HTTP AUTHENTICATION AND AUTHORIZATION MANAGEMENT
First Claim
1. A computer implemented method, comprising:
- receiving at a processing node a first request for a domain from a client browser, the client browser associated with a first communication address;
identifying a first authorized user data associated with the first request;
identifying at the processing node the first communication address associated with the client browser;
associating at the processing node the first communication address of the client browser with the first authorized user data;
encrypting at the processing node the first authorized user data and the associated first communication address to generate a first associated authorization data; and
providing the first associated authorization data to the client browser at the first communication address.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems, methods and apparatus for a distributed security that provides authentication and authorization management. The system can include a source processor that is used to identify the source associated with a request for authentication or authorization. The source processor can maintain the initial source associated with the request through the use of an association token. The associate token can be transmitted with each subsequent request that includes authentication or authorization data. The source processor can use the associate token to verify that the source associated with the initial request is the same as the source associated with subsequent authentication and authorization requests.
83 Citations
19 Claims
-
1. A computer implemented method, comprising:
-
receiving at a processing node a first request for a domain from a client browser, the client browser associated with a first communication address; identifying a first authorized user data associated with the first request; identifying at the processing node the first communication address associated with the client browser; associating at the processing node the first communication address of the client browser with the first authorized user data; encrypting at the processing node the first authorized user data and the associated first communication address to generate a first associated authorization data; and providing the first associated authorization data to the client browser at the first communication address. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. Software stored in a computer readable medium and comprising instructions executable by a data processing system and upon such execution cause the data processing system to perform operations comprising:
-
receiving a request for a domain from a client browser, the client browser associated with a communication address; identifying authorized user data associated with the request; identifying the communication address associated with the client browser; associating the communication address of the client browser with the authorized user data; encrypting the authorized user data and the associated first communication address to generate a associated authorization data; and providing the associated authorization data to the client browser at the communication address. - View Dependent Claims (10, 11, 12, 13)
-
-
14. Software stored in a computer readable medium and comprising instructions executable by a data processing system and upon such execution cause the data processing system to perform operations comprising:
-
receiving a request for a domain and associated authorization data from a client browser, the client browser associated with a request communication address; identifying the request communication address associated with the client browser; decrypting the associated authorization data into authorized user data and a source communication address; determining whether the request communication address is the same as the source communication address; and if the request communication address is the same as the source communication address, allowing the request; and if the request communication address is not the same as the source communication address, requesting user authorization from the client browser at the request communication address.
-
-
15. A network security system, comprising:
-
a plurality of nodes external to network edges of an external system, each node comprising; a source processor configured to receive at a processing node a first request for a first domain from a first client browser, the first client browser associated with a first communication address;
identify a first authorized user data associated with the first request;
identify at the processing node the first communication address associated with the first client browser;
associate at the processing node the first communication address of the first client browser with the first authorized user data;
encrypt at the processing node the first authorized user data and the first associated first communication address to generate a first associated authorization data; and
provide the first associated authorization data to the first client browser at the first communication address. - View Dependent Claims (16, 17, 18, 19)
-
Specification