Method and apparatus for token-based transaction tagging
First Claim
1. An apparatus comprising:
- a memory operable to;
store a first subject token associated with a user, wherein the first subject token indicates a form of user authentication has been performed by the user;
store a second subject token associated with a device, wherein the second subject token indicates a form of device authentication has been performed by the device;
store a session token associated with a session, wherein;
the form of user authentication and the form of device authentication must be performed in order for the session to be generated; and
the session facilitates processing of a transaction, the transaction representing an action taken against a resource during the session; and
store a resource token associated with a resource; and
a processor operable to;
monitor the session;
determine that the transaction qualifies for additional monitoring;
in response to the determination, generate a tag, the tag being unique to the transaction;
associate the tag with the transaction to facilitate tracing of the transaction;
add the tag to the first subject token;
trace the transaction during the processing of the transaction by following the tag, wherein tracing the transaction allows the steps taken to process the transaction to be recreated; and
communicate a message to transfer the transaction to an isolated processing unit in response to the determination that the transaction qualifies for additional monitoring, wherein the isolated processing unit processes the transaction in isolation.
1 Assignment
0 Petitions
Accused Products
Abstract
According to one embodiment, an apparatus may monitor a session that facilitates the processing of a transaction. The transaction may represent an action taken against a resource during the session. The apparatus may determine that the transaction qualifies for additional monitoring, and in response, generate a tag. The tag may be unique to the transaction. The apparatus may then associate the tag with the transaction to facilitate tracing of the transaction. The apparatus may then trace the transaction during the processing of the transaction by following the tag, and communicate a message to transfer the transaction to an isolated processing unit. The isolated processing unit processes the transaction in isolation.
34 Citations
21 Claims
-
1. An apparatus comprising:
-
a memory operable to; store a first subject token associated with a user, wherein the first subject token indicates a form of user authentication has been performed by the user; store a second subject token associated with a device, wherein the second subject token indicates a form of device authentication has been performed by the device; store a session token associated with a session, wherein; the form of user authentication and the form of device authentication must be performed in order for the session to be generated; and the session facilitates processing of a transaction, the transaction representing an action taken against a resource during the session; and store a resource token associated with a resource; and a processor operable to; monitor the session; determine that the transaction qualifies for additional monitoring; in response to the determination, generate a tag, the tag being unique to the transaction; associate the tag with the transaction to facilitate tracing of the transaction; add the tag to the first subject token; trace the transaction during the processing of the transaction by following the tag, wherein tracing the transaction allows the steps taken to process the transaction to be recreated; and communicate a message to transfer the transaction to an isolated processing unit in response to the determination that the transaction qualifies for additional monitoring, wherein the isolated processing unit processes the transaction in isolation. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for monitoring transactions in a token-based environment, comprising:
-
storing, by a memory, a first subject token associated with a user, wherein the first subject token indicates a form of user authentication has been performed by the user; storing, by the memory, a second subject token associated with a device, wherein the second subject token indicates a form of device authentication has been performed by the device; storing, by the memory, a session token associated with a session, wherein; the form of user authentication and the form of device authentication must be performed in order for the session to be generated; and the session facilitates processing of a transaction, the transaction representing an action taken against a resource during the session; storing, by the memory, a resource token associated with a resource; monitoring, by a hardware processor, the session; determining, by the processor, that the transaction qualifies for additional monitoring; in response to the determination, generating, by the processor, a tag, the tag being unique to the transaction; associating, by the processor, the tag with the transaction to facilitate tracing of the transaction; adding, by the processor, the tag to the first subject token; tracing, by the processor, the transaction during the processing of the transaction by following the tag, wherein tracing the transaction allows the steps taken to process the transaction to be recreated; and communicating, by the processor, a message to transfer the transaction to an isolated processing unit in response to the determination that the transaction qualifies for additional monitoring, wherein the isolated processing unit processes the transaction in isolation. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. One or more computer-readable non-transitory storage media embodying software that is operable when executed to:
-
store a first subject token associated with a user, wherein the first subject token indicates a form of user authentication has been performed by the user; store a second subject token associated with a device, wherein the second subject token indicates a form of device authentication has been performed by the device; store a session token associated with a session, wherein; the form of user authentication and the form of device authentication must be performed in order for the session to be generated; and the session facilitates processing of a transaction, the transaction representing an action taken against a resource during the session; store a resource token associated with a resource; monitor the session; determine that the transaction qualifies for additional monitoring; in response to the determination, generate a tag, the tag being unique to the transaction; associate the tag with the transaction to facilitate tracing of the transaction; add the tag to the first subject token; trace the transaction during the processing of the transaction by following the tag, wherein tracing the transaction allows the steps taken to process the transaction to be recreated; and communicate a message to transfer the transaction to an isolated processing unit in response to the determination that the transaction qualifies for additional monitoring, wherein the isolated processing unit processes the transaction in isolation. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification