Abstract: A single passcode can be used for validation by a user of several entities in a system without compromising security. The source of the entity providing validation credentials, along with the passcode, is considered when determining validity. A one-time password system validates credentials if a validation credentials, such as a user's valid passcode and the source of the credentials, have not been used previously. In a one-time passcode system, a validation processor receives validation credentials from a client processor. If the client processor has not previously sent the validation credentials to the validation processor, and the credentials are valid, the validation processor will validate the credentials. Otherwise, the credentials are invalid. Other client processors can utilize the same passcode and their respective source identifiers, and as long as the other client processors have not previously utilized the credentials, the credentials are declared valid.

Abstract: Systems and methods for performing explicit delegation with strong authentication are described herein. Systems can include one or more clients, one or more end servers, and one or more gateways intermediate or between the client and the end server. The client may include an explicit strong delegation component that is adapted to strongly authenticate the client to the gateway. The explicit strong delegation component may also explicitly delegate to the gateway a right to authenticate on behalf of the client, and to define a period of time over which the explicit delegation is valid. The system may be viewed as being self-contained, in the sense that the system need not access third-party certificate or key distribution authorities. Finally, the client controls the gateways or end servers to which the gateway may authenticate on the client's behalf.

Abstract: Session management by analysis of requests and responses is described herein. A gateway receives requests from a client system, forwards the same to a protected resource, and receives responses from the protected resource. The gateway includes a session management module that manages an authenticated session between the client system and the protected resource. In one aspect, the session management module receives responses that are labeled to indicate whether the requests corresponding to the responses are user-initiated or automatically-initiated. In other aspects, the session management module analyzes the requests to identify any periodic patterns appearing therein. The session management module identifies any requests that are part of a periodic pattern as automatically-initiated requests. In either case, the session management module maintains a timer for each session, and resets the timer when a user-initiated request is identified. Any session whose timer expires is terminated.

Abstract: A system and a method is disclosed for prefetching travel information relevant to travel products from travel suppliers, prior to a process of making travel reservations by users. The system includes a prefetcher for retrieving the travel information. The system also includes a cache for storing the travel information retrieved by the prefetcher and a front-end wherein the system is able to receive queries from the user and respond to the queries. Prefetching creates a comprehensive cache having a substantially high probability of containing the travel information that the user needs.