Authenticating with an external device by providing a message having message fields arranged in a particular message field order
First Claim
1. In a user device, a method of performing authentication with an external device, the method comprising:
- receiving, by electronic circuitry of the user device, a messaging command;
providing, by the electronic circuitry, a message to the external device in response to the messaging command, the message including message fields which store message operating parameters, the message fields of the message being arranged in a particular message field order to match an expected message field order during a message field order comparison operation performed by the external device to gauge authenticity of the user device;
wherein providing the message includes;
forming a header section of the message, the header section including, as the message fields arranged in the particular message field order, a current sequence of header fields in compliance with a standard protocol;
wherein the method further comprises;
prior to providing the message, provisioning the electronic circuitry with a preconfigured Uniform Resource Locator (URL); and
wherein providing the message further includes receiving, by the electronic circuitry, a destination URL which identifies a destination for the message, the electronic circuitry being constructed and arranged to (i) send the message to the external device when the destination URL matches the preconfigured URL and (ii) block release of the message to the external device when the destination URL does not match the preconfigured URL.
9 Assignments
0 Petitions
Accused Products
Abstract
A technique performs authentication with an external device. The technique involves receiving, by electronic circuitry, a messaging command. The technique further involves providing, by the electronic circuitry, a message to the external device in response to the messaging command. The message includes message fields which store message operating parameters e.g., Hypertext Transfer Protocol (HTTP) header fields containing HTTP operating parameters to form part of an HTTP transaction. The message fields of the message are arranged in a particular order to match an expected order during an order comparison operation performed by the external device to gauge authenticity of the message source. If the particular order matches the expected order, there is lower risk that the message source is fraudulent. However, if the particular order does not match the expected order, there is higher risk that the message source is fraudulent.
-
Citations
18 Claims
-
1. In a user device, a method of performing authentication with an external device, the method comprising:
-
receiving, by electronic circuitry of the user device, a messaging command; providing, by the electronic circuitry, a message to the external device in response to the messaging command, the message including message fields which store message operating parameters, the message fields of the message being arranged in a particular message field order to match an expected message field order during a message field order comparison operation performed by the external device to gauge authenticity of the user device; wherein providing the message includes; forming a header section of the message, the header section including, as the message fields arranged in the particular message field order, a current sequence of header fields in compliance with a standard protocol; wherein the method further comprises; prior to providing the message, provisioning the electronic circuitry with a preconfigured Uniform Resource Locator (URL); and wherein providing the message further includes receiving, by the electronic circuitry, a destination URL which identifies a destination for the message, the electronic circuitry being constructed and arranged to (i) send the message to the external device when the destination URL matches the preconfigured URL and (ii) block release of the message to the external device when the destination URL does not match the preconfigured URL. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An electronic apparatus, comprising:
-
a communications interface; memory; and processing circuitry coupled to the communications interface and the memory, the memory storing instructions which, when carried out by the processing circuitry, cause the processing circuitry to; receive a messaging command, provide a message to the external device through the communications interface in response to the messaging command, the message including message fields which store message operating parameters, the message fields of the message being arranged in a particular message field order to match an expected message field order during a message field order comparison operation performed by the external device to gauge authenticity of the user device; wherein the processing circuitry caused to provide the message is further caused to; form a header section of the message, the header section including, as the message fields arranged in the particular message field order, a current sequence of header fields in compliance with a standard protocol; wherein the message further includes a body section storing a user identifier to uniquely identify a particular user currently using the user device; and wherein the processing circuitry caused to form the header section is further caused to; perform a sequencing operation to generate the current sequence of header fields from a multitude of possible sequences of header fields based on the user identifier.
-
-
12. A computer program product having a non-transitory computer readable medium which stores a set of instructions to perform authentication with an external device, the set of instructions, when carried out by computerized circuitry, causing the computerized circuitry to perform a method of:
-
receiving a messaging command; providing a message to the external device in response to the messaging command, the message including message fields which store message operating parameters, the message fields of the message being arranged in a particular message field order to match an expected message field order during a message field order comparison operation performed by the external device to gauge authenticity of the user device; wherein providing the message includes; forming a header section of the message, the header section including, as the message fields arranged in the particular message field order, a current sequence of header fields in compliance with a standard protocol; wherein the method further comprises; prior to providing the message, provisioning the electronic circuitry with a preconfigured Uniform Resource Locator (URL); and wherein providing the message further includes receiving, by the electronic circuitry, a destination URL which identifies a destination for the message, the electronic circuitry being constructed and arranged to (i) send the message to the external device when the destination URL matches the preconfigured URL and (ii) block release of the message to the external device when the destination URL does not match the preconfigured URL.
-
-
13. In an authentication server, a method of performing authentication with an external device, the method comprising:
-
receiving, by electronic circuitry of the authentication server, a message from an external device, the message including message fields which store message operating parameters, the message fields of the message being arranged in a particular message field order; performing, by the electronic circuitry, a message field order comparison operation to compare the particular message field order to an expected message field order to gauge authenticity of the external device; and processing, by the electronic circuitry, the message based on a result of the message field order comparison operation; wherein the message has a header section which includes, as the message fields arranged in the particular message field order, a current sequence of header fields in compliance with a standard protocol; and wherein performing the message field order comparison operation includes comparing the current sequence of header fields of the header section of the message to an expected sequence of header fields; wherein the message further includes a body section storing a user identifier to uniquely identify a particular user currently using the external device; and
wherein the method further comprises;performing a sequencing operation to generate the expected sequence of header fields from a multitude of possible sequences of header fields based on the user identifier. - View Dependent Claims (14, 15, 16)
-
-
17. An electronic apparatus, comprising:
-
a communications interface; memory; and processing circuitry coupled to the communications interface and the memory, the memory storing instructions which, when carried out by the processing circuitry, cause the processing circuitry to; receive a message from an external device through the communications interface, the message including message fields which store message operating parameters, the message fields of the message being arranged in a particular message field order; perform a message field order comparison operation to compare the particular message field order to an expected message field order to gauge authenticity of the external device; and process the message based on a result of the message field order comparison operation; wherein the message has a header section which includes, as the message fields arranged in the particular message field order, a current sequence of header fields in compliance with a standard protocol; and wherein the processing circuitry caused to perform the message field order comparison operation is further caused to compare the current sequence of header fields of the header section of the message to an expected sequence of header fields; wherein the message further includes a body section storing a user identifier to uniquely identify a particular user currently using the external device; and wherein the processing circuitry is further caused to perform a sequencing operation to generate the expected sequence of header fields from a multitude of possible sequences of header fields based on the user identifier.
-
-
18. A computer program product having a non-transitory computer readable medium which stores a set of instructions to perform authentication with an external device, the set of instructions, when carried out by computerized circuitry, causing the computerized circuitry to perform a method of:
-
receiving a message from an external device, the message including message fields which store message operating parameters, the message fields of the message being arranged in a particular message field order; performing a message field order comparison operation to compare the particular message field order to an expected message field order to gauge authenticity of the external device; and processing the message based on a result of the message field order comparison operation; wherein the message has a header section which includes, as the message fields arranged in the particular message field order, a current sequence of header fields in compliance with a standard protocol; and wherein performing the message field order comparison operation includes;
comparing the current sequence of header fields of the header section of the message to an expected sequence of header fields;wherein the message further includes a body section storing a user identifier to uniquely identify a particular user currently using the external device; and
wherein the method further comprises;performing a sequencing operation to generate the expected sequence of header fields from a multitude of possible sequences of header fields based on the user identifier.
-
Specification