Verifying requests for access to a service provider using an authentication component
First Claim
1. In a computing environment, a method for processing at least one verification request for accessing a service provider, the method performed at least in part on at least one processor, the method comprising:
- examining at least one security token received from a user, wherein the at least one security token and a public key are configured using at least one user identifier associated with the user;
accessing an authentication component that is generated using at least one revoked security token or at least one valid security token, the authentication component including at least one of a blacklist including the at least one revoked security token or a whitelist including the at least one valid security token;
applying the authentication component to the public key to verify the security token, wherein the authentication component is configured to prove validity of the at least one security token; and
revoking the at least one security token based on the validity of the at least one security token by one of adding the at least one security token to the blacklist or removing the at least one security token from the whitelist.
3 Assignments
0 Petitions
Accused Products
Abstract
The subject disclosure is directed towards processing requests for accessing a service provider. After examining at least one security token, a public key and a portion of attribute information are identified. An authentication component is accessed and applied to the public key. A unique user identifier is employed in generating the public key. The authentication component is generated using information from at least one revoked security token or at least one valid security token. The authentication component is configured to prove validity of the at least one security token.
-
Citations
20 Claims
-
1. In a computing environment, a method for processing at least one verification request for accessing a service provider, the method performed at least in part on at least one processor, the method comprising:
-
examining at least one security token received from a user, wherein the at least one security token and a public key are configured using at least one user identifier associated with the user; accessing an authentication component that is generated using at least one revoked security token or at least one valid security token, the authentication component including at least one of a blacklist including the at least one revoked security token or a whitelist including the at least one valid security token; applying the authentication component to the public key to verify the security token, wherein the authentication component is configured to prove validity of the at least one security token; and revoking the at least one security token based on the validity of the at least one security token by one of adding the at least one security token to the blacklist or removing the at least one security token from the whitelist. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. In a computing environment, a system, comprising:
-
a memory, wherein the memory comprises computer useable program code; one or more processing units coupled to the memory; and a verification mechanism implemented on the one or more processing units and coupled to an authentication service for issuing at least one security token to a user and computing an authentication component, wherein the authentication component is utilized to determine membership of the user to a blacklist or a whitelist using a private key associated with at least one user identifier and at least one private key associated with at least one revoked security token included on the blacklist or at least one valid security token included on the whitelist, wherein the at least one security token is configured to use at least one user identifier, and wherein the verification mechanism is configured to apply the authentication component to a public key associated with the at least one user identifier to provide validity of the at least one security token, and revoke the at least one security token by one of adding the at least one security token to the blacklist or removing the at least one security token from the whitelist. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. One or more computer storage devices having computer-executable instructions, which upon execution perform operations, comprising:
-
processing a security token from at least one user, wherein the security token is either a revoked security token included on a blacklist or a valid security token included on a whitelist; and accessing an authentication component associated with the security token for proving validity of the at least one security token to the service provider, wherein the authentication component is generated using at least one user identifier associated with at least one revoked security token included on the blacklist or at least one valid security token included on the whitelist and at least a portion of the attribute information, and revoking the at least one security token based on the validity of the at least one security token by one of adding the at least one security token to the blacklist or removing the at least one security token from the whitelist. - View Dependent Claims (18, 19, 20)
-
Specification