Controlled and client-side authentication module

US 9,477,830 B2
Filed: 11/17/2008
Issued: 10/25/2016
Est. Priority Date: 07/21/2005
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method comprising:

monitoring a browser process executed by a computing device, the monitoring performed by a first application that executes on the computing device;

detecting an attempt by a user to log into a website via the browser process, wherein the detecting is performed by the first application;

in response to the attempt, instructing the user to activate a second application that resides in portable memory separate from the computing device, wherein the second application comprises a security key associated with a trusted website;

determining whether or not the attempt is an attempt to log into the trusted website;

when it is determined that the attempt is an attempt to log into the trusted website,reading state information from the browser process and direct the user to a new browser process having the same state as the user was in the browser process prior to determining that the attempt is an attempt to log into the trusted website, andthe second application providing the security key; and

supplying to the trusted website, via the new browser process, a trusted root certificate associated with the trusted website to direct the second application to login to a non-preconfigured website associated with the trusted website.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computerized method of accessing a secure resource using an application associated with a user'"'"'s computing device is provided. The application is programmed, in part, to monitor user browsing activity and wherein the application has associated therewith one or more predefined Uniform Resource Locaters (URLs) to trusted sites, each having an associated trusted root certificate and security key. The method includes the application detecting a user attempt to log into a secure resource, the application scanning in-process browser processes to identify a browser process that is in a login state, the application associating the browser process in a login state with one of the trusted sites, the application initiating a new browser session with the trusted site using the associated predefined URL, the application obtaining a login password from the user, the application supplying to the trusted site the associated security key and login password, and the user'"'"'s computer displaying subsequent browsing activity.

Citations

18 Claims

1. A computer-implemented method comprising:
- monitoring a browser process executed by a computing device, the monitoring performed by a first application that executes on the computing device;
  
  detecting an attempt by a user to log into a website via the browser process, wherein the detecting is performed by the first application;
  
  in response to the attempt, instructing the user to activate a second application that resides in portable memory separate from the computing device, wherein the second application comprises a security key associated with a trusted website;
  
  determining whether or not the attempt is an attempt to log into the trusted website;
  
  when it is determined that the attempt is an attempt to log into the trusted website,reading state information from the browser process and direct the user to a new browser process having the same state as the user was in the browser process prior to determining that the attempt is an attempt to log into the trusted website, andthe second application providing the security key; and
  
  supplying to the trusted website, via the new browser process, a trusted root certificate associated with the trusted website to direct the second application to login to a non-preconfigured website associated with the trusted website.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising:
    - terminating the browser process in response to determining that the attempt is an attempt to log into the trusted website; and
      
      initiating the new browser process on the computing device.
  - 3. The method of claim 2, further comprising supplying to the trusted website via the new browser process the security key associated with the trusted website, the security key including an Advanced Encryption Standard (AES) cipher or a Triple Data Encryption Standard (TDES) cipher.
  - 4. The method of claim 2, further comprising:
    - receiving a password from the user for accessing the trusted website; and
      
      supplying the password together with the security key to the trusted website via the new browser process.
  - 5. The method of claim 4, wherein the portable memory stores the trusted root certificate.
  - 6. The method of claim 2, further comprising reading state information from the browser process and storing the read state information, wherein the new browser process is initiated using the stored state information such that the user is taken to the same state in the new browser process as the user was in in the browser process prior to determining that the attempt is an attempt to log into the trusted website.
  - 7. The method of claim 1, further comprising:
    - when it is determined that the attempt is not an attempt to log into the trusted website, performing one or more of returning control to the user and communicating a warning to the user.
  - 8. The method of claim 1, further comprising:
    - initiating a new browser process on the computing device using a predefined identifier associated with the trusted web site in response to determining that the user is attempting to log into the trusted web site, wherein the predefined identifier is a URL of the trusted website.
  - 9. The method of claim 1, wherein the determining further comprises identifying the browser process as being in a log-in state with a secure resource and directing the browser process determined to be in the log-in state to a predefined Uniform Resource Locator (URL) of the trusted web site.
  - 10. The method of claim 1, wherein determining whether or not the attempt is an attempt to log into the trusted website includes scanning, by the first application, one or more browser processes executed by the computing device for a predefined Uniform Resource Locater (URL).

