Patent Issued for Authentication Data Migration (USPTO 10,986,084) - Insurance News | InsuranceNewsNet

InsuranceNewsNet — Your Industry. One Source.™

Sign in
  • Subscribe
  • About
  • Advertise
  • Contact
Home Now reading Newswires
Topics
    • Advisor News
    • Annuity Index
    • Annuity News
    • Companies
    • Earnings
    • Fiduciary
    • From the Field: Expert Insights
    • Health/Employee Benefits
    • Insurance & Financial Fraud
    • INN Magazine
    • Insiders Only
    • Life Insurance News
    • Newswires
    • Property and Casualty
    • Regulation News
    • Sponsored Articles
    • Washington Wire
    • Videos
    • ———
    • About
    • Meet our Editorial Staff
    • Advertise
    • Contact
    • Newsletters
  • Exclusives
  • NewsWires
  • Magazine
  • Newsletters
Sign in or register to be an INNsider.
  • AdvisorNews
  • Annuity News
  • Companies
  • Earnings
  • Fiduciary
  • Health/Employee Benefits
  • Insurance & Financial Fraud
  • INN Exclusives
  • INN Magazine
  • Insurtech
  • Life Insurance News
  • Newswires
  • Property and Casualty
  • Regulation News
  • Sponsored Articles
  • Video
  • Washington Wire
  • Life Insurance
  • Annuities
  • Advisor
  • Health/Benefits
  • Property & Casualty
  • Insurtech
  • About
  • Advertise
  • Contact
  • Editorial Staff

Get Social

  • Facebook
  • X
  • LinkedIn
Newswires
Newswires RSS Get our newsletter
Order Prints
April 29, 2021 Newswires
Share
Share
Post
Email

Patent Issued for Authentication Data Migration (USPTO 10,986,084)

Insurance Daily News

2021 APR 29 (NewsRx) -- By a News Reporter-Staff News Editor at Insurance Daily News -- Massachusetts Mutual Life Insurance Company (Springfield, Massachusetts, United States) has been issued patent number 10,986,084, according to news reporting originating out of Alexandria, Virginia, by NewsRx editors.

The patent’s inventors are Dobbs, II, George Byron (South Windsor, CT).

This patent was filed on September 17, 2018 and was published online on May 3, 2021.

From the background information supplied by the inventors, news correspondents obtained the following quote: “Out of consideration for cost saving or when the hardware is no longer suitable, desirable, and/or available, there may be a need for a computer system migration where data is transferred from one computer system to another. For example, a computer system migration may refer to transferring data from a mainframe computer to a more open system, such as a cloud computing platform. However, migrating from an old computer system to a new computer system could be inconvenient for the users. In some instances, the users may be required to reregister a new account with the new system. For example, users may need to change their authentication credentials and create a new set of authentication credentials with the new computer system because the old computer system may not be able to transfer the users’ authentication credentials (e.g., password) to the new system due to technical challenges or security considerations. In typical security systems, passwords stored in the old system may be opaque to the new system. In other words, it is not always secure to directly transfer the passwords from the old system to the new system in plaintext. As a result, it may be difficult for the new system to authenticate the users.

“As discussed above, in the existing and conventional methods, the new system may require the users to reregister to be authenticated. The new system may also create a new database to store the new passwords. Otherwise, whenever a user tries to log into the new system after the system migration, it may be required that the old system authenticates the user in the transition phase. In the meantime, the new system may capture the inputted account passwords, and save into a new database. Overtime, after all the users login, the new system may obtain their passwords, and retire the old system. In other words, there may be two different systems operating at the same time during the transition phase. These conventional methods and solutions have created several shortcomings and a new set of technical challenges. Requiring all the users to reregister would be inconvenient and waste the users’ time, which may have negative impacts on the user experience. Requiring the old system to do authentication may create a need for a parallel run of both systems during the transition phase, which may be difficult for system maintenance. It may also be hard for customer service to deal with two different back-end systems.”

Supplementing the background information on this patent, NewsRx reporters also obtained the inventors’ summary information for this patent: “For the aforementioned reasons, there is a need for a secure system to completely retire the old system and rely entirely on the new system, while allowing the users to retain their old passwords. Discussed herein are systems and methods for processing the user passwords to compute a string representation for each password, exporting the strings to the new system, authenticating users using the strings at the new system to retire the old system, and retaining use of the old passwords in security system migration.

“In one embodiment, a method comprises receiving, by a first server, from a second server, a set of strings corresponding to a plurality of users’ authentication data, wherein each string corresponds to each user’s authentication data and is a hash value generated by the second server based at least on each user’s authentication data; receiving, by the first server, an authentication request from a user of the plurality of users, wherein the authentication request comprises at least a user identifier and authentication data; querying, by the first server from a database storing the set of strings received from the second server, a first string corresponding to the user’s authentication data based on the user identifier; generating, by the first server, a second string corresponding to the user’s authentication data by applying a hashing algorithm to the user’s authentication data and a salt value associated with the user; comparing, by the first server, the first string and the second string to determine whether the first string matches the second string; and upon the first string matching the second string: authenticating, by the first server, the user by granting the user access to a user account associated with the user identifier; and replacing, by the first server, the first string with the user’s authentication data in the database.

