Secure portable store for security skins and authentication information
First Claim
1. A system, comprising:
- one or more processors;
a memory coupled to one or more processors, wherein the memory stores program instructions executable by the one or more processors to implement a security component associated with an network-enabled application, wherein said security component is configured to;
access a secure store comprising;
customization information comprising one or more graphical user interface customizations; and
one or more instances of card information, wherein each instance of card information specifies how to authenticate a user to access a relying party;
initiate the display of an embedded region in an area within a content page drawn by the network-enabled application, wherein the content page is drawn according to display information received from the relying party, wherein the display of the embedded region is integral to the content page drawn by the network-enabled application, wherein at least a part of the appearance of the embedded region of the content page is defined according to said customization information and not by the relying party, wherein the embedded region provides a user interface for determining user authentication credentials;
wherein the customization information and the one or more instances of card information are not accessible to the relying party in the secure store.
2 Assignments
0 Petitions
Accused Products
Abstract
A security component may be associated with a network-enabled application. The security component may access a secure store, which may include customization information, which may include one or more graphical user interface customizations defined by a user, and one or more instances of card information. The card information may specify how to authenticate a user'"'"'s credentials to access a relying party (e.g., web site). The security component may initiate the display of an embedded region of a window drawn by the network-enabled application. At least a part of the appearance of the embedded region of the window may be defined according to the customization information and not by the relying party. The embedded region may provide a user interface for determining user authentication credentials. The customization information and the one or more instances of card information may not be accessible to the relying party.
142 Citations
31 Claims
-
1. A system, comprising:
-
one or more processors; a memory coupled to one or more processors, wherein the memory stores program instructions executable by the one or more processors to implement a security component associated with an network-enabled application, wherein said security component is configured to; access a secure store comprising; customization information comprising one or more graphical user interface customizations; and one or more instances of card information, wherein each instance of card information specifies how to authenticate a user to access a relying party; initiate the display of an embedded region in an area within a content page drawn by the network-enabled application, wherein the content page is drawn according to display information received from the relying party, wherein the display of the embedded region is integral to the content page drawn by the network-enabled application, wherein at least a part of the appearance of the embedded region of the content page is defined according to said customization information and not by the relying party, wherein the embedded region provides a user interface for determining user authentication credentials; wherein the customization information and the one or more instances of card information are not accessible to the relying party in the secure store. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method, comprising:
-
storing customization information in a secure store, wherein the customization information comprises one or more graphical user interface customizations for an embedded region in an area within a content page drawn by a network-enabled application, wherein the content page is drawn according to display information received from the relying party, wherein the display of the embedded region is integral to the content page drawn by the network-enabled application, wherein at least a part of the appearance of the embedded region of the content page is defined according to said customization information and not by the relying party, wherein the embedded region provides a user interface for determining user authentication credentials; and storing one or more instances of card information in the secure store, wherein each instance of card information specifies how to authenticate a user to access a relying party; providing secure access to the customization information and one or more instances of card information in the secure store such that the customization information and one or more instances of card information in the secure store are accessible to a client-side security component and are not accessible to the relying party, wherein the client-side security component initiates display of said embedded region according to the customization region and accesses the one or more of the instances of card information for authenticating the user. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
-
20. A non-transitory computer-readable storage medium storing program instructions computer-executable to implement a security component associated with an network-enabled application, wherein said security component is configured to:
-
access a secure store comprising; customization information comprising one or more graphical user interface customizations; and one or more instances of card information, wherein each instance of card information specifies how to authenticate a user to access a relying party; initiate the display of an embedded region in an area within a content page drawn by the network-enabled application, wherein the content page is drawn according to display information received from the relying party, wherein the display of the embedded region is integral to the content page drawn by the network-enabled application, wherein at least a part of the appearance of the embedded region of the content page is defined according to said customization information and not by the relying party, wherein the embedded region provides a user interface for determining user authentication credentials; wherein the customization information and the one or more instances of card information are not accessible to the relying party in the secure store. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
Specification