×

Systems and methods for validating client authentication using protected timing data

  • US 8,914,633 B1
  • Filed: 07/21/2011
  • Issued: 12/16/2014
  • Est. Priority Date: 07/21/2011
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method to validate client authentication using timing data, comprising:

  • authenticating credentials entered by a user on a client;

    upon authenticating the credentials entered by the user, validating the client authentication using timing data, comprising;

    receiving, by a processor, a connection request from the client, the connection request comprising a request to connect the client to an Internet-based resource, the credentials being authenticated and the client authentication being validated using timing data to determine whether to allow the client to connect to the Internet-based resource;

    receiving, by the processor, a validation token with the connection request;

    verifying, by the processor, the received validation token with an issuing server by matching the received validation token with a validation token generated by the issuing server;

    calculating, by the processor, timing data that indicate a time to transmit the data to the client and receive the retransmitted data from the client;

    applying, by the processor, a protective element to the timing data, wherein the protective element comprises a digital signature;

    transmitting, by the processor, data to the client, wherein the client retransmits the data, and wherein the data comprises the digitally signed timing data;

    receiving, by the processor, the retransmitted data from the client; and

    transmitting the digitally signed timing data to a timing verification server, wherein the timing verification server determines whether the timing data fall within a predetermined range of timing data.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×