SYSTEM AND METHOD FOR EMBEDDED AUTHENTICATION

US 20120198535A1
Filed: 12/02/2011
Published: 08/02/2012
Est. Priority Date: 12/02/2010
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

initiating an authentication session at a host server;

delivering a transaction token from the host server to a host website comprising an embeddable interface;

receiving a signed authentication token at the host server from the embeddable interface, wherein the signed authentication token is authenticated by an authentication server in response to a user challenge delivered by the authentication server to the embeddable interface; and

verifying the signed authentication token at the host server.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Various systems and methods of embedded authentication are described herein. One method of the preferred embodiment can include receiving at an authentication server a transaction token from a host website, the host website including an embeddable interface and prompting a user challenge by the authentication server at the embeddable interface. The method of the preferred embodiment can also include creating a signed authentication token in response to a successful user challenge, and transmitting the signed authentication token from the authentication server to the embeddable interface.

63 Citations

View as Search Results

20 Claims

1. A method comprising:
- initiating an authentication session at a host server;
  
  delivering a transaction token from the host server to a host website comprising an embeddable interface;
  
  receiving a signed authentication token at the host server from the embeddable interface, wherein the signed authentication token is authenticated by an authentication server in response to a user challenge delivered by the authentication server to the embeddable interface; and
  
  verifying the signed authentication token at the host server.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the embeddable interface comprises an iframe within a webpage.
  - 3. The method of claim 1, wherein initiating the authentication session comprises prompting a user to provide user credentials.
  - 4. The method of claim 1, wherein the user credentials comprises a user name and password.
  - 5. The method of claim 1, further comprising generating at the host server the transaction token.
  - 6. The method of claim 5, wherein the transaction token comprises a signed cookie.
  - 7. The method of claim 1, wherein the user challenge comprises a secondary message transmitted to the embeddable interface.

8. A method comprising:
- receiving at an authentication server a transaction token from a host website, the host website comprising an embeddable interface;
  
  prompting a user challenge by the authentication server at the embeddable interface;
  
  in response to a successful user challenge, creating a signed authentication token; and
  
  transmitting the signed authentication token from the authentication server to the embeddable interface.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8, wherein the embeddable interface comprises an iframe within a webpage.
  - 10. The method of claim 8, wherein the transaction token comprises a signed cookie.
  - 11. The method of claim 8, wherein the user challenge comprises a secondary message transmitted to the embeddable interface.
  - 12. The method of claim 11, wherein the user challenge comprises one of a voice call, an SMS message, an MMS message, a fax message, an instant message, an email, a security question, a push notification, a one-time password, or identification of an authentication agent.
  - 13. The method of claim 8, wherein the signed authentication token comprises a signed cookie.
  - 14. The method of claim 8, further comprising in response to an unsuccessful user challenge, transmitting an alternative message to the embeddable interface for delivery to a host server.

15. A method comprising:
- receiving at an authentication server an authentication session initialization request from an embeddable interface;
  
  prompting a user challenge by the authentication server at the embeddable interface;
  
  in response to a successful user challenge, creating a signed authentication token; and
  
  verifying the signed authentication token between the authentication server and a VPN system.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method of claim 15, wherein the embeddable interface comprises an iframe within a webpage.
  - 17. The method of claim 15, wherein the user challenge comprises a secondary message transmitted to the embeddable interface.
  - 18. The method of claim 17, wherein the user challenge comprises one of a voice call, an SMS message, an MMS message, a fax message, an instant message, an email, a security question, a push notification, a one-time password, or identification of an authentication agent.
  - 19. The method of claim 15, wherein verifying the signed authentication token between the authentication server and the VPN system comprises returning the signed authentication token from the VPN system to the authentication server such that the authentication server can perform verification.
  - 20. The method of claim 15, further comprising in response to an unsuccessful user challenge, transmitting an alternative message to the embeddable interface to delivery to the VPN system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Duo Security Incorporated (Cisco Systems, Inc.)
Inventors
Oberheide, Jon, Song, Douglas, Goodman, Adam

Granted Patent

US 8,510,820 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/9
CPC Class Codes

G06F 21/335   for accessing specific reso...

H04L 63/0272   Virtual private networks

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0853   using an additional device,...

SYSTEM AND METHOD FOR EMBEDDED AUTHENTICATION

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

63 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR EMBEDDED AUTHENTICATION

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

63 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links