Method for authenticating a user within a multiple website environment to provide secure access
First Claim
1. A computer program product that is configured to authenticate users within a multiple website environment, comprising a non-transitory computer readable storage medium having encoded thereon instructions that, when executed on a processor, cause the processor at least to perform the following:
- authenticate a user at a first website via a first interface;
generate a common token representative of the user in response to successful authentication of the user for the first website, wherein the common token includes usage limitations specified directly by the user that place restrictions on how the common token can be used, wherein the user specified limitations include a list of permitted tasks the user is authorized to perform on the first website and on a plurality of websites different from the first website, wherein the user specified limitations include a list of company websites the user is authorized to access, and wherein the common token can be invalidated upon violation of any of the user specified limitations;
insert the common token into a second website operating without a common trust to the first website;
verify that the inserted common token is valid via a second interface; and
allow a task to be performed on the second website on behalf of the user via a third interface in response to verifying that the common token is valid.
3 Assignments
0 Petitions
Accused Products
Abstract
A method and an apparatus with computer readable media for creation of a common token, with at least one associated usage limitation, for authenticating a user within a multiple website environment are disclosed. The methodology employs a secured user authentication mechanism, for example, as a common token representative of the user, to be used in the authentication of a user and for performing secure online network transactions by the authenticated user in a multiple website environment. The common token can be used at a first website to perform a business, financial, or personal transaction for example; and then, the common token can be used again at a second website, a third website, etc. to perform one or more tasks on behalf of the authenticated user and within the token'"'"'s usage or associated limitations.
-
Citations
9 Claims
-
1. A computer program product that is configured to authenticate users within a multiple website environment, comprising a non-transitory computer readable storage medium having encoded thereon instructions that, when executed on a processor, cause the processor at least to perform the following:
-
authenticate a user at a first website via a first interface; generate a common token representative of the user in response to successful authentication of the user for the first website, wherein the common token includes usage limitations specified directly by the user that place restrictions on how the common token can be used, wherein the user specified limitations include a list of permitted tasks the user is authorized to perform on the first website and on a plurality of websites different from the first website, wherein the user specified limitations include a list of company websites the user is authorized to access, and wherein the common token can be invalidated upon violation of any of the user specified limitations; insert the common token into a second website operating without a common trust to the first website; verify that the inserted common token is valid via a second interface; and allow a task to be performed on the second website on behalf of the user via a third interface in response to verifying that the common token is valid. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of authenticating users within a multiple website environment, comprising:
-
authenticating a user at a first website via a first interface; generating a common token representative of the user in response to successful authentication of the user for the first website, wherein the common token includes usage limitations specified directly by the user that place restrictions on how the common token can be used, wherein the user specified limitations include a list of permitted tasks the user is authorized to perform on the first website and on a plurality of websites different from the first website, wherein the user specified limitations include a list of company websites the user is authorized to access, and wherein the common token can be invalidated upon violation of any of the user specified limitations; inserting the common token into a second website operating without a common trust to the first website; verifying that the inserted common token is valid via a second interface; and allowing a task to be performed on the second website on behalf of the user via a third interface in response to verifying that the common token is valid. - View Dependent Claims (9)
-
Specification