Virtual requests
First Claim
1. A system, comprising a servicer computer configured to:
- cause an authentication service computer to store a digital identity certificate of a client computer, the client computer configured to generate the digital identity certificate based at least in part on a private key associated with the client computer;
cause the authentication service computer to determine a validity of the digital identity certificate based at least in part on a public key associated with the digital identity certificate;
initiate a certificate exchange session utilizing a transport layer security (TLS) protocol with the client computer, the certificate exchange session comprising a handshake portion that includes a time-dependent request component, a service-dependent request component, and an action-dependent request component, the action-dependent request component comprising an association between a request of the certificate exchange session and an action the client computer is requested to perform;
enable the client computer to transmit the digital identity certificate to the servicer computer;
compute a servicer certificate exchange receipt based at least in part on the certificate exchange session; and
cause the client computer to compute a client certificate exchange receipt based at least in part on the certificate exchange session.
1 Assignment
0 Petitions
Accused Products
Abstract
A first request from a client using a first protocol is translated into one or more second requests by a servicer using a second protocol through a virtual request using the first protocol. A client may use parameters of the first protocol to pass virtual request components to the servicer. A format agreement between the client, servicer and/or authentication service may allow the servicer and/or authentication service to translate the virtual request components over the first protocol to one or more second requests using the second protocol. Virtual request components may prove the authenticity of the virtual request received by the servicer to an authentication service. Once satisfied the virtual request is valid, the authentication service may issue a credential to the servicer to send the one or more second requests to an independent service. Virtual requests may be included in various protocols, including credential-based protocols and certificate exchange-based protocols.
40 Citations
19 Claims
-
1. A system, comprising a servicer computer configured to:
-
cause an authentication service computer to store a digital identity certificate of a client computer, the client computer configured to generate the digital identity certificate based at least in part on a private key associated with the client computer; cause the authentication service computer to determine a validity of the digital identity certificate based at least in part on a public key associated with the digital identity certificate; initiate a certificate exchange session utilizing a transport layer security (TLS) protocol with the client computer, the certificate exchange session comprising a handshake portion that includes a time-dependent request component, a service-dependent request component, and an action-dependent request component, the action-dependent request component comprising an association between a request of the certificate exchange session and an action the client computer is requested to perform; enable the client computer to transmit the digital identity certificate to the servicer computer; compute a servicer certificate exchange receipt based at least in part on the certificate exchange session; and cause the client computer to compute a client certificate exchange receipt based at least in part on the certificate exchange session. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system, comprising a client computer configured to:
-
generate a digital identity certificate based at least in part on a private key associated with the client computer; cause an authentication service computer to store the digital identity certificate of the client computer; cause the authentication service computer to determine a validity of the digital identity certificate based at least in part on a public key associated with the digital identity certificate; cause a servicer computer to initiate a certificate exchange session utilizing a transport layer security (TLS) protocol with the servicer computer, the certificate exchange session comprising a handshake portion that includes a time-dependent request component, a service-dependent request component, and an action-dependent request component, the action-dependent request component comprising an association between a request of the certificate exchange session and an action the client computer is requested to perform; transmit the digital identity certificate to the servicer computer; compute a client certificate exchange receipt based at least in part on the certificate exchange session; and cause the servicer computer to compute a servicer certificate exchange receipt based at least in part on the certificate exchange session. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A system, comprising an authentication service computer configured to:
-
receive a digital identity certificate of a client computer, the client computer configured to generate the digital identity certificate based at least in part on a private key associated with the client computer; store the digital identity certificate of a client computer; determine a validity of the digital identity certificate based at least in part on a public key associated with the digital identity certificate; cause a servicer computer to initiate a certificate exchange session utilizing a transport layer security (TLS) protocol with the client computer, the certificate exchange session comprising a handshake portion that includes a time-dependent request component, a service-dependent request component, and an action-dependent request component, the action-dependent request component comprising an association between a request of the certificate exchange session and an action the client computer is requested to perform; cause the servicer computer to enable the client computer to transmit the digital identity certificate to the servicer computer; cause the client computer to compute a client certificate exchange receipt based at least in part on the certificate exchange session; and cause the servicer computer to compute a servicer certificate exchange receipt based at least in part on the certificate exchange session. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
Specification