Proxy server-based network site account management

US 9,674,175 B2
Filed: 02/16/2016
Issued: 06/06/2017
Est. Priority Date: 03/11/2013
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

a server computing device; and

a proxy server application executable in the server computing device, wherein when executed the proxy server application causes the server computing device to at least;

receive, from a client computing device, an initial request for a secured resource on a network site;

generate, via the server computing device, a request for the secured resource on the network site based at least in part on stored account information;

send the request from the server computing device to an external server corresponding to the network site;

receive the secured resource from the external server; and

send the secured resource from the server computing device to the client computing device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed are various embodiments for network site account management using a proxy server. A request for a secured resource on a network site is generated based at least in part on stored account information in response to receiving an initial request for the secured resource from a client. The request is sent to the network site. The secured resource is sent to the client in response to receiving the secured resource from the network site.

117 Citations

20 Claims

1. A system, comprising:
- a server computing device; and
  
  a proxy server application executable in the server computing device, wherein when executed the proxy server application causes the server computing device to at least;
  
  receive, from a client computing device, an initial request for a secured resource on a network site;
  
  generate, via the server computing device, a request for the secured resource on the network site based at least in part on stored account information;
  
  send the request from the server computing device to an external server corresponding to the network site;
  
  receive the secured resource from the external server; and
  
  send the secured resource from the server computing device to the client computing device.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system of claim 1, wherein when executed the proxy server application further causes the server computing device to at least verify, via the server computing device, an identity of the network site by comparing a first domain name associated with a trusted certificate provided by the network site with a second domain name associated with the network site in the stored account information.
  - 3. The system of claim 2, wherein when executed the proxy server application further causes the server computing device to at least:
    - generate, via the server computing device, data encoding a user interface that displays a warning; and
      
      send the data encoding the user interface from the server computing device to the client computing device in response to a failure to verify the identity of the network site.
  - 4. The system of claim 1, wherein when executed the proxy server application further causes the server computing device to at least end a client session with the proxy server application after a predetermined period of inactivity.
  - 5. The system of claim 1, wherein when executed the proxy server application further causes the server computing device to at least end a client session with the proxy server in response to a logout of an operating system account of the client computing device.
  - 6. The system of claim 1, wherein when executed the proxy server application further causes the server computing device to at least:
    - generate, via the server computing device, data encoding a user interface that facilitates selection from among a plurality of authentication management providers;
      
      send, via the server computing device, the data encoding the user interface to the client computing device; and
      
      receive, via the server computing device, a user selection of a particular authentication management provider of the plurality of authentication management providers; and
      
      receive the stored account information from the particular authentication management provider indicated by the user selection.

7. A method, comprising:
- receiving, via a proxy server application executed in a server computing device, a first network resource request from a client computing device;
  
  authenticating, via the proxy server application executed in the server computing device, with a network site corresponding to the first network resource request using stored account information;
  
  sending, via the proxy server application executed in the server computing device, a second network resource request to the network site based at least in part upon the first network resource request;
  
  receiving, via the proxy server application executed in the server computing device, a network resource from the network site; and
  
  sending, via the proxy server application executed in the server computing device, the network resource to the client computing device.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The method of claim 7, further comprising:
    - establishing, via the proxy server application executed in the server computing device, a session with the client computing device;
      
      determining that the session is expired; and
      
      ending, via the proxy server application executed in the server computing device, the session with the client computing device.
  - 9. The method of claim 7, further comprising:
    - establishing, via the proxy server application executed in the server computing device, a session with the client computing device;
      
      receiving, from the client computing device, a request to end the session; and
      
      ending, via the proxy server application executed in the server computing device, the session with the client computing device.
  - 10. The method of claim 7, wherein the client computing device is one of a plurality of client computing devices, and the proxy server application is configured to accommodate a plurality of users corresponding to the plurality of client computing devices.
  - 11. The method of claim 7, further comprising:
    - authenticating, via the proxy server application executed in the server computing device, with an authentication management service using a security credential associated with the authentication management service; and
      
      receiving, via the proxy server application executed in the server computing device, the stored account information from the authentication management service.
  - 12. The method of claim 11, further comprising automatically resetting, via the proxy server application executed in the server computing device, the security credential in response to receiving, from the authentication management service, a request to reset the security credential.

13. A non-transitory computer-readable medium embodying a proxy server application executable in a server computing device, wherein when executed the proxy server application causes the server computing device to at least:
- receive, from a client computing device, a request for a network resource;
  
  authenticate, via the proxy server application executed in the server computing device, the client computing device with a network site hosted by an external server using a security credential stored in account data for an account with the network site;
  
  request, via the proxy server application executed in the server computing device, the network resource from the network site;
  
  receive, via the proxy server application executed in the server computing device, the network resource from the network site; and
  
  send, via the proxy server application executed in the server computing device, the network resource to the client computing device.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The non-transitory computer-readable medium of claim 13, wherein when executed the proxy server application further causes the server computing device to at least create the account via an account creation endpoint of the network site based at least in part upon stored user information.
  - 15. The non-transitory computer-readable medium of claim 13, wherein when executed the proxy server application further causes the server computing device to at least generate data encoding a user interface that facilitates entry of user information required to create the account.
  - 16. The non-transitory computer-readable medium of claim 13, wherein when executed the proxy server application further causes the server computing device to at least upgrade the account based at least in part upon user information stored in the account data.
  - 17. The non-transitory computer-readable medium of claim 13, wherein the account data is received via a network from an authentication management service.
  - 18. The non-transitory computer-readable medium of claim 13, wherein when executed the proxy server application further causes the server computing device to at least establish a session with the client computing device and erase the account data from the server computing device upon expiration of the session.
  - 19. The non-transitory computer-readable medium of claim 13, wherein when executed the proxy server application further causes the server computing device to at least decrypt the account data using a decryption key received from the client computing device.
  - 20. The non-transitory computer-readable medium of claim 19, wherein the decryption key corresponds to an operating system credential of the client computing device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Hitchcock, Daniel Wade, Campbell, Brad Lee, Bhimanaik, Bharath Kumar
Primary Examiner(s)
AVERY, JEREMIAH L

Application Number

US15/044,709
Publication Number

US 20160164863A1
Time in Patent Office

476 Days
Field of Search

None
US Class Current
CPC Class Codes

H04L 63/0281   Proxies

H04L 63/0823   using certificates cryptogr...

H04L 63/0884   by delegation of authentica...

H04L 67/01   Protocols

H04L 67/14   Session management for real...

H04L 67/56   Provisioning of proxy servi...

Proxy server-based network site account management

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

117 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Proxy server-based network site account management

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

117 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links