-
公开(公告)号:US07853995B2
公开(公告)日:2010-12-14
申请号:US11282174
申请日:2005-11-18
申请人: Trevin Chow , Winfred Wong , Yordan Rouskov , Kok Wai Chan , Wei Jiang , Colin Chow , Sanjeev Nagvekar , Matt Sullivan , Dilip Pai , Kalyan Sayyaparaju , Avinash Belur
发明人: Trevin Chow , Winfred Wong , Yordan Rouskov , Kok Wai Chan , Wei Jiang , Colin Chow , Sanjeev Nagvekar , Matt Sullivan , Dilip Pai , Kalyan Sayyaparaju , Avinash Belur
CPC分类号: H04L9/3213 , H04L9/3263 , H04L51/04 , H04L63/0807 , H04L63/0823 , H04L63/0846 , H04L63/20 , H04L2209/56
摘要: An integrated authentication service is described which may receive a bundled request from one or more clients. One or more of the described techniques may be utilized to provide, in response to a single bundled request, a token for proof of identity and a certificate for establishing secure communications.
摘要翻译: 描述了可以从一个或多个客户端接收捆绑请求的集成认证服务。 所述技术中的一个或多个可以用于响应于单个捆绑的请求提供用于证明身份的令牌和用于建立安全通信的证书。
-
公开(公告)号:US20110078448A1
公开(公告)日:2011-03-31
申请号:US12965449
申请日:2010-12-10
申请人: Trevin Chow , Winfred Wong , Yordan Rouskov , Kok Wai Chan , Wei Jiang , Colin Chow , Sanjeev Nagvekar , Matt Sullivan , Kalyan Sayyaparaju , Dilip Pai , Avinash Belur
发明人: Trevin Chow , Winfred Wong , Yordan Rouskov , Kok Wai Chan , Wei Jiang , Colin Chow , Sanjeev Nagvekar , Matt Sullivan , Kalyan Sayyaparaju , Dilip Pai , Avinash Belur
CPC分类号: H04L9/3213 , H04L9/3263 , H04L51/04 , H04L63/0807 , H04L63/0823 , H04L63/0846 , H04L63/20 , H04L2209/56
摘要: An integrated authentication service is described which may receive a bundled request from one or more clients. One or more of the described techniques may be utilized to provide, in response to a single bundled request, a token for proof of identity and a certificate for establishing secure communications.
摘要翻译: 描述了可以从一个或多个客户端接收捆绑请求的集成认证服务。 所述技术中的一个或多个可以用于响应于单个捆绑的请求提供用于证明身份的令牌和用于建立安全通信的证书。
-
公开(公告)号:US20070118875A1
公开(公告)日:2007-05-24
申请号:US11282174
申请日:2005-11-18
申请人: Trevin Chow , Winfred Wong , Yordan Rouskov , Kok Chan , Wei Jiang , Colin Chow , Sanjeev Nagvekar , Matt Sullivan , Kalyan Sayyaparaju , Dilip Pai , Avinash Belur
发明人: Trevin Chow , Winfred Wong , Yordan Rouskov , Kok Chan , Wei Jiang , Colin Chow , Sanjeev Nagvekar , Matt Sullivan , Kalyan Sayyaparaju , Dilip Pai , Avinash Belur
IPC分类号: H04L9/32
CPC分类号: H04L9/3213 , H04L9/3263 , H04L51/04 , H04L63/0807 , H04L63/0823 , H04L63/0846 , H04L63/20 , H04L2209/56
摘要: An integrated authentication service is described which may receive a bundled request from one or more clients. One or more of the described techniques may be utilized to provide, in response to a single bundled request, a token for proof of identity and a certificate for establishing secure communications.
摘要翻译: 描述了可以从一个或多个客户端接收捆绑请求的集成认证服务。 所述技术中的一个或多个可以用于响应于单个捆绑的请求提供用于证明身份的令牌和用于建立安全通信的证书。
-
公开(公告)号:US20070226785A1
公开(公告)日:2007-09-27
申请号:US11277317
申请日:2006-03-23
申请人: Trevin Chow , Colin Chow , Pui-Yin Wong , Dilip Pai , Sanjeev Nagvekar , Wei Jiang , Yordan Rouskov
发明人: Trevin Chow , Colin Chow , Pui-Yin Wong , Dilip Pai , Sanjeev Nagvekar , Wei Jiang , Yordan Rouskov
IPC分类号: H04L9/32
CPC分类号: H04L9/3213 , H04L9/3271 , H04L63/08 , H04L2209/56 , H04W12/06 , H04W12/08
摘要: Embodiments of multiple security token transactions are described herein. One or more of the described techniques may be utilized to provide, in a single request and response, an authentication token and a plurality security tokens for proof of identity at respective service providers.
