METHOD AND APPARATUS FOR IMPLEMENTING SECURE AND ADAPTIVE PROXIES

US 20100107222A1
Filed: 03/02/2007
Published: 04/29/2010
Est. Priority Date: 03/02/2006
Status: Abandoned Application

First Claim

Patent Images

1. A method for authenticating and securing a communication between a user device and an application server, the method including:

receiving information related to a service request initiated by the user device, wherein the service request relates to access a service provided by an application of the application server;

determining a needed security level corresponding to the received service request based on authentication policy data, wherein the authentication policy data specifies a needed security level corresponding to each of a plurality of service requests for each of multiple applications;

determining whether a security level rating of an authentication method associated with the user device satisfies the needed security level corresponding to the received service request;

responsive to the security level rating of the authentication method associated with the user device failing to satisfy the needed security level corresponding to the service request, identifying an authentication process appropriate to the user device;

collecting authentication data from the user device according to the identified authentication process;

performing the identified authentication process; and

based on a result of the performed authentication process, selectively allowing the user device to access a service corresponding to the service request.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and apparatus for implementing common authentication and security policies across applications served over a data transmission network, such as the internet, http or https, are disclosed. The common authentication and security policies are implemented without mandating specific changes to be applied to the applications themselves. An authentication process can be dynamically performed based on different needed security levels. Applications can be graphical (e.g., web) or voice in nature and can use any applicable and available security method.

Citations

16 Claims

1. A method for authenticating and securing a communication between a user device and an application server, the method including:
- receiving information related to a service request initiated by the user device, wherein the service request relates to access a service provided by an application of the application server;
  
  determining a needed security level corresponding to the received service request based on authentication policy data, wherein the authentication policy data specifies a needed security level corresponding to each of a plurality of service requests for each of multiple applications;
  
  determining whether a security level rating of an authentication method associated with the user device satisfies the needed security level corresponding to the received service request;
  
  responsive to the security level rating of the authentication method associated with the user device failing to satisfy the needed security level corresponding to the service request, identifying an authentication process appropriate to the user device;
  
  collecting authentication data from the user device according to the identified authentication process;
  
  performing the identified authentication process; and
  
  based on a result of the performed authentication process, selectively allowing the user device to access a service corresponding to the service request.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein a connection between the application server and the user device is opened if the result of the identified authentication process authenticates the user.
  - 3. The method of claim 1 further comprising the step of responsive to the security level rating of the authentication method associated with the user device satisfying the needed security level corresponding to the service request, allowing the user device to access the service corresponding to the service request.
  - 4. The method of claim 3, wherein the security level rating of the authentication method associated with the user device is determined to be satisfying the needed security level corresponding to the service request, if the security level rating of the authentication method is equal to or greater than the needed security level.
  - 5. The method of claim 1, wherein the multiple applications reside on different servers.
  - 6. The method of claim 1, wherein the authentication process appropriate to the user device is identified by performing the steps of:
    - accessing information related to one or more available authentication processes satisfying the needed security level; and
      
      from the one or more available authentication processes satisfying the needed security level, selecting one of the one or more authentication process as the authentication process appropriate to the user device.
  - 7. The method of claim 1, wherein different service requests have different needed security levels.

8. A data processing system for authenticating and securing a communication between a user device and an application server, the system comprising:
- a data processor for processing data; and
  
  a data storage device for storing instructions which, upon execution by the data processor, control the data processing system performs the steps of;
  
  receiving information related to a service request initiated by the user device, wherein the service request relates to access a service provided by an application of the application server;
  
  determining a needed security level corresponding to the received service request based on authentication policy data, wherein the authentication policy data specifies a needed security level corresponding to each of a plurality of service requests for each of multiple applications;
  
  determining whether a security level rating of an authentication method associated with the user device satisfies the needed security level corresponding to the received service request;
  
  responsive to the security level rating of the authentication method associated with the user device failing to satisfy the needed security level corresponding to the service request, identifying an authentication process appropriate to the user device;
  
  collecting authentication data from the user device according to the identified authentication process;
  
  performing the identified authentication process; and
  
  based on a result of the performed authentication process, selectively allowing the user device to access a service corresponding to the service request.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The system of claim 8, wherein a connection between the application server and the user device is opened if the result of the identified authentication process authenticates the user.
  - 10. The system of claim 8, wherein the instructions, upon execution by the data processor, further control the data processing system to perform the step of responsive to the security level rating of the authentication method associated with the user device satisfying the needed security level corresponding to the service request, allowing the user device to access the service corresponding to the service request.
  - 11. The system of claim 10, wherein the security level rating of the authentication method associated with the user device satisfying the needed security level corresponding to the service request, if the security level rating of the authentication method is equal to or greater than the needed security level.
  - 12. The system of claim 8, wherein the multiple applications reside on different servers.
  - 13. The system of claim 8, wherein the authentication process appropriate to the user device is identified by performing the steps of:
    - accessing information related to one or more available authentication processes satisfying the needed security level; and
      
      from the one or more available authentication processes satisfying the needed security level, selecting one of the one or more authentication process as the authentication process appropriate to the user device.
  - 14. The system of claim 8 is implemented as a proxy server handling traffic for the application server.
  - 15. The system of claim 8, wherein different service requests have different needed security levels.

16. A system for authenticating and securing a communication between a user device and an application server, the system comprising:
- means for receiving information related to a service request initiated by the user device, wherein the service request relates to access a service provided by an application of the application server;
  
  means for determining a needed security level corresponding to the received service request based on authentication policy data, wherein the authentication policy data specifies a needed security level corresponding to each of a plurality of service requests for each of multiple applications;
  
  means for determining whether a security level rating of an authentication method associated with the user device satisfies the needed security level corresponding to the received service request;
  
  means for identifying an authentication process appropriate to the user device, in response to the security level rating of the authentication method associated with the user device failing to satisfy the needed security level corresponding to the service request;
  
  means for collecting authentication data from the user device according to the identified authentication process;
  
  means for performing the identified authentication process; and
  
  means for selectively allowing the user device to access a service corresponding to the service based on a result of the performed authentication process.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avery Glasser
Original Assignee
Avery Glasser
Inventors
Glasser, Avery

Application Number

US12/450,134
Publication Number

US 20100107222A1
Time in Patent Office

Days
Field of Search
US Class Current

726/3
CPC Class Codes

G06F 21/6245   Protecting personal data, e...

H04L 63/08   for authentication of entit...

H04L 63/168   above the transport layer

METHOD AND APPARATUS FOR IMPLEMENTING SECURE AND ADAPTIVE PROXIES

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND APPARATUS FOR IMPLEMENTING SECURE AND ADAPTIVE PROXIES

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links