Method and system for providing a one time password to work in conjunction with a browser

US 20080028447A1
Filed: 02/12/2007
Published: 01/31/2008
Est. Priority Date: 02/10/2006
Status: Active Grant

First Claim

Patent Images

1. A method of submitting information as part of an authentication operation, comprising:

generating a one time password that is intended for use in an authentication operation; and

, providing the one time password in a display field, wherein the display field is adapted to work in conjunction with a browser to submit the one time password in response to a request for the one time password.

View all claims

14 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of submitting information as part of an authentication operation includes generating a one time password that is intended for use in an authentication operation. The method further includes providing the one time password in a display field, wherein the display field is adapted to work in conjunction with a browser to submit the one time password in response to a request for the one time password. A method of controlling submission of identity information within an authentication system includes receiving a trust list from the authentication system. The trust list identifies entities that are authorized to receive the identity information. The method further includes receiving a request to submit the identity information to a candidate entity for an authentication operation, and providing the identity information to the candidate entity if the trust list indicates that the candidate entity is authorized to receive the identity information.

Citations

65 Claims

1. A method of submitting information as part of an authentication operation, comprising:
- generating a one time password that is intended for use in an authentication operation; and
  
  , providing the one time password in a display field, wherein the display field is adapted to work in conjunction with a browser to submit the one time password in response to a request for the one time password.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, further including submitting the one time password in response to the request without user intervention.
  - 3. The method of claim 1, further including submitting the one time password in response to the request only if a user provides authorization to submit the one time password.
  - 4. The method of claim 1, further including combining a token code and a PIN to generate the one time password.
  - 5. The method of claim 1, further including combining a token code and a biometric to generate the one time password.
  - 6. The method of claim 1, further including combining the token code, the biometric and the PIN to generate the one time password.
  - 7. The method of claim 1, further including containing the display field in a browser control.
  - 8. The method of claim 7, wherein the browser control is an applet.
  - 9. The method of claim 7, wherein the browser control is an ActiveX control.
  - 10. The method of claim 1, further including generating the one time password to vary as a function of time.
  - 11. The method of claim 1, further including generating the one time password to vary as a function of a sequence of events.
  - 12. The method of claim 1, further including:
    - receiving a challenge; and
      
      , generating the one time password as a function of at least a portion of the challenge.
  - 13. The method of claim 1, further including preventing the display field and the browser from submitting the one time password if a trust list indicates that the one time password should not be submitted.

14. An apparatus for submitting information as part of an authentication operation, comprising:
- a password generator for generating a one time password that is intended for use in an authentication operation; and
  
  , a display generator for providing the one time password in a display field, wherein the display field is adapted to work in conjunction with a browser to submit the one time password in response to a request for the one time password.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 15. The apparatus of claim 14, wherein the one time password is submitted in response to the request without user intervention.
  - 16. The apparatus of claim 14, wherein the one time password is submitted in response to the request only if a user provides authorization to submit the one time password.
  - 17. The apparatus of claim 14, wherein the one time password is generated by combining a token code and a PIN.
  - 18. The apparatus of claim 14, wherein the one time password is generated by combining a token code and a biometric.
  - 19. The apparatus of claim 14, wherein the one time password is generated by combining a token code, a biometric and a PIN.
  - 20. The apparatus of claim 14, wherein the display field is contained in a browser control.
  - 21. The apparatus of claim 20, wherein the browser control is an applet.
  - 22. The method of claim 20, wherein the browser control is an ActiveX control.
  - 23. The apparatus of claim 14, wherein the one time password varies as a function of time.
  - 24. The apparatus of claim 14, wherein the one time password varies as a function of a sequence of events.
  - 25. The apparatus of claim 14, wherein the one time password is generated as a function of at least a portion of a received challenge.
  - 26. The apparatus of claim 14, wherein the display generator and the browser do not submit the one time password if a trust list indicates that the one time password should not be submitted.

27. A method of controlling submission of identity information within an authentication system, comprising:
- receiving a trust list from the authentication system, wherein the trust list identifies entities that are authorized to receive the identity information;
  
  receiving a request to submit the identity information to a candidate entity for an authentication operation; and
  
  , providing the identity information to the candidate entity if the trust list indicates that the candidate entity is authorized to receive the identity information.
- View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 57)
- - 28. The method of claim 27, further including providing credentials as the identity information.
  - 29. The method of claim 27, further including providing a one time password as the identity information.
  - 30. The method of claim 29, further including generating the one time password as a combination of a PIN and a token code.
  - 31. The method of claim 29, further including combining a token code and a biometric to generate the one time password.
  - 32. The method of claim 29, further including combining the token code, the biometric and the PIN to generate the one time password.
  - 33. The method of claim 29, further including generating the one time password to vary as a function of time.
  - 34. The method of claim 29, further including generating the one time password to vary as a function of a sequence of events.
  - 35. The method of claim 29, further including:
    - receiving a challenge; and
      
