-
21.发明申请公开(公告)号:US20140189360A1
公开(公告)日:2014-07-03
申请号:US13730795
申请日:2012-12-28
申请人: Davit Baghdasaryan , Matthew Lourie
发明人: Davit Baghdasaryan , Matthew Lourie
IPC分类号: H04L9/32
CPC分类号: H04L9/3281 , H04L9/3231 , H04L9/3234 , H04L9/3247 , H04L63/0861 , H04L63/126 , H04L2209/56
摘要: A system, apparatus, method, and machine readable medium are described for performing transaction signing within an authentication framework. For example, one embodiment of a method comprises: executing an online transaction between a first server and a client; providing transaction details of the online transaction to a second server; generating a signature over the transaction details using a key at the second server; transmitting an authentication request to the client with the signature and the transaction details; authenticating a user on the client to generate authentication data, the authentication data specifying whether the user was successfully authenticated on the client; and transmitting the authentication data, the transaction details, and the signature to the second server; using the transaction details and the key to validate the signature and using the authentication details to authenticate the client at the second server, wherein upon validating the signature and authenticating the client, the second server transmits a confirmation for the transaction to the first server.
摘要翻译: 描述了用于在认证框架内执行事务签名的系统,装置,方法和机器可读介质。 例如,方法的一个实施例包括:在第一服务器和客户端之间执行在线交易; 向第二服务器提供在线交易的交易细节; 使用第二服务器上的密钥在事务细节上生成签名; 向所述客户端发送具有所述签名和所述交易细节的认证请求; 在客户端上验证用户以生成认证数据,所述认证数据指定所述用户是否在客户端上被成功认证; 以及将所述认证数据,所述交易细节和所述签名发送到所述第二服务器; 使用所述交易细节和所述密钥来验证所述签名,并使用所述认证细节来在所述第二服务器处认证所述客户端,其中在验证所述签名并认证所述客户端时,所述第二服务器向所述第一服务器发送所述交易的确认。
-
公开(公告)号:US20110083173A1
公开(公告)日:2011-04-07
申请号:US12751954
申请日:2010-03-31
CPC分类号: G06Q20/10 , G06Q20/40 , G06Q20/401 , G06Q20/40145
摘要: A user transaction request is received at a client device. A web browser plug-in communicates the user transaction request to a server that determines whether the user transaction request is a secure transaction. Transaction data is received from the server via the web browser plug-in. If the received transaction data indicates a secure transaction, the user is prompted to provide biometric data, which is received from the user. The web browser plug-in then communicates a transaction confirmation to the server.
摘要翻译: 在客户端设备处接收用户事务请求。 Web浏览器插件将用户事务请求传送到确定用户事务请求是否为安全事务的服务器。 通过网络浏览器插件从服务器接收到交易数据。 如果接收到的交易数据指示安全交易,则提示用户提供从用户接收的生物特征数据。 Web浏览器插件然后将事务确认传递给服务器。
-
公开(公告)号:US20110083170A1
公开(公告)日:2011-04-07
申请号:US12731027
申请日:2010-03-24
CPC分类号: G06Q20/10 , G06Q20/40 , G06Q20/401 , G06Q20/40145
摘要: A web-enabled application identifies a biometric device installed in a client device. The system identifies biometric information associated with a user and creates a biometric template associated with the biometric information. The system then receives user credentials associated with the user and binds the user credentials with the biometric template.
摘要翻译: 启用Web的应用程序识别安装在客户端设备中的生物识别设备。 系统识别与用户相关联的生物特征信息,并创建与生物特征信息相关联的生物识别模板。 系统然后接收与用户相关联的用户凭证,并将用户凭证与生物特征模板绑定。
-
公开(公告)号:US20110083016A1
公开(公告)日:2011-04-07
申请号:US12731050
申请日:2010-03-24
CPC分类号: G06Q20/10 , G06Q20/40 , G06Q20/401 , G06Q20/40145
摘要: An apparatus includes a biometric sensor capable of identifying biometric information associated with a user. A storage device coupled to the biometric sensor stores user information. A biometric service is coupled to the biometric sensor and capable of communicating with the biometric sensor. A web browser application having a biometric extension communicates with the biometric sensor via the biometric service. The web browser's biometric extension is capable of communicating with multiple web servers.
摘要翻译: 一种装置包括能够识别与用户相关联的生物特征信息的生物特征传感器。 耦合到生物测定传感器的存储设备存储用户信息。 生物识别服务耦合到生物测定传感器并且能够与生物测定传感器通信。 具有生物特征扩展的网络浏览器应用程序通过生物识别服务与生物特征传感器进行通信。 网络浏览器的生物特征扩展能够与多个Web服务器进行通信。
-
公开(公告)号:US20110082801A1
公开(公告)日:2011-04-07
申请号:US12751964
申请日:2010-03-31
CPC分类号: G06Q20/10 , G06Q20/40 , G06Q20/401 , G06Q20/40145
摘要: A transaction request containing transaction details from a requesting device is generated by a web-enabled application executing on the requesting device. A secure signature associated with the transaction details is calculated using a secret key. The transaction details and the secure signature associated with the transaction details are communicated to the requesting device. Confirmation information is received from the requesting device and validated. If the confirmation information is valid, the requested transaction is implemented.
摘要翻译: 包含来自请求设备的交易详情的交易请求由在请求设备上执行的启用Web的应用程序生成。 使用秘密密钥计算与交易细节相关联的安全签名。 交易细节和与交易细节相关联的安全签名被传送到请求设备。 从请求设备接收确认信息并进行验证。 如果确认信息有效,则执行所请求的交易。
-
公开(公告)号:US20110082800A1
公开(公告)日:2011-04-07
申请号:US12751952
申请日:2010-03-31
CPC分类号: G06Q20/10 , G06Q20/40 , G06Q20/401 , G06Q20/40145
摘要: A user request to implement a secure transaction is received and communicated to a web server. Transaction details signed with a secret key are received from the web server and displayed to the user. The user is requested to confirm the secure transaction by providing biometric data. If the user's biometric data is validated, an authentication token is received from a biometric device and the authentication token is communicated to the web server. The web server processes the secure transaction if the authentication token is confirmed as a valid authentication token.
摘要翻译: 接收到用于实现安全事务的用户请求并传送到web服务器。 从网络服务器收到用秘密密钥签名的交易详细信息,并显示给用户。 请求用户通过提供生物特征数据来确认安全交易。 如果用户的生物特征数据被验证,则从生物测定设备接收到认证令牌,并将认证令牌传送到Web服务器。 如果认证令牌被确认为有效的认证令牌,Web服务器将处理安全事务。
-
-
-
-
-
搜索结果
26 条记录 (耗时 0.021 秒)
