Method and apparatus for authentication of users and web sites
First Claim
Patent Images
1. A method of providing and authenticating a web page, comprising:
- at least as part of a registration process performed at least in part to identify customization information for a user to allow the user to perceptively authenticate at least the web page;
identifying the customization information by at least one selected from;
allowing a user to provide the customization information;
allowing the user to select the customization information from a set comprising the customization information and other information; and
providing the customization information to the user; and
associating with a user identifier the customization information identified;
providing the user identifier in a cookie;
encrypting the cookie;
storing the cookie on a computer system operated by the user;
responsive to a request for the web page, reading the cookie stored;
providing the web page requested;
responsive to the cookie read, providing the customization information identified, via at least one selected from;
a) a secure connection and;
b) a communication channel different from that used to provide the web page; and
authenticating the web page by comparing said customization information to the customization information identified.
15 Assignments
0 Petitions
Accused Products
Abstract
A system and method allows a user to authenticate a web site, a web site to authenticate a user, or both. When a user requests a web page from the web site, customization information that is recognizable to the user is provided to allow the user to authenticate the web site. A signed, encrypted cookie stored on the user'"'"'s system allows the web site to authenticate the user.
-
Citations
21 Claims
-
1. A method of providing and authenticating a web page, comprising:
-
at least as part of a registration process performed at least in part to identify customization information for a user to allow the user to perceptively authenticate at least the web page; identifying the customization information by at least one selected from; allowing a user to provide the customization information; allowing the user to select the customization information from a set comprising the customization information and other information; and providing the customization information to the user; and associating with a user identifier the customization information identified; providing the user identifier in a cookie; encrypting the cookie; storing the cookie on a computer system operated by the user; responsive to a request for the web page, reading the cookie stored; providing the web page requested; responsive to the cookie read, providing the customization information identified, via at least one selected from; a) a secure connection and; b) a communication channel different from that used to provide the web page; and authenticating the web page by comparing said customization information to the customization information identified. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system for providing a web page in a manner that allows its authentication, comprising:
-
a registration manager for, at least as part of a registration process performed at least in part to identify customization information for a user to allow the user to perceptively authenticate at least the web page, identifying the customization information by at least one selected from;
allowing a user to provide the customization information;
allowing the user to select the customization information from a set comprising the customization information and other information; and
providing the customization information to the user,and for associating in a database coupled to a database output a user identifier with the customization information identified and for providing the user identifier at an output; a cookie builder having an input coupled to the registration manager output, the cookie builder for providing the user identifier in a cookie at an output; a cookie encryptor having an input coupled to the cookie builder output, the cookie encryptor for encrypting the cookie and providing the encrypted cookie at an output; a cookie storage having an input/output coupled to the cookie encryptor output, the cookie storage for storing the cookie on a computer system operated by the user; a web application having an input coupled for receiving a request for a web page, the web application for, responsive to the request for the web page, for reading the cookie stored via the web application input, for providing at least a portion of the web page at a first output, and providing at a second output the user identifier from the cookie read; and a customization information provider having an input coupled to the web application second output for receiving the user identifier, the customization information provider for retrieving at least a portion of the customization information from the database via an input/output coupled thereto, the customization information provider for, responsive to the web page requesting confidential information or providing information for which an indicia of authentication can be desired by the user, providing at an output the customization information identified, via at least one selected from; a) a secure connection and; b) a communication channel different from that used to provide the web page. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A computer program product comprising a computer useable medium having computer readable program code embodied therein for providing a web page in a manner that allows its authentication, the computer program product comprising computer readable program code devices configured to cause a computer to:
-
at least as part of a registration process performed at least in part to identify customization information for a user to allow the user to perceptively authenticate at least the web page; identify the customization information by at least one selected from; allowing a user to provide the customization information; allowing the user to select the customization information from a set comprising the customization information and other information; and providing the customization information to the user; and associate with a user identifier customization information identified; provide the user identifier in a cookie; encrypt the cookie; store the cookie on a computer system operated by the user; responsive to a request for the web page, read the cookie stored; provide the web page requested; responsive to the cookie read, provide the customization information identified via at least one selected from; a) a secure connection and; b) a communication channel different from that used to provide the web page; and authenticate the web page by comparing said customization information to the customization information identified. - View Dependent Claims (18, 19, 20, 21)
-
Specification