Secure authentication in browser redirection authentication schemes
First Claim
Patent Images
1. A computer-implemented method for authenticating a client, the method comprising:
- authenticating, by an identity provider server, the client redirected from a relying party server, wherein the identity provider server authenticates the client without receiving a replayable credential from the client; and
transmitting a token of authentication to the client by the identity provider server upon authentication of the client.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus for authenticating a client is described. In one embodiment, an identity provider server authenticates the client that is redirected from a relying party server. The identity provider server authenticates the client without receiving a replayable credential from the client. Upon authentication of the client, the identity provider server transmits a token of authentication to the client.
-
Citations
30 Claims
-
1. A computer-implemented method for authenticating a client, the method comprising:
-
authenticating, by an identity provider server, the client redirected from a relying party server, wherein the identity provider server authenticates the client without receiving a replayable credential from the client; and transmitting a token of authentication to the client by the identity provider server upon authentication of the client. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. An apparatus comprising:
an identity provider server to authenticate a client redirected from a relying party server, to authenticate the client without receiving a replayable credential from the client, and transmit a token of authentication to the client upon authentication of the client. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 25, 26)
-
20. An article of manufacture comprising:
-
a machine-accessible storage medium including data that, when accessed by a machine, cause the machine to perform a method comprising; authenticating, by an identity provider server, a client redirected from a relying party server, wherein the identity provider server authenticates the client without receiving a replayable credential from the client; and transmitting a token of authentication to the client by the identity provider server upon authentication of the client. - View Dependent Claims (21, 22, 23, 24, 27)
-
-
28. An apparatus for authenticating a client comprising:
-
a network interface of an identity provider server to communicate with a client redirected from a relying party server; and means for authenticating the client without receiving a replayable credential from the client, wherein the network interface of the identity provider server to transmit a token of authentication to the client upon authentication of the client. - View Dependent Claims (29, 30)
-
Specification