Secure client-side communication between multiple domains
First Claim
1. A computer-implemented method comprising:
- receiving, by a server, authentication information of a user for a first domain and a second domain from a client system;
authenticating an identity of the user based at least in part upon the authentication information;
generating a set of instructions for client-side communication between the first domain and the second domain in response to a request received from the client system, the set of instructions indicating instructions that are permitted to be used in the client-side communication between the first domain and the second domain;
generating cryptographic construct data, using one or more processors in one or more computer systems, for the set of instructions; and
sending the set of instructions and the cryptographic construct data to the client system.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and systems for secure client-side communication between multiple domains is provided. Such methods and systems can provide for decreased communication latency particularly effective for dynamic multi-domain and/or multi-tenant environments while allowing for granular security or specific security of messages and operations with regard to users, user sessions, groups, organizations, permissions sets, applications, or any other logical delineation. Such methods and systems may involve a variety of security components, for example, at least one set of instructions including a plurality of defined instruction to be utilized by users of the set of instructions to communicate, and cryptographic construct data in order to verify the data integrity and the authenticity of messages sent and received using the secure client-side communication between multiple domains.
-
Citations
22 Claims
-
1. A computer-implemented method comprising:
-
receiving, by a server, authentication information of a user for a first domain and a second domain from a client system; authenticating an identity of the user based at least in part upon the authentication information; generating a set of instructions for client-side communication between the first domain and the second domain in response to a request received from the client system, the set of instructions indicating instructions that are permitted to be used in the client-side communication between the first domain and the second domain; generating cryptographic construct data, using one or more processors in one or more computer systems, for the set of instructions; and sending the set of instructions and the cryptographic construct data to the client system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method comprising:
-
providing authentication information of a user for a first domain and a second domain to a server; receiving a set of instructions for client-side communication between the first domain and the second domain, the set of instructions including one or more operations mapped to at least one instruction ID and indicating instructions that are permitted to be used in the client-side communication between the first domain and the second domain; receiving cryptographic construct data for the set of instructions; identifying a first instruction ID corresponding to a first set of one or more operations; generating, using one or more processors in one or more computer systems, a first message using the cryptographic construct data; and sending the first message to a recipient. - View Dependent Claims (18, 19, 20, 21)
-
-
22. A system for secure client-side communication between multiple domains, the system comprising:
-
at least one web-enabled client device configured to; provide authentication information of a user for a first domain and a second domain; receive a set of instructions and a cryptographic construct data, the set of instructions including one or more operations mapped to at least one instruction ID; identify a first instruction ID corresponding to a first set of one or more operations; generate a first message using the cryptographic construct data; send the message to a recipient; detect a second message; validate the second message using the cryptographic construct data; identify a second set of one or more operations corresponding to a second instruction ID; and perform the second set of operations; and at least one web-enabled server device configured to; receive the authentication information of the user for the first domain and the second domain from the at least one client device; authenticate an identity of the user based at least in part upon the authentication information; generate the set of instructions for client-side communication between the first domain and the second domain in response to a request received from the at least one client device; generate the cryptographic construct data for the set of instructions; and send the set of instructions and the cryptographic construct data to the at least one client device.
-
Specification