摘要翻译: 本文描述了多个安全令牌事务的实施例。 所描述的技术中的一个或多个可以用于在单个请求和响应中提供用于在相应服务提供商身份证明的认证令牌和多个安全令牌。
-
公开(公告)号:US20070118530A1
公开(公告)日:2007-05-24
申请号:US11282290
申请日:2005-11-18
申请人: Trevin Chow , Asim Memon , Dilip Pai , Naresh Jain , Wei Jiang , Yordan Rouskov
发明人: Trevin Chow , Asim Memon , Dilip Pai , Naresh Jain , Wei Jiang , Yordan Rouskov
IPC分类号: G06F17/30
CPC分类号: G06F8/65
摘要: Software updates are described. In an implementation, a method includes forming an authentication request to be communicated to an authentication service over a network that includes a version identifier of at least one application module of a client. A response is received to the authentication request which includes an indication of whether an update is available for the at least one application module and a token that verifies the authentication.
摘要翻译: 描述软件更新。 在实现中,一种方法包括形成要通过包括客户端的至少一个应用模块的版本标识符的网络传送给认证服务的认证请求。 接收到对认证请求的响应,该认证请求包括对于至少一个应用模块是否可用的更新的指示和验证认证的令牌。
-
公开(公告)号:US20070245414A1
公开(公告)日:2007-10-18
申请号:US11279869
申请日:2006-04-14
申请人: Kok Chan , Colin Chow , Trevin Chow , Lin Huang , Naresh Jain , Wei Jiang , Yordan Rouskov , Pui-Yin Wong , Ismail Paya , Ryan Hurst
发明人: Kok Chan , Colin Chow , Trevin Chow , Lin Huang , Naresh Jain , Wei Jiang , Yordan Rouskov , Pui-Yin Wong , Ismail Paya , Ryan Hurst
IPC分类号: G06F15/16
CPC分类号: H04L63/0823 , H04L9/3234 , H04L9/3265 , H04L63/0884 , H04L63/166 , H04L2209/56 , H04L2209/76 , H04L2209/80
摘要: Embodiments of proxy authentication and indirect certificate chaining are described herein. In an implementation, authentication for a client occurs via a proxy service. Proxy service communicates between client and server, and caches security tokens on behalf of the client. In an implementation, trustworthiness of certificate presented to a client to establish trust is determined utilizing a signed data package which incorporates a plurality of known certificates. The presented certificate is verified without utilizing root certificates installed on the client device.
摘要翻译: 本文描述了代理认证和间接证书链接的实施例。 在实现中,通过代理服务发生客户端的身份验证。 代理服务在客户端和服务器之间进行通信,代表客户端缓存安全令牌。 在实现中,使用包含多个已知证书的签名数据包来确定呈现给客户端以建立信任的证书的可信赖性。 在不使用客户端设备上安装的根证书的情况下验证所呈现的证书。
-
公开(公告)号:US09177125B2
公开(公告)日:2015-11-03
申请号:US13176762
申请日:2011-07-06
申请人: David Steeves , Luke Abrams , Hersh Dangayach , Eric Fleischman , Prabu Raju , Krishna Vitaldevara , Niyantha Shekar , Payoj Baral , Meenakshi Ramaswamy , Winfred Wong , Yordan Rouskov , Ramesh Manne
发明人: David Steeves , Luke Abrams , Hersh Dangayach , Eric Fleischman , Prabu Raju , Krishna Vitaldevara , Niyantha Shekar , Payoj Baral , Meenakshi Ramaswamy , Winfred Wong , Yordan Rouskov , Ramesh Manne
CPC分类号: H04L63/083 , G06F21/31 , G06F21/316 , G06F2221/2111 , H04L61/609 , H04L63/08 , H04L67/22 , H04L67/306 , H04W4/029
摘要: In one embodiment, a user authentication server may use geo-location tracking to determine whether to present an enhanced identity challenge. A communication interface 180 may receive a user login attempt by a user and a current location of the user login attempt. A data storage 150 may store a user location profile of the user. A processor 120 may execute a comparison of the current location to the user location profile. The communication interface 180 may present the user with an enhanced identity challenge before allowing user access based on the comparison.