“In another embodiment, a system comprises a second server; and a first server in communication with the second server and configured to: receive, from the second server, a set of strings corresponding to a plurality of users’ authentication data, wherein each string corresponds to each user’s authentication data and is a hash value generated by the second server based at least on each user’s authentication data; receive an authentication request from a user of the plurality of users, wherein the authentication request comprises at least a user identifier and authentication data; query, from a database storing the set of strings received from the second server, a first string corresponding to the user’s authentication data based on the user identifier; generate a second string corresponding to the user’s authentication data by applying a hashing algorithm to the user’s authentication data and a salt value associated with the user; compare the first string and the second string to determine whether the first string matches the second string; upon the first string matching the second string: authenticate the user by granting the user access to a user account associated with the user identifier; and replace the first string with the user’s authentication data in the database.

“It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory and are intended to provide further explanation of the disclosed embodiments and subject matter as claimed.”

The claims supplied by the inventors are:

“What is claimed is:

“1. A method for transferring authentication data from a first server to a second server, comprising: receiving, by the first server and from the second server, a set of strings corresponding to a plurality of users’ authentication data, wherein each string corresponds to each user’s authentication data and is a hash value generated by the second server based at least on each user’s authentication data; receiving, by the first server, an authentication request from a user of the plurality of users, wherein the authentication request comprises at least a user identifier and authentication data; querying, by the first server from a database storing the set of strings received from the second server, a first string corresponding to the user’s authentication data based on the user identifier; generating, by the first server, a second string corresponding to the user’s authentication data by applying a hashing algorithm to the user’s authentication data and a salt value associated with the user; comparing, by the first server, the first string and the second string to determine whether the first string matches the second string; upon the first string matching the second string: authenticating, by the first server, the user by granting the user access to a user account associated with the user identifier; and replacing, by the first server, the first string with the user’s authentication data in the database; and wherein the second server is retired once at least a portion of the plurality of users’ authentication data has been transferred to the first server.

“2. The method of claim 1, further comprising: upon the first string does not match the second string, determining, by the first server, if the authentication data is reset by the user; and upon determining the authentication data is not reset, notifying, by the first server, the user that authentication fails.

“3. The method of claim 1, wherein the first server is a new server, the second server is an old server, and a system migrates from the old server to the new server.

“4. The method of claim 1, wherein the hashing algorithm is one of SHA-0, SHA-1, SHA-2, and SHA-3.

“5. The method of claim 1, wherein the salt value is a randomly generated value.

“6. The method of claim 1, wherein the set of strings are character strings.

“7. The method of claim 1, wherein the authentication data is a password in plaintext format.

“8. The method of claim 1, further comprising, completing, by the first server, authentication data migration after each of the set of strings is replaced by the corresponding authentication data.

“9. The method of claim 1, wherein the second string is computed by using the authentication data and the salt value as inputs of the hashing algorithm, and appending the salt value to the hash value.

“10. The method of claim 1, further comprising: updating, by the first server, a field in the database to indicate the first string is replaced with the authentication data.

“11. A system for transferring authentication data from a first server to a second server, comprising: a second server; and a first server in communication with the second server and configured to: receive, from the second server, a set of strings corresponding to a plurality of users’ authentication data, wherein each string corresponds to each user’s authentication data and is a hash value generated by the second server based at least on each user’s authentication data; receive an authentication request from a user of the plurality of users, wherein the authentication request comprises at least a user identifier and authentication data; query, from a database storing the set of strings received from the second server, a first string corresponding to the user’s authentication data based on the user identifier; generate a second string corresponding to the user’s authentication data by applying a hashing algorithm to the user’s authentication data and a salt value associated with the user; compare the first string and the second string to determine whether the first string matches the second string; upon the first string matching the second string: authenticate the user by granting the user access to a user account associated with the user identifier; and replace the first string with the user’s authentication data in the database; and wherein the second server is retired once at least a portion of the plurality of users’ authentication data is transferred to the first server.

“12. The system of claim 11, wherein the first server is further configured to: upon the first string does not match the second string, determine if the authentication data is reset by the user; and upon determining the authentication data is not reset, notify the user that authentication fails.

“13. The system of claim 11, wherein the first server is a new server, the second server is an old server, and a system migrates from the old server to the new server.

“14. The system of claim 11, wherein the hashing algorithm is one of SHA-0, SHA-1, SHA-2, and SHA-3.

“15. The system of claim 11, wherein the salt value is a randomly generated value.

“16. The system of claim 11, wherein the set of strings are character strings.

“17. The system of claim 11, wherein the authentication data is a password in plaintext format.

“18. The system of claim 11, wherein the first server is further configured to complete authentication data migration after each of the set of strings is replaced by the corresponding authentication data.

“19. The system of claim 11, wherein the second string is computed by using the authentication data and the salt value as inputs of the hashing algorithm, and appending the salt value to the hash value.

“20. The system of claim 11, wherein the first server is further configured to update a field in the database to indicate the first string is replaced with the authentication data.”

