SYSTEM AND METHOD FOR SECURE COMMUNICATION
6 Assignments
0 Petitions
Accused Products
Abstract
A secure communication module is provided for securing communication between a client application and a network service. The secure communication module comprises an authentication identifier provider for providing the client application a pool of authentication identifiers for use in subsequent communication with the network service, and an authentication identifier validator for checking the validity of an authentication identifiers from the pool of authentication identifiers sent with the subsequent communication.
42 Citations
57 Claims
-
1-37. -37. (canceled)
-
38. An authentication apparatus for authenticating communication between a client and one or more web services, the authentication apparatus comprising:
-
a computer readable memory storing instructions; and a processor for executing the instructions stored in the computer readable memory, the instructions when executed by the processor configuring the authentication apparatus to provide; an authentication identifier provider for providing to a client application executed on a client a plurality of authentication identifiers over a secure communication channel established over the network, individual authentication identifiers of the plurality of authentication identifiers for use in validating subsequent client application requests to access functionality provided by a web service; an authentication identifier validator for validating the client application'"'"'s authorization to access the requested functionality of the web service using an authentication identifier from the plurality of authentication identifiers received with a client application request to access functionality provided by the web service; and a communication module for receiving, over an unsecure communication channel established over the network, the client application request and the associated authentication identifier and sending the request to access functionality to the web service when the client application'"'"'s authorization to access the web service is validated by the authentication identifier validator. - View Dependent Claims (39, 40, 41, 42, 43, 44, 45)
-
-
46. A system for authenticating communication over a network comprising:
-
a client computing device coupled to the network, the client executing a client application for receiving a plurality authentication identifiers over a secure channel through the network and sending over an unsecure communication channel through the network a client application request and an associated authentication identifier; a web service coupled to the authentication apparatus through the network for receiving the request to access the functionality of the web service; and an authentication server coupled to the network for; providing the plurality of authentication identifiers to the client over the secure communication channel established through the network, individual authentication identifiers of the plurality of authentication identifiers for use in validating subsequent client application requests to access functionality provided by the web service; receiving, over the unsecure communication channel established through the network, the client application request and the associated authentication identifier; validating the client application'"'"'s authorization to access the requested functionality of the web service using the authentication identifier from the plurality of authentication identifiers received with the client application request to access functionality provided by the web service; and sending the request to access functionality of the web service when the client application'"'"'s authorization to access the web service is validated. - View Dependent Claims (47, 48, 49, 50, 51, 52, 53, 54)
-
-
55. A method of authenticating communication between a client and a web service, the method comprising:
-
sending, from the client, client application credentials over a secure communication channel; receiving and authenticating, at a server, the client application credentials; providing a plurality of authentication identifiers to the client over the secure communication channel established through the network, individual authentication identifiers of the plurality of authentication identifiers for use in validating subsequent client application requests to access a web service; receiving at the client the plurality of authentication identifiers; sending a client application request to access the web service with an associated authentication identifier from the plurality of received authentication identifiers; receiving, over an unsecure communication channel established through network, the client application request and the associated authentication identifier; validating the client application'"'"'s authorization to access the requested functionality of the web service using the authentication identifier from the plurality of authentication identifiers received with the client application request to access functionality provided by the web service; and sending the request to access functionality of the web service when the client application'"'"'s authorization to access the web service is validated. - View Dependent Claims (56, 57)
-
Specification