | Miller et al. | Jun 2003 | A1 |
| 20030110399 | Rail | Jun 2003 | A1 |
| 20030115160 | Nowlin et al. | Jun 2003 | A1 |
| 20030119642 | Gates et al. | Jun 2003 | A1 |
| 20030154403 | Keinsley et al. | Aug 2003 | A1 |
| 20030159072 | Bellinger et al. | Aug 2003 | A1 |
| 20030163733 | Barriga-Caceres et al. | Aug 2003 | A1 |
| 20030177067 | Cowell et al. | Sep 2003 | A1 |
| 20030191549 | Otsuka et al. | Oct 2003 | A1 |
| 20040031856 | Atsmon et al. | Feb 2004 | A1 |
| 20050080747 | Anderson et al. | Apr 2005 | A1 |
| 20050082362 | Anderson et al. | Apr 2005 | A1 |
| 20050086160 | Wong et al. | Apr 2005 | A1 |
| 20050086177 | Anderson et al. | Apr 2005 | A1 |
| Number | Date | Country |
|---|---|---|
| 0917119 | May 1999 | EP |
| 1022664 | Jul 2000 | EP |
| WO 9940507 | Aug 1999 | WO |
| WO 9952051 | Oct 1999 | WO |
| WO 0068858 | Nov 2000 | WO |
| WO 0118656 | Mar 2001 | WO |
| WO 0135355 | May 2001 | WO |
| WO 0143084 | Jun 2001 | WO |
| WO 0188659 | Nov 2001 | WO |
| WO 0217082 | Feb 2002 | WO |
| Number | Date | Country | |
|---|---|---|---|
| 20030158949 A1 | Aug 2003 | US |