For the URL and additional information on this patent, see: Dobbs, II, George Byron. Authentication Data Migration. U.S. Patent Number 10,986,084, filed September 17, 2018, and published online on May 3, 2021. Patent URL: http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PALL&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.htm&r=1&f=G&l=50&s1=10,986,084.PN.&OS=PN/10,986,084RS=PN/10,986,084

(Our reports deliver fact-based news of research and discoveries from around the world.)

Older

20 years after Baltimore’s Howard Street Tunnel fire, long-sought expansion project poised to begin

Newer

Common Crop Insurance Regulations; Forage Seeding Crop Insurance Provisions

Advisor News

  • The overlooked retirement security risk that must be addressed
  • What advisors should know about hedge funds in retirement planning
  • Retirement control is top success measure for middle class, ACLI says
  • Industry groups applaud House passage of Financial Exploitation Prevention Act
  • Younger workers more likely to be eligible for a retirement plan after changing jobs
More Advisor News

Annuity News

  • Malibu Life Holdings Completes Acquisition of TruSpire, Establishing Malibu USA and Accelerating Entry into the U.S. Retail Annuity Market
  • Why job boards are failing insurance agencies
  • MassMutual Ranks No. 100 on the 2026 Fortune 500® List
  • What’s fueling record annuity growth?
  • Jackson Named InvestmentNews 2026 Annuities Provider of the Year
More Annuity News

Health/Employee Benefits News

  • Millions of people drop ACA coverage amid jump in prices Millions drop ACA coverage amid price jump. Did fraud inflate signups? (copy)
  • Former city DPW director wants opportunity to 'defend my actions' in light of separation agreement
  • CDPHP, MVP Health Care among insurers seeking rate increases
  • How health insurers get a free pass to deny coverage from a 52‑year‑old law meant to protect worker pensions
  • Reports from Capital One AG Describe Recent Advances in Managed Care (Factors Affecting Medical Appointment Adherence among Adolescents and Young Adults with Kidney Disease: A Longitudinal Cohort Study): Managed Care
More Health/Employee Benefits News

Life Insurance News

  • NAIFA praises House committee approval of Clarity for Compensation Act
  • PHL Variable liquidation pushed out to 2027, Connecticut regulators say
  • ‘Recession-Proof’ Insurance Is Trending. Safety Net or Scam?
  • Winged Keel Group Expands National Presence and PPLI Leadership, Welcomes SBSI, Inc. (dba NFP Insurance Solutions)
  • MassMutual Ranks No. 100 on the 2026 Fortune 500® List
More Life Insurance News

NEWS INSIDE

  • Companies
  • Earnings
  • Economic News
  • INN Magazine
  • Insurtech News
  • Newswires Feed
  • Regulation News
  • Washington Wire
  • Videos

FEATURED OFFERS

Life moves fast. Your BGA should, too.
Stay ahead with Modern Life's AI-powered tech and expert support.

A MYGA for Clients Hesitant to Commit to One Long-Term Rate
First-year certainty. Annual rate updates. Get the CurrentRate® MYGA Sales Kit.

Elite Networking & Insights Await at the Event of the Year
The industry's premier conference for leaders driving what’s next in financial services.

Press Releases

  • Prosperity Life GroupSM Launches Prosperity PathWaySM Series, Bringing Greater Choice and Flexibility to Retirement Income Planning
  • Senior Market Sales® Fortifies Annuity Reach With Acquisition of Retirement Planning Firm Stratton & Company
  • RFP #T01625
  • Rockwood Programs Appoints Kerry Ladouceur as Vice President, Financial Lines
  • JP Insurance Group Launches Commercial Property & Casualty Division; Appoints Joe Webster as Managing Director
More Press Releases > Add Your Press Release >

How to Write For InsuranceNewsNet

Find out how you can submit content for publishing on our website.
View Guidelines

Topics

  • Advisor News
  • Annuity Index
  • Annuity News
  • Companies
  • Earnings
  • Fiduciary
  • From the Field: Expert Insights
  • Health/Employee Benefits
  • Insurance & Financial Fraud
  • INN Magazine
  • Insiders Only
  • Life Insurance News
  • Newswires
  • Property and Casualty
  • Regulation News
  • Sponsored Articles
  • Washington Wire
  • Videos
  • ———
  • About
  • Meet our Editorial Staff
  • Advertise
  • Contact
  • Newsletters

Top Sections

  • AdvisorNews
  • Annuity News
  • Health/Employee Benefits News
  • InsuranceNewsNet Magazine
  • Life Insurance News
  • Property and Casualty News
  • Washington Wire

Our Company

  • About
  • Advertise
  • Contact
  • Meet our Editorial Staff
  • Magazine Subscription
  • Write for INN

Sign up for our FREE e-Newsletter!

Get breaking news, exclusive stories, and money- making insights straight into your inbox.

select Newsletter Options
Facebook Linkedin Twitter
© 2026 InsuranceNewsNet.com, Inc. All rights reserved.
  • Terms & Conditions
  • Privacy Policy
  • InsuranceNewsNet Magazine

Sign in with your Insider Pro Account

Not registered? Become an Insider Pro.
Insurance News | InsuranceNewsNet