Algorithm hardening in background context and external from the browser to prevent malicious intervention with the browser

US 10,560,450 B2
Filed: 05/21/2018
Issued: 02/11/2020
Est. Priority Date: 09/25/2015
Status: Active Grant

First Claim

Patent Images

1. An apparatus to batch replace credentials for multiple websites, the apparatus comprising:

a hardware processor; and

a memory including instructions that, when executed by the hardware processor, cause the hardware processor to;

access mappings between first encrypted credentials and corresponding ones of the web sites;

decrypt the first encrypted credentials using a master key to generate a plurality of first decrypted credentials;

provide ones of the first decrypted credentials and corresponding ones of second decrypted credentials to corresponding ones of the websites to batch replace the first decrypted credentials with the corresponding ones of the second decrypted credentials at the corresponding ones of the websites, the second decrypted credentials for performing user authentications at the corresponding ones of the websites to establish authenticated sessions;

generate second encrypted credentials by encrypting the second decrypted credentials using the master key; and

store the second encrypted credentials in a database.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A disclosed example to batch replace credentials for multiple websites includes accessing mappings between first encrypted credentials and corresponding ones of the websites; decrypting the first encrypted credentials using a master key to generate a plurality of first decrypted credentials; providing ones of the first decrypted credentials and corresponding ones of second decrypted credentials to corresponding ones of the websites to batch replace the first decrypted credentials with the corresponding ones of the second decrypted credentials at the corresponding ones of the websites; generating second encrypted credentials by encrypting the second decrypted credentials using the master key; and storing the second encrypted credentials in a database.

Citations

20 Claims

1. An apparatus to batch replace credentials for multiple websites, the apparatus comprising:
- a hardware processor; and
  
  a memory including instructions that, when executed by the hardware processor, cause the hardware processor to;
  
  access mappings between first encrypted credentials and corresponding ones of the web sites;
  
  decrypt the first encrypted credentials using a master key to generate a plurality of first decrypted credentials;
  
  provide ones of the first decrypted credentials and corresponding ones of second decrypted credentials to corresponding ones of the websites to batch replace the first decrypted credentials with the corresponding ones of the second decrypted credentials at the corresponding ones of the websites, the second decrypted credentials for performing user authentications at the corresponding ones of the websites to establish authenticated sessions;
  
  generate second encrypted credentials by encrypting the second decrypted credentials using the master key; and
  
  store the second encrypted credentials in a database.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The apparatus as defined in claim 1, wherein the instructions are to cause the hardware processor to access the mappings from website identification information that includes uniform resource locators of the websites.
  - 3. The apparatus as defined in claim 1, wherein the instructions are to cause the hardware processor to provide the first and second decrypted credentials by providing the first and second decrypted credentials via a non-rendered application.
  - 4. The apparatus as defined in claim 1, wherein the instructions are further to cause the hardware processor to generate the second decrypted credentials for the websites based on credential criteria for the corresponding ones of the websites, the credential criteria indicative of acceptable credential characteristics.
  - 5. The apparatus as defined in claim 1, wherein the instructions are to cause the hardware processor to generate the second decrypted credentials for the websites at a user'"'"'s computer.
  - 6. The apparatus as defined in claim 1, wherein the instructions are further to cause the hardware processor to receive the master key via user input.
  - 7. The apparatus as defined in claim 1, wherein the instructions are further to cause the hardware processor to access the first encrypted credentials from the database.

8. A storage device or storage disk comprising instructions that, when executed by a hardware processor, cause the hardware processor to at least:
- access mappings between first encrypted credentials and corresponding ones of websites;
  
  decrypt the first encrypted credentials using a master key to generate a plurality of first decrypted credentials;
  
  provide ones of the first decrypted credentials and corresponding ones of second decrypted credentials to corresponding ones of the websites to batch replace the first decrypted credentials with the corresponding ones of the second decrypted credentials at the corresponding ones of the websites, the second decrypted credentials for performing user authentications at the corresponding ones of the websites to establish authenticated sessions;
  
  generate second encrypted credentials by encrypting the second decrypted credentials using the master key; and
  
  store the second encrypted credentials in a database.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The storage device or storage disk as defined in claim 8, wherein the instructions are to cause the hardware processor to access the mappings from website identification information that includes uniform resource locators of the websites.
  - 10. The storage device or storage disk as defined in claim 8, wherein the instructions are to cause the hardware processor to provide the first and second decrypted credentials by providing the first and second decrypted credentials via a non-rendered application.
  - 11. The storage device or storage disk as defined in claim 8, wherein the instructions are further to cause the hardware processor to generate the second decrypted credentials for the websites based on credential criteria for the corresponding ones of the websites, the credential criteria indicative of acceptable credential characteristics.
  - 12. The storage device or storage disk as defined in claim 8, wherein the instructions are to cause the hardware processor to generate the second decrypted credentials for the web sites at a user'"'"'s computer.
  - 13. The storage device or storage disk as defined in claim 8, wherein the instructions are further to cause the hardware processor to receive the master key via user input.
  - 14. The storage device or storage disk as defined in claim 8, wherein the instructions are further to cause the hardware processor to access the first encrypted credentials from the database.

15. A method of batch replacing credentials for multiple websites, the method comprising:
- accessing, by executing an instruction with a processor, mappings between first encrypted credentials and corresponding ones of the websites;
  
  decrypting, by executing an instruction with the processor, the first encrypted credentials using a master key to generate a plurality of first decrypted credentials;
  
  providing, by executing an instruction with the processor, ones of the first decrypted credentials and corresponding ones of second decrypted credentials to corresponding ones of the websites to batch replace the first decrypted credentials with the corresponding ones of the second decrypted credentials at the corresponding ones of the web sites, the second decrypted credentials for performing user authentications at the corresponding ones of the websites to establish authenticated sessions;
  
  generating, by executing an instruction with the processor, second encrypted credentials by encrypting the second decrypted credentials using the master key; and
  
  storing, by executing an instruction with the processor, the second encrypted credentials in a database.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method as defined in claim 15, wherein the accessing of the mappings includes accessing the mappings from website identification information that includes uniform resource locators of the web sites.
  - 17. The method as defined in claim 15, wherein the providing of the first and second decrypted credentials includes providing the first and second decrypted credentials via a non-rendered application.
  - 18. The method as defined in claim 15, further including generating the second decrypted credentials for the websites based on credential criteria for the corresponding ones of the websites, the credential criteria indicative of acceptable credential characteristics.
  - 19. The method as defined in claim 15, further including generating the second decrypted credentials for the web sites at a user'"'"'s computer.
  - 20. The method as defined in claim 15, further including receiving the master key via user input.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, LLC
Inventors
Whiteside, Greg, Beaulieu, Olivier, Rene, Mathieu
Primary Examiner(s)
Chai, Longbit

Application Number

US15/985,382
Publication Number

US 20180270218A1
Time in Patent Office

631 Days
Field of Search

713168
US Class Current
CPC Class Codes

G06F 16/957   Browsing optimisation, e.g....

H04L 63/06   for supporting key manageme...

H04L 63/083   using passwords cryptograph...

H04L 63/1466   Active attacks involving in...

H04L 67/02   based on web technology, e....

H04L 67/146   Markers for unambiguous ide...

H04L 9/0822   using key encryption key

H04L 9/0894   Escrow, recovery or storing...

H04L 9/32   including means for verifyi...

Algorithm hardening in background context and external from the browser to prevent malicious intervention with the browser

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Algorithm hardening in background context and external from the browser to prevent malicious intervention with the browser

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links