System and method for trusted embedded user interface for authentication
First Claim
1. A system, comprising:
- one or more processors;
a memory coupled to one or more processors, wherein the memory stores program instructions executable by the one or more processors to implement a security component associated with a network-enabled application, wherein said security component is configured to;
initiate display of an embedded region of a window drawn by the network-enabled application,wherein the window is drawn according to display information received from a relying party,wherein the display information from the relying party indicates an area where the embedded region is to be drawn,wherein at least part of the appearance of the embedded region of the window is defined by said security component and not by the relying party, andwherein the embedded region is an integral part within the window drawn by the network-enabled application;
determine authentication credentials for a user;
send the authentication credentials to an assertion provider to authenticate the user to the relying party.
2 Assignments
0 Petitions
Accused Products
Abstract
A security component may be associated with a network-enabled application. The security component may initiate the display of an embedded region of a window drawn according to display information received from a relying party. The security component may define at least a portion of the appearance of the embedded region; the relying party may not define this portion. The embedded region may include customization information configured by a user, and “Card” information received from an assertion provider, indicating how to authenticate user credentials in order to gain access to relying party restricted content. The security component may request authentication of user credentials from the assertion provider, which may be trusted by the relying party. The security component may receive an assertion token from the assertion provider indicating the credentials are authentic. The security component may forward the assertion token to the relying party to gain access to the restricted content.
-
Citations
54 Claims
-
1. A system, comprising:
-
one or more processors; a memory coupled to one or more processors, wherein the memory stores program instructions executable by the one or more processors to implement a security component associated with a network-enabled application, wherein said security component is configured to; initiate display of an embedded region of a window drawn by the network-enabled application, wherein the window is drawn according to display information received from a relying party, wherein the display information from the relying party indicates an area where the embedded region is to be drawn, wherein at least part of the appearance of the embedded region of the window is defined by said security component and not by the relying party, and wherein the embedded region is an integral part within the window drawn by the network-enabled application; determine authentication credentials for a user; send the authentication credentials to an assertion provider to authenticate the user to the relying party. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer-implemented method, comprising:
-
a client-side security component initiating the display of an embedded region of a window drawn by a network-enabled application, wherein the window is drawn according to display information received from a relying party, wherein the display information from the relying party indicates an area where the embedded region is to be drawn, wherein at least part of the appearance of the embedded region of the window is defined by the client-side security component and not by the relying party, and wherein the embedded region is an integral part within the window drawn by the network-enabled application; the client-side security component determining authentication credentials for a user; client-side security component sending the authentication credentials to an assertion provider to authenticate the user to the relying party. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
-
-
37. A non-transitory computer-accessible storage medium storing program instructions computer-executable to implement a security component associated with a network-enabled application, wherein said security component is configured to:
-
initiate display of an embedded region of a window drawn by the network-enabled application, wherein the window is drawn according to display information received from a relying party, wherein the display information from the relying party indicates an area where the embedded region is to be drawn, wherein at least part of the appearance of the embedded region of the window is defined by said component and not by the relying party, and wherein the embedded region is an integral part within the window drawn by the network-enabled application; determine authentication credentials for a user; send the authentication credentials to an assertion provider to authenticate the user to the relying party. - View Dependent Claims (38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54)
-
Specification