CONTROLLED AND CLIENT-SIDE AUTHENTICATION MODULE

US 20090165109A1
Filed: 11/17/2008
Published: 06/25/2009
Est. Priority Date: 07/21/2005
Status: Active Grant

First Claim

Patent Images

1. A computerized method of accessing a secure resource using an application associated with a user'"'"'s computing device, wherein the application is programmed, in part, to monitor user browsing activity and wherein the application has associated therewith one or more predefined Uniform Resource Locaters (URLs) to trusted sites, each having an associated trusted root certificate and security key, the method comprising:

the application detecting a user attempt to log into a secure resource;

the application scanning in-process browser processes to identify a browser process that is in a login state;

the application associating the browser process in a login state with one of the trusted sites;

the application initiating a new browser session with the trusted site using the associated predefined URL;

the application obtaining a login password from the user;

the application supplying to the trusted site the associated security key and login password; and

the user'"'"'s computer displaying subsequent browsing activity.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computerized method of accessing a secure resource using an application associated with a user'"'"'s computing device is provided. The application is programmed, in part, to monitor user browsing activity and wherein the application has associated therewith one or more predefined Uniform Resource Locaters (URLs) to trusted sites, each having an associated trusted root certificate and security key. The method includes the application detecting a user attempt to log into a secure resource, the application scanning in-process browser processes to identify a browser process that is in a login state, the application associating the browser process in a login state with one of the trusted sites, the application initiating a new browser session with the trusted site using the associated predefined URL, the application obtaining a login password from the user, the application supplying to the trusted site the associated security key and login password, and the user'"'"'s computer displaying subsequent browsing activity.

Citations

15 Claims

1. A computerized method of accessing a secure resource using an application associated with a user'"'"'s computing device, wherein the application is programmed, in part, to monitor user browsing activity and wherein the application has associated therewith one or more predefined Uniform Resource Locaters (URLs) to trusted sites, each having an associated trusted root certificate and security key, the method comprising:
- the application detecting a user attempt to log into a secure resource;
  
  the application scanning in-process browser processes to identify a browser process that is in a login state;
  
  the application associating the browser process in a login state with one of the trusted sites;
  
  the application initiating a new browser session with the trusted site using the associated predefined URL;
  
  the application obtaining a login password from the user;
  
  the application supplying to the trusted site the associated security key and login password; and
  
  the user'"'"'s computer displaying subsequent browsing activity.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, further comprising the application killing preexisting browser processes.
  - 3. The method of claim 1, wherein the security key comprises an Advanced Encryption Standard (AES) cipher.
  - 4. The method of claim 1, wherein the security key comprises a Triple Data Encryption Standard (TDES) cipher.
  - 5. The method of claim 1, wherein the application scanning in-process browser processes to identify a browser process that is in a login state and associating the browser process in a login state with one of the trusted sites comprises:
    - the application identifying in-process browser processes;
      
      the application identifying URL and page source content of each process; and
      
      the application preserving state information for at least the browser process in a login state.

6. A computer-readable medium having stored thereon computer-executable instructions, wherein the instructions have associated therewith one or more predefined Uniform Resource Locaters (URLs) to trusted sites, each having an associated trusted root certificate and security key, wherein the instructions program an associated computing device to:
- monitor user browsing activity to thereby detect a user attempt to log into a trusted site;
  
  scan in-process browser processes to identify a browser process that is in a login state;
  
  associate the browser process in a login state with one of the trusted sites;
  
  initiate a new browser session with the trusted site using the associated predefined URL;
  
  obtain a login password from the user; and
  
  supply to the trusted site the associated security key and login password to thereby allow the user to access the trusted site.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The computer-readable medium of claim 6, wherein the instructions further program the computing device to kill preexisting browser processes.
  - 8. The computer-readable medium of claim 6, wherein the security key comprises an Advanced Encryption Standard (AES) cipher.
  - 9. The computer-readable medium of claim 6, wherein the security key comprises a Triple Data Encryption Standard (TDES) cipher.
  - 10. The computer-readable medium of claim 6, wherein the instructions, in programming the computing device to scan in-process browser processes to identify a browser process that is in a login state and associate the browser process in a login state with one of the trusted sites, the instructions program the computer to:
    - identify in-process browser processes;
      
      identify URL and page source content of each process; and
      
      preserve state information for at least the browser process in a login state.

11. A computer-implemented method for securely accessing online resources, comprising:
- providing an application for execution on a user computer, wherein the application has associated therewith one or more predefined Uniform Resource Locaters (URLs) to trusted sites, each having an associated trusted root certificate and security key;
  
  a user executing the application on the user computer;
  
  the application monitoring user browsing activity;
  
  the application detecting a user attempt to log into a secure resource;
  
  the application scanning in-process browser processes to identify a browser process that is in a login state;
  
  the application associating the browser process in a login state with one of the trusted sites;
  
  the application initiating a new browser session with the trusted site using the associated predefined URL;
  
  the application obtaining a login password from the user;
  
  the application supplying to the trusted site the associated security key and login password; and
  
  the user'"'"'s computer displaying subsequent browsing activity.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The computer-implemented method of claim 11, further comprising the application killing preexisting browser processes.
  - 13. The computer-implemented method of claim 11, wherein the security key comprises an Advanced Encryption Standard (AES) cipher.
  - 14. The computer-implemented method of claim 11, wherein the security key comprises a Triple Data Encryption Standard (TDES) cipher.
  - 15. The computer-implemented method of claim 11, wherein the application scanning in-process browser processes to identify a browser process that is in a login state and associating the browser process in a login state with one of the trusted sites comprises:
    - the application identifying in-process browser processes;
      
      the application identifying URL and page source content of each process; and
      
      the application preserving state information for at least the browser process in a login state.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Original Assignee
Arcot Systems, Inc. (Broadcom, Inc.)
Inventors
Hird, Geoffrey

Granted Patent

US 9,477,830 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/7
CPC Class Codes

G06F 21/33   using certificates

H04L 2209/60   Digital content management,...

H04L 9/0631   Substitution permutation ne...

H04L 9/3226   using a predetermined code,...

H04L 9/3263   involving certificates, e.g...

CONTROLLED AND CLIENT-SIDE AUTHENTICATION MODULE

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

CONTROLLED AND CLIENT-SIDE AUTHENTICATION MODULE

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links