SYSTEM AND METHOD FOR CARRYING STRONG AUTHENTICATION EVENTS OVER DIFFERENT CHANNELS
First Claim
1. A method comprising:
- performing authentication over a network with an authentication service to authenticate a client;
responsively generating a token at the authentication service, the token including identification information for the client, a service, and a type of authenticator used for the authentication, the token further including verification data;
transmitting the token to the client;
transmitting the token from the client to the service, the service using the verification data to verify the token and allowing or denying one or more transactions with the client based, at least in part, on the type of authenticator used for the authentication.
2 Assignments
0 Petitions
Accused Products
Abstract
A system, apparatus, method, and machine readable medium are described for performing authentication over multiple channels. For example, one embodiment of a method comprises: performing authentication over a network with an authentication service to authenticate a client; responsively generating a token at the authentication service, the token including identification information for the client, a service, and a type of authenticator used for the authentication, the token further including verification data; transmitting the token to the client; transmitting the token from the client to the service, the service using the verification data to verify the token and allowing one or more transactions with the client in accordance with a policy based, at least in part, on the type of authenticator used for the authentication.
-
Citations
21 Claims
-
1. A method comprising:
-
performing authentication over a network with an authentication service to authenticate a client; responsively generating a token at the authentication service, the token including identification information for the client, a service, and a type of authenticator used for the authentication, the token further including verification data; transmitting the token to the client; transmitting the token from the client to the service, the service using the verification data to verify the token and allowing or denying one or more transactions with the client based, at least in part, on the type of authenticator used for the authentication. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 21)
-
-
12. A method comprising:
-
performing authentication over a network with an networking device having authentication capabilities to authenticate a client, the network authentication performed over a secure communication channel; generating first identification information at the networking device identifying a type of authenticator used for the authentication; receiving network packets transmitted from the client device to a service; modifying the network packets to include the first identification information and routing the network packets to the service; and the service using the first identification information to determine the type of authenticator used for the authentication and allowing or denying one or more transactions with the client based, at least in part, on the type of authenticator used for the authentication. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
Specification