UNIVERSAL ANONYMOUS CROSS-SITE AUTHENTICATION
First Claim
1. A device, comprising:
- one or more processors to;
receive user information associated with a user;
generate a user profile for the user that stores the user information and authentication confirmation information associated with confirming that a received response to a challenge code generated using a particular cryptographic key matches an expected response generated using the particular cryptographic key;
provide the particular cryptographic key and information identifying the user profile;
receive a request to authenticate a secure session for a user device from an application server,the request including authentication information that includes a particular response to a particular challenge code and a user identifier;
obtain, based on the user identifier, the authentication confirmation information associated with the user from a data structure storing one or more user profiles;
validate the particular response to the particular challenge code based on the authentication confirmation information; and
provide information to the application server indicating that the secure session is authenticated for the user device to permit the application server to establish the secure session with the user device based on validating the authentication information.
1 Assignment
0 Petitions
Accused Products
Abstract
The device may receive user information associated with a user. The device may generate a user profile for the user that stores user information and authentication confirmation information. The device may provide a particular cryptographic key and information identifying the user profile. The device may receive a request to authenticate a secure session for a user device from an application server. The device may obtain, based on the user identifier, the authentication confirmation information associated with the user from a data structure storing one or more user profiles. The device may validate the particular response to the particular challenge code based on the authentication confirmation information. The device may provide information to the application server indicating that the secure session is validated for the user device based on validating the authentication information.
51 Citations
20 Claims
-
1. A device, comprising:
one or more processors to; receive user information associated with a user; generate a user profile for the user that stores the user information and authentication confirmation information associated with confirming that a received response to a challenge code generated using a particular cryptographic key matches an expected response generated using the particular cryptographic key; provide the particular cryptographic key and information identifying the user profile; receive a request to authenticate a secure session for a user device from an application server, the request including authentication information that includes a particular response to a particular challenge code and a user identifier; obtain, based on the user identifier, the authentication confirmation information associated with the user from a data structure storing one or more user profiles; validate the particular response to the particular challenge code based on the authentication confirmation information; and provide information to the application server indicating that the secure session is authenticated for the user device to permit the application server to establish the secure session with the user device based on validating the authentication information. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
8. A computer-readable medium storing instructions, the instructions comprising:
one or more instructions that, when executed by one or more processors, cause the one or more processors to; receive a request from a user device to initiate a secure session associated with a particular provider, the user device having received authentication credentials from a server; provide, to the user device, a challenge code associated with the secure session and a session key identifying the secure session; receive authentication information responding to the challenge code from the user device; provide, to the server, the authentication information from the user device and the challenge code; receive, from the server, a success code indicating that the authentication information is valid, the success code identifying the secure session, the success code indicating that the server confirmed that the authentication information includes a response to the challenge code that matches an expected response to the challenge code for the user device; and provide, to the user device, an indication that the secure session associated with the session key is authenticated based on receiving the success code. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
15. A method, comprising:
-
receiving, by a device from a user device, a request to initiate a secure session that is associated with a particular provider of multiple providers associated with providing secure sessions, the user device having received cryptographic information associated with generating responses to challenge codes; providing, by the device, a challenge code and a session key associated with the secure session; receiving, by the device, authentication information including a response to the challenge code, the authentication information being determined to be associated with the secure session based on the session key; determining, by the device, that the authentication information is valid without the particular provider being provided with access to user information identifying a user of the user device, the response to the challenge code having been determined to match an expected response to the challenge code determined based on other cryptographic information matching the cryptographic information; and providing, by the device, an indication that the secure session is authenticated based on determining that the authentication information is valid. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification