公开(公告)号：US20100235637A1

公开(公告)日：2010-09-16

申请号：US12666276

申请日：2008-06-23

申请人： H.Karen Lu ,  Asad Mahboob Ali ,  Kapil Sachdeva

发明人： H.Karen Lu ,  Asad Mahboob Ali ,  Kapil Sachdeva

IPC分类号： H04L9/32 ,  G06F21/00

CPC分类号： H04L63/0853 ,  G06F21/6263 ,  H04L63/1441 ,  H04L63/18

摘要： The invention relates to a portable authentication token comprising connection means for connecting to a computer, browser communication means for communicating with a browser running on the computer, and user authentication means for authenticating a user of the token to a server. The user authentication means are triggered via the browser communication means when the user connects to the server from the browser of the computer. The user authentication means are set to authenticate the user by communicating with the server through the browser. The token comprises out-of-band token communication means set to validate user authentication by establishing a communication channel between the token and the server, the communication channel bypassing the browser.The invention also relates to an authentication method and to a system comprising a token, a computer and a server to which the user authenticates with the token.

摘要翻译： 本发明涉及包括用于连接到计算机的连接装置的便携式认证令牌，用于与在计算机上运行的浏览器进行通信的浏览器通信装置以及用于将令牌的用户认证到服务器的用户认证装置。 当用户从计算机的浏览器连接到服务器时，通过浏览器通信装置触发用户认证装置。 用户认证装置设置为通过浏览器与服务器通信来认证用户。 令牌包括带外令牌通信装置，设置为通过在令牌和服务器之间建立通信信道来验证用户认证，通信信道绕过浏览器。 本发明还涉及一种认证方法以及一种系统，该系统包括令牌，计算机和服务器，用户使用令牌进行认证。