System and method to send a message using multiple authentication mechanisms
First Claim
Patent Images
1. A method comprising:
- receiving, by a component that executes program code, first authentication data in association with a message from a sender computing system, the first authentication data conforming to a first authentication mechanism and being associated with a user in the sender computing system;
receiving, by the component, second authentication data in association with the message from the sender computing system, the second authentication data conforming to a second authentication mechanism and being associated with a fixed anonymous user that is different than the user associated with the first authentication data;
wherein the message includes the second authentication data and an assertion that includes the first authentication data, an attester signature of the message, and an attester certificate;
performing, by the component, an authentication action of the second authentication data based on the second authentication mechanism;
determining, by the component, whether the attester signature is valid and whether the attester certificate is trusted;
processing the message after the receiving, by the component, of the first authentication data in association with the message from the sender computing system;
wherein the processed message comprises a second assertion including the first authentication data, a second attester signature and a second attester certificate created by a certificate handling block of the component;
transmitting the processed message that comprises the second assertion including the first authentication data, the second attester signature and the second attester certificate created by the certificate handling block of the component to a receiver computing system; and
after the receiving, by the component, the first authentication data in association with the message from the sender computing system, not performing an authentication action based on the first authentication data until after the transmission of the processed message that comprises the second assertion including the first authentication data, the second attester signature and the second attester certificate created by the certificate handling block of the component to a receiver computing system.
2 Assignments
0 Petitions
Accused Products
Abstract
A system may include a sender computing system to transmit first authentication data in association with a message, the first authentication data conforming to a first authentication mechanism, and to transmit second authentication data in association with the message, the second authentication data conforming to a second authentication mechanism. The system may also include a component to receive the first authentication data in association with the message from the sender computing system, and to receive the second authentication data in association with the message from the sender computing system.
36 Citations
18 Claims
-
1. A method comprising:
-
receiving, by a component that executes program code, first authentication data in association with a message from a sender computing system, the first authentication data conforming to a first authentication mechanism and being associated with a user in the sender computing system; receiving, by the component, second authentication data in association with the message from the sender computing system, the second authentication data conforming to a second authentication mechanism and being associated with a fixed anonymous user that is different than the user associated with the first authentication data; wherein the message includes the second authentication data and an assertion that includes the first authentication data, an attester signature of the message, and an attester certificate; performing, by the component, an authentication action of the second authentication data based on the second authentication mechanism; determining, by the component, whether the attester signature is valid and whether the attester certificate is trusted; processing the message after the receiving, by the component, of the first authentication data in association with the message from the sender computing system; wherein the processed message comprises a second assertion including the first authentication data, a second attester signature and a second attester certificate created by a certificate handling block of the component; transmitting the processed message that comprises the second assertion including the first authentication data, the second attester signature and the second attester certificate created by the certificate handling block of the component to a receiver computing system; and after the receiving, by the component, the first authentication data in association with the message from the sender computing system, not performing an authentication action based on the first authentication data until after the transmission of the processed message that comprises the second assertion including the first authentication data, the second attester signature and the second attester certificate created by the certificate handling block of the component to a receiver computing system. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer-readable medium storing processor-executable program code, the program code comprising:
-
code to receive, by a component, first authentication data in association with a message from a sender computing system, the first authentication data conforming to a first authentication mechanism and being associated with a user in the sender computing system; and code to receive, by the component, second authentication data in association with the message from the sender computing system, the second authentication data conforming to a second authentication mechanism and being associated with a fixed anonymous user that is different than the user associated with the first authentication data; wherein the message includes the second authentication data and an assertion that includes the first authentication data, an attester signature of the message, and an attester certificate; code to perform, by the component, an authentication action of the second authentication data based on the second authentication mechanism; code to determine, by the component, whether the attester signature is valid and whether the attester certificate is trusted; code to perform, by the component, processing of the message after reception, by the component, of the first authentication data in association with the message; wherein the processed message comprises a second assertion including the first authentication data, a second attester signature and a second attester certificate created by a certificate handling block of the component; and code to transmit the processed message that comprises the second assertion including the first authentication data, the second attester signature and the second attester certificate created by the certificate handling block of the component to a receiver computing system without first performing, by the component, an authentication action based on the received first authentication data. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system comprising:
-
a sender computing system that includes hardware and is to transmit first authentication data in association with a message, the first authentication data conforming to a first authentication mechanism and being associated with a user in the sender computing system, and to transmit second authentication data in association with the message, the second authentication data conforming to a second authentication mechanism and being associated with a fixed anonymous user that is different than the user associated with the first authentication data; and a component that includes hardware and is to receive the first authentication data in association with the message from the sender computing system, to receive the second authentication data in association with the message from the sender computing system, wherein the message includes the second authentication data and an assertion that includes the first authentication data, an attester signature of the message, and an attester certificate, to perform an authentication action of the second authentication data based on the second authentication mechanism, to determine whether the attester signature is valid and whether the attester certificate is trusted, process the message after reception, by the component, of the first authentication data in association with the message, wherein the processed message comprises a second assertion including the first authentication data, a second attester signature and a second attester certificate created by a certificate handling block of the component, and to transmit the processed message that comprises the second assertion including the first authentication data, the second attester signature and the second attester certificate created by the certificate handling block of the component to a receiver computing system without first performing, by the component, an authentication action based on the received first authentication data. - View Dependent Claims (16, 17, 18)
-
Specification