AUTHENTICATION CONTEXT TRANSFER FOR ACCESSING COMPUTING RESOURCES VIA SINGLE SIGN-ON WITH SINGLE USE ACCESS TOKENS
First Claim
1. A computer-implemented method for accessing computing resources using secure single sign-on authentication, the method comprising:
- authenticating, by any of one or more computer processors, data representing a security credential of a user;
generating, by any of the one or more computer processors, data representing a single use access token based on the authenticated security credential, the single use access token being configured to expire for purposes of validation after a single such validation occurs against the single use access token; and
generating, by any of the one or more computer processors, executable code having the single use access token data encoded therewith, the executable code comprising instructions that, when executed by an end-user computing device, cause the end-user computing device to install an application and the single use access token data onto a computer-readable medium.
2 Assignments
0 Petitions
Accused Products
Abstract
Techniques are disclosed for accessing computing resources using secure single sign on authentication with a single use access token, including website-to-desktop application delivery and secure transfer of context information from the website to the desktop application once valid security credentials are provided from the same end-user computing device. A user signs onto a web application once using the security credentials. A web-based single use token generator generates a single use access token based on the user-supplied security credentials. A web-based context embedder service dynamically generates a context carrier and transfer application including the single use access token. The context carrier and transfer application is provided to an end-user computing device, which, when executed locally, installs a desktop application onto the end-user computing device. The desktop application utilizes the single use access token to access a secure, cloud-based computing resource. The single use access token expires after one use.
55 Citations
20 Claims
-
1. A computer-implemented method for accessing computing resources using secure single sign-on authentication, the method comprising:
-
authenticating, by any of one or more computer processors, data representing a security credential of a user; generating, by any of the one or more computer processors, data representing a single use access token based on the authenticated security credential, the single use access token being configured to expire for purposes of validation after a single such validation occurs against the single use access token; and generating, by any of the one or more computer processors, executable code having the single use access token data encoded therewith, the executable code comprising instructions that, when executed by an end-user computing device, cause the end-user computing device to install an application and the single use access token data onto a computer-readable medium. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A computer-implemented method for accessing computing resources using secure single sign-on authentication, the method comprising:
-
prompting, by a computer processor, a user to provide a security credential on a first occasion; sending, by the computer processor, the security credential of the user to a remote computing system via a browser; receiving, by the computer processor and in response to sending the security credential, executable code having single use access token data encoded therewith, the single use access token being configured to expire for purposes of validation after a single such validation occurs against the single use access token; and installing, by the computer processor, a desktop application and the single use access token data onto a computer-readable medium using the executable code, the desktop application being different than the browser. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A system comprising:
-
a storage; and one or more computer processors operatively coupled to the storage, the one or more computer processors configured to execute instructions stored in the storage that when executed cause any of the one or more computer processors to carry out a process comprising; receiving data representing a security credential of a user; authenticating the security credential; generating data representing a single use access token based on the authenticated security credential, the single use access token being configured to expire for purposes of validation after a single such validation occurs against the single use access token; and generating executable code having the single use access token data encoded therewith, the executable code comprising instructions that, when executed by an end-user computing device, cause the end-user computing device to install an application and the single use access token data onto a computer-readable medium. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification