AUTOMATIC TOKEN RENEWAL FOR DEVICE AUTHENTICATION
First Claim
1. A computer implemented method for authenticating a user, comprising:
- under control of one or more computer systems configured with executable instructions,receiving an authentication request for at least one user operating a computing device registered with a provider environment, the authentication request including one or more credentials for at least one of the user or the computing device;
in response to authenticating the at least one of the user or the computing device, providing a first token to the computing device for submission with a subsequent request;
receiving a subsequent request that includes the first token;
determining that the first token has expired;
determining based at least in part upon the first token and information for the at least one user that a second token has not previously been generated;
generating the second token; and
providing the second token to the computing device for submission with one or more subsequent related requests.
1 Assignment
0 Petitions
Accused Products
Abstract
Approaches are described for automatically generating new security credentials, such as security tokens, which can involve automatically re-authenticating a user (or client device) using a previous security token issued to that user (or device). The re-authentication can happen without any knowledge and/or action on the part of the user. The re-authentication mechanism can invalidate and/or keep track of the previous security token, such that when a subsequent request is received that includes the previous security token, the new security token can be invalidated, and the user caused to re-authenticate, as receiving more than one request with the previous security token can be indicative that the user'"'"'s token might have been stolen.
-
Citations
1 Claim
-
1. A computer implemented method for authenticating a user, comprising:
under control of one or more computer systems configured with executable instructions, receiving an authentication request for at least one user operating a computing device registered with a provider environment, the authentication request including one or more credentials for at least one of the user or the computing device; in response to authenticating the at least one of the user or the computing device, providing a first token to the computing device for submission with a subsequent request; receiving a subsequent request that includes the first token; determining that the first token has expired; determining based at least in part upon the first token and information for the at least one user that a second token has not previously been generated; generating the second token; and providing the second token to the computing device for submission with one or more subsequent related requests.
Specification
-
- Resources
-
Current AssigneeAmazon Technologies, Inc. (Amazon.com, Inc.)
-
Original AssigneeAmazon Technologies, Inc. (Amazon.com, Inc.)
-
InventorsBARROWS, MAXIMILIAN FRANCIS, FERRARO, PAUL FRANCIS DEAN, MCHUGH, JASON GEORGE, PASSAGLIA, ABRAHAM MARTIN, ROTHS, ANDREW JAY, SHELL, ERIC ALLAN
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current1/1
-
CPC Class CodesH04L 63/08 for authentication of entit...H04L 63/0846 using time-dependent-passwo...
