PROVISIONING A DEVICE TO BE AN AUTHENTICATION DEVICE

    公开(公告)号:US20170223014A1

    公开(公告)日:2017-08-03

    申请号:US15488357

    申请日:2017-04-14

    Abstract: In certain embodiments, a web services system receives a request to provision a device, such as a telephone, as an authentication device. The web services system initiates display of an image communicating a key to allow the telephone to capture the image and to send key information associated with the key. The web services system receives the key and determines that the key information is valid. In response to the determination, the web services system sends a seed to the telephone to provision the telephone to be an authentication device. The telephone can use the seed to generate one-time passcodes to access a service of the web services system.

    PROVISIONING A DEVICE TO BE AN AUTHENTICATION DEVICE

    公开(公告)号:US20210211419A1

    公开(公告)日:2021-07-08

    申请号:US17087347

    申请日:2020-11-02

    Abstract: In certain embodiments, a web services system receives a request to provision a device, such as a telephone, as an authentication device. The web services system initiates display of an image communicating a key to allow the telephone to capture the image and to send key information associated with the key. The web services system receives the key and determines that the key information is valid. In response to the determination, the web services system sends a seed to the telephone to provision the telephone to be an authentication device. The telephone can use the seed to generate one-time passcodes to access a service of the web services system.

    Authentication through a secret holding proxy

    公开(公告)号:US10931442B1

    公开(公告)日:2021-02-23

    申请号:US16152885

    申请日:2018-10-05

    Abstract: Client requests may be directed through a secret holding proxy system such that the secret holding proxy system may insert a secret into a client request before arriving at the destination. The insertion of a secret may include inserting a digital signature, token or other information that includes a secret or information based upon a secret, which may include secret exchange or authentication protocols. The secret holding proxy system may also remove secrets and/or transform incoming messages such that the client may transparently receive the underlying content of the message.

    BROWSER SECURITY MODULE
    7.
    发明申请

    公开(公告)号:US20170187521A1

    公开(公告)日:2017-06-29

    申请号:US14980033

    申请日:2015-12-28

    Abstract: Authenticated requests can be sent without requiring the requests to include or potentially expose secret information used for the authentication process. A client device use a security credential such as a key to sign a request to be sent to a recipient. When the request is received, the recipient determines whether the request was signed using the correct key for the sender. In some embodiments a client token is included with the request that statelessly encodes the key, enabling a recipient capable of decoding the client token to determine the key and compare that key to the signature of the request. The sender can store the secret information in a secure location, such as a browser security module, such that the secret information is not exposed to the browser or script executing on the client device.

    IMPLEMENTATION OF SECURE COMMUNICATIONS IN A SUPPORT SYSTEM
    8.
    发明申请
    IMPLEMENTATION OF SECURE COMMUNICATIONS IN A SUPPORT SYSTEM 有权
    支持系统中安全通信的实现

    公开(公告)号:US20150347763A1

    公开(公告)日:2015-12-03

    申请号:US14714982

    申请日:2015-05-18

    Abstract: A support system negotiates secure connections on behalf of multiple guest systems using a set of credentials associated with the guest systems. The operation of the secure connection may be transparent to the guest system such that guest system may send and receive messages that are encrypted or decrypted by the support system, such as a hypervisor. As the support system is in between the guest system and a destination, the support system may act as a local endpoint to the secure connection. Messages may be altered by the support system to indicate to a guest system which communications were secured. The credentials may be managed by the support system such that the guest system does not require access to the credentials.

    Abstract translation: 支持系统使用与guest虚拟机系统相关联的一组凭据代表多个客户系统协商安全连接。 安全连接的操作对客户系统可能是透明的,使得客系统可以发送和接收由诸如管理程序之类的支持系统加密或解密的消息。 由于支持系统在客户系统和目的地之间,支持系统可以充当安全连接的本地端点。 消息可以由支持系统改变以向客系统指示哪些通信被保护。 证书可以由支持系统管理,使得客户机系统不需要访问凭证。

    Browser security module
    9.
    发明授权

    公开(公告)号:US10313112B2

    公开(公告)日:2019-06-04

    申请号:US14980033

    申请日:2015-12-28

    Abstract: Authenticated requests can be sent without requiring the requests to include or potentially expose secret information used for the authentication process. A client device use a security credential such as a key to sign a request to be sent to a recipient. When the request is received, the recipient determines whether the request was signed using the correct key for the sender. In some embodiments a client token is included with the request that statelessly encodes the key, enabling a recipient capable of decoding the client token to determine the key and compare that key to the signature of the request. The sender can store the secret information in a secure location, such as a browser security module, such that the secret information is not exposed to the browser or script executing on the client device.

    Stateless and secure authentication

    公开(公告)号:US10110579B2

    公开(公告)日:2018-10-23

    申请号:US14834218

    申请日:2015-08-24

    Abstract: Authenticated requests can be sent without requiring the requests to include or potentially expose secret information used for the authentication process. A client device use a security credential such as a key to sign a request to be sent to a recipient. When the request is received, the recipient determines whether the request was signed using the correct key for the sender. In some embodiments a client token is included with the request that statelessly encodes the key, enabling a recipient capable of decoding the client token to determine the key and compare that key to the signature of the request. The sender can store the secret information in a secure location, such as a browser security module, such that the secret information is not exposed to the browser or script executing on the client device.

Patent Agency Ranking