Application authentication system and method
First Claim
1. A method for validating executable program code operating on at least one computing device, the method comprising:
- executing first program instructions on a first computing device, wherein the first program instructions include a request for access to at least one sensitive resource pertaining to a second computing device;
transmitting from the first computing device to the second computing device an authentication request for access to the at least one sensitive resource pertaining to the second computing device;
generating, in real-time, by the second computing device, in response to the authentication request required for access to the at least one sensitive resource and received from the first computing device, an authentication challenge comprising a non-predetermined set of instructions performing an operation in response to the authentication request;
executing, by the second computing device, the authentication challenge, and generating an expected authentication response of the second computing device from said execution by the second computing device;
transmitting the authentication challenge from the second computing device to the first computing device;
executing, by the first computing device, the authentication challenge, and generating a pre-validated authentication response from said execution by the first computing device;
receiving from the first computing device by the second computing device the pre-validated authentication challenge;
performing validation by determining whether the pre-validated authentication response is a validated authentication response by comparing the pre-validated authentication response to the expected authentication response; and
granting the first computing device access to the at least one sensitive resource pertaining to the second computing device if the pre-validated authentication response is determined to be a validated authentication response.
5 Assignments
0 Petitions
Accused Products
Abstract
A system and method are provided for validating executable program code operating on at least one computing device. Program instructions that include a request for access to sensitive information are executed on a first computing device. An authentication request for access to the electronic information is sent from the first computing device to a second computing device. In response to the authorization request, a challenge is sent from the second computing device to the first computing device. The first computing device executes the challenge and generates an authentication response that includes at least one memory object associated with the program instructions. The response is sent to the second computing device from the first computing device, and the second computing device generates and sends a verification to the first computing device confirming that at least some of the first program instructions have not been altered or tampered with, and further grants the first computing device access to at least some of the electronic information.
-
Citations
24 Claims
-
1. A method for validating executable program code operating on at least one computing device, the method comprising:
-
executing first program instructions on a first computing device, wherein the first program instructions include a request for access to at least one sensitive resource pertaining to a second computing device; transmitting from the first computing device to the second computing device an authentication request for access to the at least one sensitive resource pertaining to the second computing device; generating, in real-time, by the second computing device, in response to the authentication request required for access to the at least one sensitive resource and received from the first computing device, an authentication challenge comprising a non-predetermined set of instructions performing an operation in response to the authentication request; executing, by the second computing device, the authentication challenge, and generating an expected authentication response of the second computing device from said execution by the second computing device; transmitting the authentication challenge from the second computing device to the first computing device; executing, by the first computing device, the authentication challenge, and generating a pre-validated authentication response from said execution by the first computing device; receiving from the first computing device by the second computing device the pre-validated authentication challenge; performing validation by determining whether the pre-validated authentication response is a validated authentication response by comparing the pre-validated authentication response to the expected authentication response; and granting the first computing device access to the at least one sensitive resource pertaining to the second computing device if the pre-validated authentication response is determined to be a validated authentication response. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for validating executable program code operating on a first computing device, the method comprising:
-
executing first program instructions, wherein the first program instructions include a request for access to at least one sensitive resource pertaining to a second computing device; transmitting to the second computing device an authentication request for access to the at least one sensitive resource pertaining to the second computing device; wherein the second computing device;
(i) generates, in real-time, in response to the authentication request required for access to the at least one sensitive resource and received from the first computing device, an authentication challenge comprising a non-predetermined set of instructions performing an operation in response to the authentication request; and
(ii) executes the authentication challenge, and generates an expected authentication response of the second computing device from said execution;receiving the authentication challenge from to the second computing device; executing the authentication challenge and generating a pre-validated authentication response from said execution; transmitting to the second computing device the pre-validated authentication challenge; and wherein the second computing device;
(i) performs validation by determining whether the pre-validated authentication response is a validated authentication response by comparing the pre-validated authentication response to the expected authentication response; and
(ii) grants the first computing device access to the at least one sensitive resource pertaining to the second computing device if the pre-validated authentication response is determined to be a validated authentication response. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A method for validating by a second computing device executable program code operating on a first computing device, the method of the second computing device comprising:
-
wherein in response to first program instructions executing on a first computing device, wherein the first program instructions include a request for access to at least one sensitive resource pertaining to the second computing device, receiving from the first computing device an authentication request for access to the at least one sensitive resource pertaining to the second computing device; generating, in real-time, in response to the authentication request required for access to the at least one sensitive resource and received from the first computing device, an authentication challenge comprising a non-predetermined set of instructions performing an operation in response to the authentication request; executing the authentication challenge, and generating an expected authentication response from said execution; transmitting the authentication challenge to the first computing device; wherein, by the first computing device, the authentication challenge is executed, and a pre-validated authentication response is generated from said execution; receiving from the first computing device the pre-validated authentication challenge; performing validation by determining whether the pre-validated authentication response is a validated authentication response by comparing the pre-validated authentication response to the expected authentication response; and granting the first computing device access to the at least one sensitive resource if the pre-validated authentication response is determined to be a validated authentication response. - View Dependent Claims (22, 23)
-
-
24. A system for validating executable program code operating on at least one computing device, the system comprising:
-
a first computing device; and a second computing device, and further comprising; executing first program instructions on the first computing device, wherein the first program instructions include a request for access to at least one sensitive resource pertaining to a second computing device; transmitting from the first computing device to the second computing device an authentication request for access to the at least one sensitive resource pertaining to the second computing device; generating, in real-time, by the second computing device, in response to the authentication request required for access to the at least one sensitive resource and received from the first computing device, an authentication challenge comprising a non-predetermined set of instructions performing an operation in response to the authentication request; executing, by the second computing device, the authentication challenge, and generating an expected authentication response of the second computing device from said execution by the second computing device; transmitting the authentication challenge from the second computing device to the first computing device; executing, by the first computing device, the authentication challenge, and generating a pre-validated authentication response from said execution by the first computing device; receiving from the first computing device by the second computing device the pre-validated authentication challenge; performing validation by determining whether the pre-validated authentication response is a validated authentication response by comparing the pre-validated authentication response to the expected authentication response; and granting the first computing device access to the at least one sensitive resource pertaining to the second computing device if the pre-validated authentication response is determined to be a validated authentication response.
-
Specification