Controlled and client-side authentication module
First Claim
1. A computer-implemented method comprising:
- monitoring a browser process executed by a computing device, the monitoring performed by a first application that executes on the computing device;
detecting an attempt by a user to log into a website via the browser process, wherein the detecting is performed by the first application;
in response to the attempt, instructing the user to activate a second application that resides in portable memory separate from the computing device, wherein the second application comprises a security key associated with a trusted website;
determining whether or not the attempt is an attempt to log into the trusted website;
when it is determined that the attempt is an attempt to log into the trusted website,reading state information from the browser process and direct the user to a new browser process having the same state as the user was in the browser process prior to determining that the attempt is an attempt to log into the trusted website, andthe second application providing the security key; and
supplying to the trusted website, via the new browser process, a trusted root certificate associated with the trusted website to direct the second application to login to a non-preconfigured website associated with the trusted website.
4 Assignments
0 Petitions
Accused Products
Abstract
A computerized method of accessing a secure resource using an application associated with a user'"'"'s computing device is provided. The application is programmed, in part, to monitor user browsing activity and wherein the application has associated therewith one or more predefined Uniform Resource Locaters (URLs) to trusted sites, each having an associated trusted root certificate and security key. The method includes the application detecting a user attempt to log into a secure resource, the application scanning in-process browser processes to identify a browser process that is in a login state, the application associating the browser process in a login state with one of the trusted sites, the application initiating a new browser session with the trusted site using the associated predefined URL, the application obtaining a login password from the user, the application supplying to the trusted site the associated security key and login password, and the user'"'"'s computer displaying subsequent browsing activity.
-
Citations
18 Claims
-
1. A computer-implemented method comprising:
-
monitoring a browser process executed by a computing device, the monitoring performed by a first application that executes on the computing device; detecting an attempt by a user to log into a website via the browser process, wherein the detecting is performed by the first application; in response to the attempt, instructing the user to activate a second application that resides in portable memory separate from the computing device, wherein the second application comprises a security key associated with a trusted website; determining whether or not the attempt is an attempt to log into the trusted website; when it is determined that the attempt is an attempt to log into the trusted website, reading state information from the browser process and direct the user to a new browser process having the same state as the user was in the browser process prior to determining that the attempt is an attempt to log into the trusted website, and the second application providing the security key; and supplying to the trusted website, via the new browser process, a trusted root certificate associated with the trusted website to direct the second application to login to a non-preconfigured website associated with the trusted website. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A tangible non-transitory computer-readable medium having stored thereon computer-executable instructions that, when executed, cause a computing device to perform operations including:
-
monitor a browser process executed by the computing device; detect an attempt by a user to log into a website via the browser process; in response to the attempt, instruct the user to interface portable memory to the computing device, wherein the portable memory comprises a security key associated with a trusted website; determine whether or not the attempt is an attempt to log into the trusted website; when it is determined that the attempt is an attempt to log into the trusted website, cause the computing device to initiate a new browser process using state information read from the browser process such that the user is taken to the same state in the new browser process as the user was in the browser process prior to determining that the attempt is an attempt to log into the trusted website, and cause the computing device to provide the security key to the trusted website; and supply to the trusted website, via the new browser process, a trusted root certificate associated with the trusted website to login to another website via a request signed by the trusted root certificate. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A computing device comprising:
-
a processor that is configured to; monitor a browser process executed by the computing device; detect an attempt by a user to log into a website via the browser process; in response to the attempt, instruct the user to interface portable memory to the computing device, wherein the portable memory comprises a security key associated with a trusted website; determine whether or not the attempt is an attempt to log into the trusted website; when it is determined that the attempt is an attempt to log into the trusted website, causing the computing device to provide the security key to the trusted website; terminate the browser process in response to determining that the attempt is an attempt to log into the trusted website; initiate a new browser process on the computing device, and read state information from the browser process and storing the read state information, wherein the new browser process is initiated using the stored state information such that the user is taken to the same state in the new browser process as the user was in the browser process prior to determining that the attempt is an attempt to log into the trusted website; and supply to the trusted website, via the new browser process, a trusted root certificate associated with the trusted website to login to a non-preconfigured website associated with the trusted website. - View Dependent Claims (17, 18)
-
Specification