Device independent authentication system and method

US 8,572,712 B2
Filed: 03/07/2012
Issued: 10/29/2013
Est. Priority Date: 10/18/2002
Status: Expired due to Term

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A method comprising:

receiving, by a computer based system for initiating a secure communication session, a http request file and browser identification data, wherein the http request file includes client agent data and communication device model data;

analyzing, by the computer based system, the browser identification data to selectively grant access to proceed based upon a determination that a device sending the http request file is a supported type of device;

at least one of by the computer based system, comparing the client agent data to authorized client agents, or comparing the communication device model data to authorized communication device models on an associated database; and

based on the comparing, at least one of;

configure, grant, or deny access, by the computer based system, to the host web server.

View all claims

4 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Accused Products

Abstract

A system is disclosed which facilitates authentication processes with web-enabled wireless devices, including those that do not support the use of cookie files. To facilitate such authentication, a web server analyzes an HTTP request file from a communication device for the presence of security token data. Where none is found, a client is directed to a login page for input of authentication data, such as a user name and password information. Upon proper authentication, the client'"'"'s communication device is issued a security token using standard HTML-INPUT tags. Thereafter, the web server determines if each additional HTTP request file received from the client includes a security token before responding to the request.

84 Citations

View as Search Results

20 Claims

1. A method comprising:
- receiving, by a computer based system for initiating a secure communication session, a http request file and browser identification data, wherein the http request file includes client agent data and communication device model data;
  
  analyzing, by the computer based system, the browser identification data to selectively grant access to proceed based upon a determination that a device sending the http request file is a supported type of device;
  
  at least one of by the computer based system, comparing the client agent data to authorized client agents, or comparing the communication device model data to authorized communication device models on an associated database; and
  
  based on the comparing, at least one of;
  
  configure, grant, or deny access, by the computer based system, to the host web server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The method of claim 1, further comprising receiving, by the computer based system, authentication credentials.
  - 3. The method of claim 1, further comprising receiving authentication credentials, by the computer based system, over a secure communication channel.
  - 4. The method of claim 1, further comprising transmitting, by the computer based system, a security token in response to authentication credentials having been authenticated.
  - 5. The method of claim 1, wherein an error message is transmitted to the device. sending the http request file, in response to the device not being a supported device,
  - 6. The method of claim 1, wherein access to proceed is not established, in response to the device not being a supported device.
  - 7. The method of claim 1, further comprising transmitting, by the computer based system, an encrypted security token in a reply communication.
  - 8. The method of claim 1, further comprising transmitting, by the computer based system, an encrypted security token in a reply communication, within an HTML INPUT tag.
  - 9. The method of claim 8, wherein the transmitting is in response to a determination of no security token being present in the HTTP request file.
  - 10. The method of claim 1, further comprising receiving, by the computer based system, a request to initiate a secure session comprising an encrypted security token.
  - 11. The method of claim 1, further comprising analyzing, by the computer based system, the HTTP request file for a presence of a security token.
  - 12. The method of claim 1, wherein a communication device associated with at least one of the client agent data or the communication device model data is at least one of a wireless device or a PC-based device.
  - 13. The method of claim 1, further comprising receiving, by the computer based system, URL information identifying a type of a communication device issuing the request.
  - 14. The method of claim 1, further comprising receiving, by the computer based system, device-specific browser information identifying a type of communication device issuing the request.
  - 15. The method of claim 1, further comprising:
    - issuing, by the computer based system, a login page in response to a determination of no security token being present in the HTTP request file, wherein the login page requests input of at least one of a user name or a password;
      
      validating, by the computer based system, the user name or the password; and
      
      issuing the security token in response to the successful validating.
  - 16. The method of claim 1, wherein a security token facilitates at least one of:
    - establishing a secure session with a web server or tracking a particular web session within a web site.

17. An article of manufacture including a non-transitory, tangible computer readable storage medium having instructions stored thereon that, in response to execution by a computer-based system for initiating a secure communication session, cause the computer-based system to perform operations comprising:
- receiving, by the computer based system, a http request file and browser identification data, wherein the http request file includes client agent data and communication device model data;
  
  analyzing, by the computer based system, the browser identification data to selectively grant access to proceed based upon a determination that a device sending the http request file is a supported type of device;
  
  at least one of by the computer based system, comparing the client agent data to authorized client agents, or comparing the communication device model data to authorized communication device models on an associated database; and
  
  based on the comparing, at least one of;
  
  configure, grant, or deny access, by the computer based system, to the host web server.
- View Dependent Claims (18, 19)
- - 18. The medium of claim 17, wherein an error message is transmitted to the device sending the http request file, in response to the device not being a supported device.
  - 19. The medium of claim 17, wherein access to proceed is not established, in response to the device not being a supported device.

20. A system comprising:
- a processor for initiating a secure communication session,a tangible, non-transitory memory configured to communicate with the processor,the tangible, non-transitory memory having instructions stored thereon that, in response to execution by the processor, cause the processor to perform operations comprising;
  
  receiving, by the processor, a http request file and browser identification data, wherein the http request file includes client agent data and communication device model data;
  
  analyzing, by the processor, the browser identification data to selectively grant access to proceed based upon a determination that a device sending the http request file is a supported type of device;
  
  at least one of, by the processor, comparing the client agent data to authorized client agents, or comparing the communication device model data to authorized communication device models on an associated database; and
  
  based on the comparing, at least one of;
  
  configure, grant, or deny access, by the processor, to the host web server.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Liberty Peak Ventures, LLC (Dominion Harbor Enterprises, LLC)
Original Assignee
American Express Travel Related Services Company, Inc. (American Express Company)
Inventors
Rice, Mike, Keshav, Sineesh
Primary Examiner(s)
Gregory, Shaun

Application Number

US13/413,847
Publication Number

US 20120167182A1
Time in Patent Office

601 Days
Field of Search

None
US Class Current

726/9
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/168   above the transport layer

Device independent authentication system and method

First Claim

4 Assignments

Litigations

0 Petitions

Accused Products

Abstract

84 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Device independent authentication system and method

First Claim

4 Assignments

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

84 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links