Dynamic update of authentication information
First Claim
1. A computer-readable storage medium having computer-executable instructions that, when executed by at least one processor, implement components comprising:
- an authentication component that, when executed by the at least one processor, performs a method for authenticating an entity using first credential information, wherein, during authentication, the authentication component may identify that second credential information is required to complete the method for authenticating;
an interface component that;
receives the first credential information from at least one application component and provides the first credential information to the authentication component;
when the authentication component identifies that second credential information is required to complete the method for authenticating, notifies the at least one application component that the second credential information is required; and
after the at least one application obtains the second credential information in response to the notification from the interface component, provides the second credential information to the authentication component; and
the at least one application component, separate from the authentication component, that, when executed by the at least one processor, obtains the first credential information and the second credential information for the entity by;
generating at least one user interface in the context of the at least one application component; and
collecting the first credential information and the second credential information via the at least one user interface.
2 Assignments
0 Petitions
Accused Products
Abstract
A framework is provided that decouples credential acquisition from authentication processes using those credentials in a way that facilitates dynamic update of credential information. An authentication component may receive credential information for authentication of a user or a device for access to a resource. During interactions with an external authenticator, the authentication component may identify that updated credential information is required and issue a request to the application including credential parameters defining the updated credential information. An application component receiving the request may acquire updated credential information from a user or another entity. In addition, the authentication method may issue notifications to the application. The framework enables the application to update credentials in a context specific way.
25 Citations
20 Claims
-
1. A computer-readable storage medium having computer-executable instructions that, when executed by at least one processor, implement components comprising:
-
an authentication component that, when executed by the at least one processor, performs a method for authenticating an entity using first credential information, wherein, during authentication, the authentication component may identify that second credential information is required to complete the method for authenticating; an interface component that; receives the first credential information from at least one application component and provides the first credential information to the authentication component; when the authentication component identifies that second credential information is required to complete the method for authenticating, notifies the at least one application component that the second credential information is required; and after the at least one application obtains the second credential information in response to the notification from the interface component, provides the second credential information to the authentication component; and the at least one application component, separate from the authentication component, that, when executed by the at least one processor, obtains the first credential information and the second credential information for the entity by; generating at least one user interface in the context of the at least one application component; and collecting the first credential information and the second credential information via the at least one user interface. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method of operating a client device to authenticate an entity, comprising:
with at least one processor; obtaining, with an application component, first credential information; providing the first credential information to an authentication component via an interface between the application component and the authentication component; interacting between the authentication component and an authenticator external to the client device using the first credential information; identifying, by the authentication component, that second credential information is required; providing, by the authentication component via the interface, second parameters of the second credential information to the first application component; obtaining, with the application component, second credential information consistent with the second parameters; and interacting between the authentication component and the authenticator external to the client device using the second credential information. - View Dependent Claims (15, 16, 17)
-
18. A method of communicating between an Extensible Authentication Protocol (EAP) component and an application in a device, comprising the steps of:
with at least one processor; identifying, by the EAP component, that credential information is required; providing, by the EAP component, a description of the credential information, using credential parameters, to an interface between the EAP component and the application, wherein the application collects the credential information in accordance with the credential parameters by; generating at least one user interface in the context of the at least one application; and collecting the credential information via the at least one user interface; and obtaining, by the EAP component, the collected credential information from the application. - View Dependent Claims (19, 20)
Specification