SINGLE SIGN-ON AUTHENTICATION

US 20110099618A1
Filed: 10/23/2009
Published: 04/28/2011
Est. Priority Date: 10/23/2009
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

a reception module in a first node to receive a request from a second node to provide access to a web site; and

a transmission module to provide site authenticity information associated with the web site to the second node, wherein the reception module is to receive single sign-on information from the second node in response to validation of the site authenticity information by the second node, the single sign-on information enabling the second node to automatically log in to the web site.

View all claims

16 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Apparatus, systems, and methods may operate to receive a request from a node to provide access to a web site, to provide site authenticity information associated with the web site to the node, and to receive single sign-on (SSO) information from the node in response to validation of the site authenticity information by the node, the SSO information enabling the node to automatically log in to the web site. Additional activities include receiving site authenticity information from a node associated with a web site, and automatically transmitting SSO information to the node responsive to validating the site authenticity information. Additional apparatus, systems, and methods are disclosed.

29 Citations

View as Search Results

20 Claims

1. A system, comprising:
- a reception module in a first node to receive a request from a second node to provide access to a web site; and
  
  a transmission module to provide site authenticity information associated with the web site to the second node, wherein the reception module is to receive single sign-on information from the second node in response to validation of the site authenticity information by the second node, the single sign-on information enabling the second node to automatically log in to the web site.
- View Dependent Claims (2, 3)
- - 2. The system of claim 1, wherein the transmission module is to transmit display information comprising a username log-in field and/or a password log-in field, and secure sockets layer security certificate availability.
  - 3. The system of claim 1, further comprising:
    - a single sign-on client operating as an intermediary node between the first node and the second node, the single sign-on client to capture the site authenticity information for storage and recall, wherein the recall of the site authenticity information is used during subsequent single sign-on sessions to validate authenticity of a subsequently-accessed web site purporting to be the web site.

4. An apparatus, comprising:
- a reception module a second node to receive site authenticity information from a first node associated with a web site; and
  
  a transmission module to transmit single sign-on information to the first node responsive to validating the site authenticity information, the single sign-on information enabling automatic log-in to the web site by the second node.
- View Dependent Claims (5, 6)
- - 5. The apparatus of claim 4, further comprising.a third node to store the site authenticity information.
  - 6. The apparatus of claim 4, wherein the second node is to prevent transmission of the single sign-on information upon detecting a potentially false version of the web site.

7. A processor-implemented method to execute on one or more processors that perform the method, comprising:
- receiving a request from a node to provide access to a web site;
  
  providing site authenticity information associated with the web site to the node; and
  
  receiving single sign-on information from the node in response to validation of the site authenticity information by the node, the single sign-on information enabling the node to automatically log in to the web site.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The method of claim 7, wherein the providing further comprises:
    - providing the site authenticity information comprising a combination of information included in web site content associated with the web site, and information included in a security certificate associated with the web site.
  - 9. The method of claim 8, wherein the information included in the security certificate comprises at least one of:
    - time information, organization information, or location information.
  - 10. The method of claim 7, further comprising:
    - receiving a request for the site authenticity information from the node.
  - 11. The method of claim 7, further comprising:
    - transmitting information to display the web site, along with an image of a secure sockets layer security certificate associated with the site authenticity information.
  - 12. The method of claim 7, further comprising:
    - transmitting display information associated with at least a username log-in field or a password log-in field to indicate that single sign-on access to the web site is available.

13. A processor-implemented method to execute on one or more processors that perform the method, comprising:
- receiving site authenticity information from a node associated with a web site; and
  
  automatically transmitting single sign-on information to the node responsive to validating the site authenticity information, the single sign-on information enabling automatic log-in to the web site.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The method of claim 13, further comprising:
    - recording the site authenticity information to enable single sign-on access to the web site during subsequent access attempts.
  - 15. The method of claim 14, further comprising:
    - refraining from the recording if the site authenticity information comprises an invalid security certificate.
  - 16. The method of claim 13, wherein the receiving further comprises:
    - receiving the site authenticity information by executing a background application that bypasses browser application activity, wherein the browser is used to display the web site.
  - 17. The method of claim 13, wherein the validating further comprises:
    - validating the site authenticity information by matching previously-stored security certificate information with some of the site authenticity information.
  - 18. The method of claim 13, wherein the site authenticity information is stored in a directory service in conjunction with the single sign-on information.
  - 19. The method of claim 13, further comprising:
    - subsequently attempting to access the web site;
      
      receiving false site authenticity information that does not match a stored version of the site authenticity information; and
      
      indicating a potential threat posed by a potentially false version of the web site based on the false site authenticity information.
  - 20. The method of claim 13, further comprising:
    - recording an event associated with at least one of transmitting of the single sign-on information, capturing the site authenticity information, failing to match potentially false site authenticity information with a stored version of the site authenticity information, recording new site information as the potentially false site authenticity information, or preventing transmission of the single sign-on information in response to detecting the potentially false site authenticity information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Micro Focus Software, Inc. (Open Text Corporation)
Original Assignee
Novell Incorporated (Open Text Corporation)
Inventors
Mutt, Girish Bitmandi

Granted Patent

US 8,453,224 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/8
CPC Class Codes

G06F 21/41   where a single sign-on prov...

H04L 2209/60   Digital content management,...

H04L 2209/80   Wireless network architectu...

H04L 63/0815   providing single-sign-on or...

H04L 63/0823   using certificates cryptogr...

H04L 63/166   at the transport layer

H04L 9/3263   involving certificates, e.g...

SINGLE SIGN-ON AUTHENTICATION

First Claim

16 Assignments

0 Petitions

Accused Products

Abstract

29 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

SINGLE SIGN-ON AUTHENTICATION

First Claim

16 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

29 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others