On-demand service security system and method for managing a risk of access as a condition of permitting access to the on-demand service
First Claim
Patent Images
1. A method, comprising:
- receiving a request to access an on-demand service from a client at one of a plurality of entities of the on-demand service;
determining that a source of the request to access the on-demand service provides a risk of access, the determination being based at least in part on both;
received information associated with at least one of a plurality of users, andstored information of the one of the plurality of entities of on-demand service to which the access is requested;
in response to the request to access the on-demand service and the determination that the source of the request provides the risk of access, managing the risk of access to the on-demand service by the client utilizing a processor by;
generating a message utilizing a valid username associated with the client as well as contact information for the client stored locally at the on-demand service, where the message is generated in response to the receipt of the entry of the valid username and a valid password by the client;
providing via the message a valid token to the client as a condition of permitting access to the on-demand service by the client, wherein the valid token is provided to the client by the on-demand service;
receiving a second request to access the on-demand service from the client at another one of the plurality of entities; and
in response to receiving the second request to access the on-demand service, and after providing the valid token to the client, verifying a machine identifier of a device associated with the client as a condition of permitting access to the on-demand service by the client.
1 Assignment
0 Petitions
Accused Products
Abstract
There are provided mechanisms and methods for managing a risk of access to an on-demand service as a condition of permitting access to the on-demand service. These mechanisms and methods for providing such management can help prohibit an unauthorized user from accessing an account of an authorized user when the authorized user inadvertently loses login information. The ability to provide such management may lead to an improved security feature for accessing on-demand services.
177 Citations
11 Claims
-
1. A method, comprising:
-
receiving a request to access an on-demand service from a client at one of a plurality of entities of the on-demand service; determining that a source of the request to access the on-demand service provides a risk of access, the determination being based at least in part on both; received information associated with at least one of a plurality of users, and stored information of the one of the plurality of entities of on-demand service to which the access is requested; in response to the request to access the on-demand service and the determination that the source of the request provides the risk of access, managing the risk of access to the on-demand service by the client utilizing a processor by; generating a message utilizing a valid username associated with the client as well as contact information for the client stored locally at the on-demand service, where the message is generated in response to the receipt of the entry of the valid username and a valid password by the client; providing via the message a valid token to the client as a condition of permitting access to the on-demand service by the client, wherein the valid token is provided to the client by the on-demand service; receiving a second request to access the on-demand service from the client at another one of the plurality of entities; and in response to receiving the second request to access the on-demand service, and after providing the valid token to the client, verifying a machine identifier of a device associated with the client as a condition of permitting access to the on-demand service by the client. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A non-transitory machine-readable medium carrying one or more sequences of instructions which, when executed by one or more processors, cause the one or more processors to carry out the steps of:
-
receiving a request to access an on-demand service from a client at one of a plurality of entities of the on-demand service; determining that a source of the request to access the on-demand service provides a risk of access, the determination being based at least in part on both; received information associated with at least one of a plurality of users, and stored information of the one of the plurality of entities of on-demand service to which the access is requested; in response to the request to access the on-demand service and the determination that the source of the request provides the risk of access, managing the risk of access to the on-demand service by the client by; generating a message utilizing a valid username associated with the client as well as contact information for the client stored locally at the on-demand service, where the message is generated in response to the receipt of the entry of the valid username and a valid password by the client; providing via the message a valid token to the client as a condition of permitting access to the on-demand service by the client, wherein the valid token is provided to the client by the on-demand service; receiving a second request to access the on-demand service from the client at another one of the plurality of entities; and in response to receiving the second request to access the on-demand service, and after providing the valid token to the client, verifying a machine identifier of a device associated with the client as a condition of permitting access to the on-demand service by the client.
-
-
11. An apparatus, comprising:
-
a hardware processor; and one or more stored sequences of instructions which, when executed by the processor, cause the processor to carry out the steps of; receiving a request to access an on-demand service from a client at one of a plurality of entities of the on-demand service; determining that a source of the request to access the on-demand service provides a risk of access, the determination being based at least in part on both; received information associated with at least one of a plurality of users, and stored information of the one of the plurality of entities of on-demand service to which the access is requested; in response to the request to access the on-demand service and the determination that the source of the request provides the risk of access, managing the risk of access to the on-demand service by the client by; generating a message utilizing a valid username associated with the client as well as contact information for the client stored locally at the on-demand service, where the message is generated in response to the receipt of the entry of the valid username and a valid password by the client; providing via the message a valid token to the client as a condition of permitting access to the on-demand service by the client, wherein the valid token is provided to the client by the on-demand service; receiving a second request to access the on-demand service from the client at another one of the plurality of entities; and in response to receiving the second request to access the on-demand service, and after providing the valid token to the client, verifying a machine identifier of a device associated with the client as a condition of permitting access to the on-demand service by the client.
-
Specification