摘要翻译: 在一个实施例中,用户认证服务器可以使用地理位置跟踪来确定是否呈现增强的身份挑战。 通信接口180可以接收用户的用户登录尝试和用户登录尝试的当前位置。 数据存储器150可以存储用户的用户位置简档。 处理器120可以执行当前位置与用户位置简档的比较。 通信接口180可以在基于比较允许用户访问之前向用户呈现增强的身份挑战。
-
公开(公告)号:US20110247055A1
公开(公告)日:2011-10-06
申请号:US13162834
申请日:2011-06-17
IPC分类号: H04L9/32
CPC分类号: G06F21/31 , G06F21/32 , G06F21/34 , H04L9/3234 , H04L9/3263 , H04L63/0823 , H04L63/0876 , H04L63/105 , H04L2209/56
摘要: An authentication system combines device credential verification with user credential verification to provide a more robust authentication mechanism that is convenient to the user and effective across enterprise boundaries. In one implementation, user credential verification and device credential verification are combined to provide a convenient two-factor authentication. In this manner, an account authority service or other authentication provider verify both factors and provide a security token in accordance with the security policy of the account network resource the user is intending to access. The level of privilege granted by the target account network resource can vary depending on the number and type of factors verified by the account authority service.
摘要翻译: 认证系统将设备凭据验证与用户凭证验证相结合,提供了更加强大的身份验证机制,方便用户,跨企业边界有效。 在一个实现中,组合用户凭证验证和设备凭证验证以提供方便的双因素认证。 以这种方式,帐户权限服务或其他认证提供者验证两个因素并根据用户打算访问的帐户网络资源的安全策略提供安全令牌。 目标帐户网络资源授予的权限级别可以根据帐户权限服务验证的因素的数量和类型而有所不同。
-
公开(公告)号:US08800003B2
公开(公告)日:2014-08-05
申请号:US13162834
申请日:2011-06-17
CPC分类号: G06F21/31 , G06F21/32 , G06F21/34 , H04L9/3234 , H04L9/3263 , H04L63/0823 , H04L63/0876 , H04L63/105 , H04L2209/56
摘要: An authentication system combines device credential verification with user credential verification to provide a more robust authentication mechanism that is convenient to the user and effective across enterprise boundaries. In one implementation, user credential verification and device credential verification are combined to provide a convenient two-factor authentication. In this manner, an account authority service or other authentication provider verify both factors and provide a security token in accordance with the security policy of the account network resource the user is intending to access. The level of privilege granted by the target account network resource can vary depending on the number and type of factors verified by the account authority service.
摘要翻译: 认证系统将设备凭据验证与用户凭证验证相结合,提供了更加强大的身份验证机制,方便用户,跨企业边界有效。 在一个实现中,组合用户凭证验证和设备凭据验证以提供方便的双因素认证。 以这种方式,帐户权限服务或其他认证提供者验证两个因素并根据用户打算访问的帐户网络资源的安全策略提供安全令牌。 目标帐户网络资源授予的权限级别可以根据帐户权限服务验证的因素的数量和类型而有所不同。
-
公开(公告)号:US20120304260A1
公开(公告)日:2012-11-29
申请号:US13176762
申请日:2011-07-06
申请人: David Steeves , Luke Abrams , Hersh Dangayach , Eric Fleischman , Prabu Raju , Krishna Vitaldevara , Niyantha Shekar , Payoj Baral , Meenakshi Ramaswamy , Winfred Wong , Yordan Rouskov , Ramesh Manne
发明人: David Steeves , Luke Abrams , Hersh Dangayach , Eric Fleischman , Prabu Raju , Krishna Vitaldevara , Niyantha Shekar , Payoj Baral , Meenakshi Ramaswamy , Winfred Wong , Yordan Rouskov , Ramesh Manne
IPC分类号: H04L9/32
CPC分类号: H04L63/083 , G06F21/31 , G06F21/316 , G06F2221/2111 , H04L61/609 , H04L63/08 , H04L67/22 , H04L67/306 , H04W4/029
摘要: In one embodiment, a user authentication server may use geo-location tracking to determine whether to present an enhanced identity challenge. A communication interface 180 may receive a user login attempt by a user and a current location of the user login attempt. A data storage 150 may store a user location profile of the user. A processor 120 may execute a comparison of the current location to the user location profile. The communication interface 180 may present the user with an enhanced identity challenge before allowing user access based on the comparison.
摘要翻译: 在一个实施例中,用户认证服务器可以使用地理位置跟踪来确定是否呈现增强的身份挑战。 通信接口180可以接收用户的用户登录尝试和用户登录尝试的当前位置。 数据存储器150可以存储用户的用户位置简档。 处理器120可以执行当前位置与用户位置简档的比较。 通信接口180可以在基于比较允许用户访问之前向用户呈现增强的身份挑战。
-
-
-
-
-
-
-
-
-