STRONG AUTHENTICATION WITH FEEDER ROBOT IN A FEDERATED IDENTITY WEB ENVIRONMENT

US 20170078270A1
Filed: 09/11/2015
Published: 03/16/2017
Est. Priority Date: 09/11/2015
Status: Active Grant

First Claim

Patent Images

1. An authentication server in communication with a controlled access application that requires at least a first Identifier (ID) factor and a second ID factor for authentication, the authentication server comprising:

at least one processor; and

memory storing instructions that, when executed by the at least one processor, causes the authentication server to perform operations includingreceiving a request to authenticate a user using the first ID factor and the second ID factor,obtaining first information to complete the first ID factor, at least some of the first information being obtained from a user attempting to access the controlled access application,generating, at the authentication server, a first web form using the first information,submitting the first web form to a host verification server,receiving an indication of successful verification from the host verification server,obtaining second information to complete the second ID factor, at least some of the second information being obtained from the user,generating, at the authentication server, a second web form using the second information obtained,submitting the second web form to the host verification server,receiving an indication of successful verification from the host verification server, andinitiating, in response to receiving the indication of successful verification, access to the controlled access application.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Method, system, and programs for performing two-factor authentication for a controlled access application via one or more third-party host verification servers. An example method includes receiving a request to a controlled access application after a user has successfully logged into an enterprise system with a first Identifier (ID) factor, the controlled access application requiring additional authentication with a second ID factor, obtaining first information to complete the second ID factor, at least some of the first information being obtained from the user, and generating a first web form using the first information. The method also includes submitting the first web form to a host verification server, receiving an indication of successful verification from the host verification server; and initiating, in response to receiving the indication of successful verification, access to the controlled access application.

16 Citations

View as Search Results

20 Claims

1. An authentication server in communication with a controlled access application that requires at least a first Identifier (ID) factor and a second ID factor for authentication, the authentication server comprising:
- at least one processor; and
  
  memory storing instructions that, when executed by the at least one processor, causes the authentication server to perform operations includingreceiving a request to authenticate a user using the first ID factor and the second ID factor,obtaining first information to complete the first ID factor, at least some of the first information being obtained from a user attempting to access the controlled access application,generating, at the authentication server, a first web form using the first information,submitting the first web form to a host verification server,receiving an indication of successful verification from the host verification server,obtaining second information to complete the second ID factor, at least some of the second information being obtained from the user,generating, at the authentication server, a second web form using the second information obtained,submitting the second web form to the host verification server,receiving an indication of successful verification from the host verification server, andinitiating, in response to receiving the indication of successful verification, access to the controlled access application.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The authentication server according to claim 1, wherein the first information includes information obtained from a data store for the user.
  - 3. The authentication server according to claim 1, wherein the second information includes a security device token provided by the user.
  - 4. The authentication server according to claim 1, wherein obtaining the first information, generating the first web form, and submitting the first web form is performed by a first feeder robot configured to authenticate the first ID factor with the host verification server and obtaining the second information, generating the second web form, and submitting the second web form is performed by a second feeder robot configured to authenticate the second ID factor with the host verification server.
  - 5. The authentication server according to claim 4, wherein the first feeder robot includes rules for extracting information from a verification form received from the host verification server and rules for placing the first information in the first web form.
  - 6. The authentication server according to claim 1, wherein generating the first web form includes:
    - requesting a verification form from the host verification server; and
      
      extracting at least some of the first information from the verification form from the verification form after it is received.
  - 7. The authentication server according to claim 1, wherein the first ID factor and the second ID factor satisfy a mandated level of access requirement.

8. A method comprising:
- receiving a request to a controlled access application after a user has successfully logged into an enterprise system with a first Identifier (ID) factor, the controlled access application requiring additional authentication with a second ID factor;
  
  obtaining first information to complete the second ID factor, at least some of the first information being obtained from the user,generating a first web form using the first information,submitting the first web form to a host verification server,receiving an indication of successful verification from the host verification server; and
  
  initiating, in response to receiving the indication of successful verification, access to the controlled access application.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method according to claim 8, wherein the first information includes information obtained from a data store for the user.
  - 10. The method according to claim 8, wherein the first information includes a security device token provided by the user.
  - 11. The method according to claim 8, wherein obtaining the first information, generating the first web form, and submitting the first web form is performed by a first feeder robot configured to authenticate the second ID factor with the host verification server.
  - 12. The method according to claim 11, wherein the first feeder robot is selected based on the second ID factor.
  - 13. The method according to claim 8, wherein generating the first web form includes:
    - requesting a verification form from the host verification server; and
      
      extracting at least some of the first information from the verification form from the verification form after it is received.
  - 14. The method according to claim 8, wherein the first information obtained from the user is obtained via a user interface provided by the controlled access application.

15. A method comprising:
- receiving a request to access a controlled access application, the request including a first Identifier (ID) factor and a second ID factor and identifying a user;
  
  selecting a first feeder robot configured to obtain first information for the first ID factor;
  
  activating the first feeder robot to generate a first web form using the first information, at least some of the first information being information obtained from the user;
  
  submitting the first web form to a first host verification server,receiving an indication of successful verification from the first host verification server;
  
  selecting a second feeder robot configured to obtain second information for the second ID factor;
  
  activating the second feeder robot to generate a second web form using the second information, at least some of the second information being information obtained from the user;
  
  submitting the second web form to a second host verification server; and
  
  initiating, in response to receiving an indication of successful verification from the second host verification server, access to the controlled access application.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method according to claim 15, wherein the first information includes information obtained from a data store for the user.
  - 17. The method according to claim 15, wherein the second information includes biometric information provided by the user.
  - 18. The method according to claim 15, wherein the first information obtained from the user and the second information obtained from the user are obtained via a user interface provided by the controlled access application.
  - 19. The method according to claim 15, wherein generating the first web form includes:
    - requesting a verification form from the host verification server; and
      
      extracting at least some of the first information from the verification form from the verification form after it is received.
  - 20. The method according to claim 15, wherein the first feeder robot and the first host verification server have a trusted relationship and the first host verification server lacks a relationship with the controlled access application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
DrFirst.com, Incorported
Original Assignee
DrFirst.com, Incorported
Inventors
TANG, Zilong

Granted Patent

US 9,961,070 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 2463/082   applying multi-factor authe...

H04L 63/0815   providing single-sign-on or...

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04L 63/0861   using biometrical features,...

H04L 63/123   received data contents, e.g...

STRONG AUTHENTICATION WITH FEEDER ROBOT IN A FEDERATED IDENTITY WEB ENVIRONMENT

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

16 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

STRONG AUTHENTICATION WITH FEEDER ROBOT IN A FEDERATED IDENTITY WEB ENVIRONMENT

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

16 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links