System and method for secure communication
First Claim
Patent Images
1. An authentication apparatus for authenticating communication between a client and one or more web services, the authentication apparatus comprising:
- a non-transitory computer readable memory storing instructions; and
a processor for executing the instructions stored in the computer readable memory, the instructions when executed by the processor causing the processor to perform authentication tasks including;
providing to a client application executed on the client a plurality of authentication identifiers over a secure communication channel established over a network, individual authentication identifiers of the plurality of authentication identifiers for use in validating subsequent client application requests to access functionality provided by a web service, wherein the secure communication channel is an encrypted communication channel;
receiving, over an unsecure communication channel established over the network, a client application request to access a functionality provided by the web service and an associated authentication identifier from the plurality of authentication identifiers, wherein the unsecure communication channel is an unencrypted communication channel;
validating an authorization for the client application to access the requested functionality of the web service using the associated authentication identifier from the plurality of authentication identifiers received with the client application request to access the functionality provided by the web service; and
sending the request to access the functionality to the web service when the client application authorization to access the functionality of the web service is validated.
6 Assignments
0 Petitions
Accused Products
Abstract
A secure communication module is provided for securing communication between a client application and a network service. The secure communication module comprises an authentication identifier provider for providing the client application a pool of authentication identifiers for use in subsequent communication with the network service, and an authentication identifier validator for checking the validity of an authentication identifiers from the pool of authentication identifiers sent with the subsequent communication.
36 Citations
20 Claims
-
1. An authentication apparatus for authenticating communication between a client and one or more web services, the authentication apparatus comprising:
-
a non-transitory computer readable memory storing instructions; and a processor for executing the instructions stored in the computer readable memory, the instructions when executed by the processor causing the processor to perform authentication tasks including; providing to a client application executed on the client a plurality of authentication identifiers over a secure communication channel established over a network, individual authentication identifiers of the plurality of authentication identifiers for use in validating subsequent client application requests to access functionality provided by a web service, wherein the secure communication channel is an encrypted communication channel; receiving, over an unsecure communication channel established over the network, a client application request to access a functionality provided by the web service and an associated authentication identifier from the plurality of authentication identifiers, wherein the unsecure communication channel is an unencrypted communication channel; validating an authorization for the client application to access the requested functionality of the web service using the associated authentication identifier from the plurality of authentication identifiers received with the client application request to access the functionality provided by the web service; and sending the request to access the functionality to the web service when the client application authorization to access the functionality of the web service is validated. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for authenticating communication over a network comprising:
-
a client computing device coupled to the network, the client computing device executing a client application for receiving a plurality authentication identifiers over a secure communication channel through the network and sending over an unsecure communication channel through the network a client application request to access a functionality provided by a web service and an associated authentication identifier from the plurality of authentication identifiers; the web service coupled to an authentication apparatus through the network for receiving the request to access the functionality of the web service; and an authentication server coupled to the network for; providing the plurality of authentication identifiers to the client application over the secure communication channel established through the network, individual authentication identifiers of the plurality of authentication identifiers for use in validating subsequent client application requests to access functionality provided by the web service, wherein the secure communication channel is an encrypted communication channel; receiving, over the unsecure communication channel established through the network, the client application request to access the functionality provided by the web service and the associated authentication identifier from the plurality of authentication identifiers, wherein the unsecure communication channel is an unencrypted communication channel; validating an authorization for the client application to access the requested functionality of the web service using the associated authentication identifier from the plurality of authentication identifiers received with the client application request to access the functionality provided by the web service; and sending the request to access the functionality of the web service when the client application authorization to access the functionality of the web service is validated. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A method of authenticating communication between a client and a web service, the method comprising:
-
sending, from the client, client application credentials over a secure communication channel; receiving and authenticating, at a server, the client application credentials; providing a plurality of authentication identifiers to the client over the secure communication channel established through a network, individual authentication identifiers of the plurality of authentication identifiers for use in validating subsequent client application requests to access functionality provided by a web service, wherein the secure communication channel is an encrypted communication channel;
receiving at the client the plurality of authentication identifiers;sending a client application request to access a functionality provided by the web service, the request including an associated authentication identifier from the plurality of received authentication identifiers; receiving, over an unsecure communication channel established through the network, the client application request to access the functionality provided by the web service and the associated authentication identifier, wherein the unsecure communication channel is an unencrypted communication channel; validating an authorization for the client application to access the requested functionality of the web service using the associated authentication identifier from the plurality of authentication identifiers received with the client application request to access the functionality provided by the web service; and sending the request to access the functionality of the web service when the client application authorization to access the web service is validated. - View Dependent Claims (19, 20)
-
Specification