11. A tangible non-transitory computer-readable medium having stored thereon computer-executable instructions that, when executed, cause a computing device to perform operations including:
- monitor a browser process executed by the computing device;
  
  detect an attempt by a user to log into a website via the browser process;
  
  in response to the attempt, instruct the user to interface portable memory to the computing device, wherein the portable memory comprises a security key associated with a trusted website;
  
  determine whether or not the attempt is an attempt to log into the trusted website;
  
  when it is determined that the attempt is an attempt to log into the trusted website,cause the computing device to initiate a new browser process using state information read from the browser process such that the user is taken to the same state in the new browser process as the user was in the browser process prior to determining that the attempt is an attempt to log into the trusted website, andcause the computing device to provide the security key to the trusted website; and
  
  supply to the trusted website, via the new browser process, a trusted root certificate associated with the trusted website to login to another website via a request signed by the trusted root certificate.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The tangible non-transitory computer-readable medium of claim 11, wherein the instructions, when executed, further cause the computing device to terminate the browser process when it is determined that the attempt is an attempt to log into the trusted website.
  - 13. The tangible non-transitory computer-readable medium of claim 11, wherein the security key comprises an Advanced Encryption Standard (AES) cipher or a Triple Data Encryption Standard (TDES) cipher.
  - 14. The tangible non-transitory computer-readable medium of claim 11, wherein causing the computing device to provide the security key to the trusted website further comprises receiving a password from the user and cause the computing device to provide the password received by the user and the security key stored in the portable memory to the trusted website to log-in the user.
  - 15. The tangible non-transitory computer-readable medium of claim 11, wherein the instructions that cause the computing device to determine whether or not the attempt is an attempt to log into the trusted website cause the computing device to scan one or more browser processes for a predefined Uniform Resource Locater (URL).

16. A computing device comprising:
- a processor that is configured to;
  
  monitor a browser process executed by the computing device;
  
  detect an attempt by a user to log into a website via the browser process;
  
  in response to the attempt, instruct the user to interface portable memory to the computing device, wherein the portable memory comprises a security key associated with a trusted website;
  
  determine whether or not the attempt is an attempt to log into the trusted website;
  
  when it is determined that the attempt is an attempt to log into the trusted website, causing the computing device toprovide the security key to the trusted website;
  
  terminate the browser process in response to determining that the attempt is an attempt to log into the trusted website;
  
  initiate a new browser process on the computing device, andread state information from the browser process and storing the read state information, wherein the new browser process is initiated using the stored state information such that the user is taken to the same state in the new browser process as the user was in the browser process prior to determining that the attempt is an attempt to log into the trusted website; and
  
  supply to the trusted website, via the new browser process, a trusted root certificate associated with the trusted website to login to a non-preconfigured website associated with the trusted website.
- View Dependent Claims (17, 18)
- - 17. The computing device of claim 16, wherein the security key comprises an Advanced Encryption Standard (AES) cipher or a Triple Data Encryption Standard (TDES) cipher.
  - 18. The computing device of claim 16, wherein determining whether or not the attempt is an attempt to log into the trusted website includes scanning one or more browser processes for a predefined Uniform Resource Locater (URL).

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Original Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Inventors
Hird, Geoffrey
Primary Examiner(s)
ZAIDI, SYED A

Application Number

US12/272,205
Publication Number

US 20090165109A1
Time in Patent Office

2,899 Days
Field of Search

726/7
US Class Current

1/1
CPC Class Codes

G06F 21/33   using certificates

H04L 2209/60   Digital content management,...

H04L 9/0631   Substitution permutation ne...

H04L 9/3226   using a predetermined code,...

H04L 9/3263   involving certificates, e.g...

Controlled and client-side authentication module

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Controlled and client-side authentication module

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links