      , generating the one time password as a function of at least a portion of the challenge.
  - 36. The method of claim 27, further including providing a password as the identity information.
  - 37. The method of claim 27, further including the trust list identifying websites as entities that are authorized to receive the identity information.
  - 38. The method of claim 27, further including the trust list identifying desktop applications as entities that are authorized to receive the identity information.
  - 39. The method of claim 27, wherein receiving the trust list from the authentication system further includes communicating with a server of the authentication system.
  - 40. The method of claim 27, further including providing a display field for displaying the identity information.
  - 41. The method of claim 40, further including displaying a blank field in the display field if the trust list indicates that the candidate entity is not authorized to receive the identity information.
  - 42. The method of claim 40, further including displaying a diagnostic message in the display field if the trust list indicates that the candidate entity is not authorized to receive the identity information.
  - 43. The method of claim 40, further including containing the display field in a browser control.
  - 44. The method of claim 43, wherein the browser control is an applet.
  - 45. The method of claim 43, wherein the browser control is an ActiveX control.
  - 57. The apparatus of claim 37, further including the trust list identifying desktop applications as entities that are authorized to receive the identity information.

46. An apparatus for controlling submission of identity information within an authentication system, comprising:
- a receiver for (i) receiving a trust list from the authentication system, wherein the trust list identifies entities that are authorized to receive the identity information, and (ii) receiving a request to submit the identity information to a candidate entity for an authentication operation; and
  
  , a processor for providing the identity information to the candidate entity if the trust list indicates that the candidate entity is authorized to receive the identity information.
- View Dependent Claims (47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 58, 59, 60, 61, 62, 63, 64)
- - 47. The apparatus of claim 46, further including providing credentials as the identity information.
  - 48. The apparatus of claim 46, further including providing a one time password as the identity information.
  - 49. The apparatus of claim 48, further including generating the one time password as a combination of a PIN and a token code.
  - 50. The apparatus of claim 48, wherein the one time password is generated by combining a token code and a biometric.
  - 51. The apparatus of claim 48, wherein the one time password is generated by combining a token code, a biometric and a PIN.
  - 52. The apparatus of claim 48, further including generating the one time password to vary as a function of time.
  - 53. The apparatus of claim 48, further including generating the one time password to vary as a function of a sequence of events.
  - 54. The apparatus of claim 48, further including:
    - receiving a challenge; and
      
      , generating the one time password as a function of at least a portion of the challenge
  - 55. The apparatus of claim 46, further including providing a password as the identity information.
  - 56. The apparatus of claim 46, further including the trust list identifying websites as entities that are authorized to receive the identity information.
  - 58. The apparatus of claim 46, wherein receiving the trust list from the authentication system further includes communicating with a server of the authentication system.
  - 59. The apparatus of claim 46, further including providing a display field for displaying the identity information.
  - 60. The apparatus of claim 59, further including displaying a blank field in the display field if the trust list indicates that the candidate entity is not authorized to receive the identity information.
  - 61. The apparatus of claim 59, further including displaying a diagnostic message in the display field if the trust list indicates that the candidate entity is not authorized to receive the identity information.
  - 62. The apparatus of claim 59, further including containing the display field in a browser control.
  - 63. The apparatus of claim 62, wherein the browser control is an applet.
  - 64. The apparatus of claim 62, wherein the browser control is an ActiveX control.

65. A method of providing and controlling submission of information within an authentication system, comprising:
- generating a one time password that is intended for use in an authentication operation; and
  
  , providing the one time password in a display field, wherein the display field is adapted to work in conjunction with a browser to submit the one time password in response to a request for the one time password;
  
  receiving a trust list from the authentication system, wherein the trust list identifies entities that are authorized to receive the one time password;
  
  receiving a request to submit the one time password to a candidate entity for the authentication operation; and
  
  , providing the one time password to the candidate entity if the trust list indicates that the candidate entity is authorized to receive the one time password.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Emc IP Holding Company LLC (Dell Technologies Inc.)
Original Assignee
RSA Security Incorporated (Symphony Technology Group LLC)
Inventors
O'Malley, Michael, Kechley, Aaron, Ansell, Gideon, Doherty, Andrea, Nanopoulos, Andrew

Granted Patent

US 8,234,696 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/6
CPC Class Codes

G06F 21/31 User authentication

Method and system for providing a one time password to work in conjunction with a browser

First Claim

14 Assignments

0 Petitions

Accused Products

Abstract

Citations

65 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for providing a one time password to work in conjunction with a browser

First Claim

14 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

65 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links