Methods and systems of data security in browser storage
First Claim
Patent Images
1. A nontransient machine readable medium storing one or more machine instructions, which when invoked cause a processor to implement a method comprising:
- at a server that includes at least a processor system having at least one processor and memory system, receiving a passcode and content;
in response to the passcode being authenticated, and in response to the receiving of the passcode and the content, performing the following,placing, by the server, the content and passcode into an object;
creating, by the server, a unique encryption key;
encrypting, by the server, the file having the content and the passcode as plain text with the unique encryption key, to create an encrypted object; and
sending from the server to the user system the encrypted object and a unique identifier for the private key and to cause the user system to store the encrypted object in a browser storage and, during future access attempts, send an encrypted token along with the passcode to access data and/or services.
1 Assignment
0 Petitions
Accused Products
Abstract
Mechanisms and methods are provided for managing OAuth access in a database network system, and extending the OAuth flow of authentication to securely store the OAuth encrypted refresh token in the storage available with current browsers or any other non-secure storage on user system.
127 Citations
14 Claims
-
1. A nontransient machine readable medium storing one or more machine instructions, which when invoked cause a processor to implement a method comprising:
-
at a server that includes at least a processor system having at least one processor and memory system, receiving a passcode and content; in response to the passcode being authenticated, and in response to the receiving of the passcode and the content, performing the following, placing, by the server, the content and passcode into an object; creating, by the server, a unique encryption key; encrypting, by the server, the file having the content and the passcode as plain text with the unique encryption key, to create an encrypted object; and sending from the server to the user system the encrypted object and a unique identifier for the private key and to cause the user system to store the encrypted object in a browser storage and, during future access attempts, send an encrypted token along with the passcode to access data and/or services. - View Dependent Claims (2, 3, 4)
-
-
5. A nontransient machine readable medium storing one or more machine instructions, which when invoked cause a processor to implement a method comprising:
-
receiving, at a server that includes at least a processor system having at least one processor and memory system, a passcode and encrypted content and a unique key identifier; in response to the receiving, performing the following, querying a local database for the encryption key based on the key identifier; decrypting the encrypted content with the key; determining whether the passcode stored previously within the content and the passcode provided by the user match one another; and returning the decrypted content to the user if the passcode decrypted and the passcode provided by the user match one another. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14)
-
Specification