METHOD AND APPARATUS FOR IMPLEMENTING SECURE AND ADAPTIVE PROXIES
First Claim
Patent Images
1. A method for authenticating and securing a communication between a user device and an application server, the method including:
- receiving information related to a service request initiated by the user device, wherein the service request relates to access a service provided by an application of the application server;
determining a needed security level corresponding to the received service request based on authentication policy data, wherein the authentication policy data specifies a needed security level corresponding to each of a plurality of service requests for each of multiple applications;
determining whether a security level rating of an authentication method associated with the user device satisfies the needed security level corresponding to the received service request;
responsive to the security level rating of the authentication method associated with the user device failing to satisfy the needed security level corresponding to the service request, identifying an authentication process appropriate to the user device;
collecting authentication data from the user device according to the identified authentication process;
performing the identified authentication process; and
based on a result of the performed authentication process, selectively allowing the user device to access a service corresponding to the service request.
3 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus for implementing common authentication and security policies across applications served over a data transmission network, such as the internet, http or https, are disclosed. The common authentication and security policies are implemented without mandating specific changes to be applied to the applications themselves. An authentication process can be dynamically performed based on different needed security levels. Applications can be graphical (e.g., web) or voice in nature and can use any applicable and available security method.
-
Citations
16 Claims
-
1. A method for authenticating and securing a communication between a user device and an application server, the method including:
-
receiving information related to a service request initiated by the user device, wherein the service request relates to access a service provided by an application of the application server; determining a needed security level corresponding to the received service request based on authentication policy data, wherein the authentication policy data specifies a needed security level corresponding to each of a plurality of service requests for each of multiple applications; determining whether a security level rating of an authentication method associated with the user device satisfies the needed security level corresponding to the received service request; responsive to the security level rating of the authentication method associated with the user device failing to satisfy the needed security level corresponding to the service request, identifying an authentication process appropriate to the user device; collecting authentication data from the user device according to the identified authentication process; performing the identified authentication process; and based on a result of the performed authentication process, selectively allowing the user device to access a service corresponding to the service request. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A data processing system for authenticating and securing a communication between a user device and an application server, the system comprising:
-
a data processor for processing data; and a data storage device for storing instructions which, upon execution by the data processor, control the data processing system performs the steps of; receiving information related to a service request initiated by the user device, wherein the service request relates to access a service provided by an application of the application server; determining a needed security level corresponding to the received service request based on authentication policy data, wherein the authentication policy data specifies a needed security level corresponding to each of a plurality of service requests for each of multiple applications; determining whether a security level rating of an authentication method associated with the user device satisfies the needed security level corresponding to the received service request; responsive to the security level rating of the authentication method associated with the user device failing to satisfy the needed security level corresponding to the service request, identifying an authentication process appropriate to the user device; collecting authentication data from the user device according to the identified authentication process; performing the identified authentication process; and based on a result of the performed authentication process, selectively allowing the user device to access a service corresponding to the service request. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
-
16. A system for authenticating and securing a communication between a user device and an application server, the system comprising:
-
means for receiving information related to a service request initiated by the user device, wherein the service request relates to access a service provided by an application of the application server; means for determining a needed security level corresponding to the received service request based on authentication policy data, wherein the authentication policy data specifies a needed security level corresponding to each of a plurality of service requests for each of multiple applications; means for determining whether a security level rating of an authentication method associated with the user device satisfies the needed security level corresponding to the received service request; means for identifying an authentication process appropriate to the user device, in response to the security level rating of the authentication method associated with the user device failing to satisfy the needed security level corresponding to the service request; means for collecting authentication data from the user device according to the identified authentication process; means for performing the identified authentication process; and means for selectively allowing the user device to access a service corresponding to the service based on a result of the performed authentication process.
-
Specification