Method and system of providing a picture password proof of knowledge as a web service
First Claim
1. A picture password server providing a picture password proof of knowledge of an image, said picture password server comprising:
- a processor operable to;
create a login token in response to a request for the login token including an identifier which identifies a user when communicating with a relying party server, the request originating from the relying party server;
send the login token to the relying party server;
receive a communication from a client browser, the communication comprising the login token;
in response to verifying that the login token is valid, receive a plurality of actions from the client browser regarding the picture password proof of knowledge of the image;
in response to authenticating the plurality of actions from the client browser regarding the picture password proof of knowledge of the image based on stored information for the identifier, generate and send a communication comprising an authentication token to the client browser;
receive, from the relying party server, a request for an identification token, the request including the authentication token; and
in response to verifying that the authentication token is valid, send a communication comprising the identification token to the relying party server to enable a login to the relying party server at the client browser.
1 Assignment
0 Petitions
Accused Products
Abstract
A server provides a picture password proof of knowledge. The server includes a processor creating a user identifier when communicating with a relying party (RP) server, sending the identifier to the RP server, creating a login token in response to a user authentication request originating from a client browser (CB), sending a web address containing the login token to the RP server, receiving and authenticating actions from the CB regarding the proof of knowledge, generating and sending an authentication token to the CB responsive to the received and authenticated actions, receiving from the RP server a request for an identification token, the request including the authentication token, and generating and sending the identification token to the RP server to enable the user at the CB to be verified and logged-in to the RP server.
-
Citations
23 Claims
-
1. A picture password server providing a picture password proof of knowledge of an image, said picture password server comprising:
a processor operable to; create a login token in response to a request for the login token including an identifier which identifies a user when communicating with a relying party server, the request originating from the relying party server; send the login token to the relying party server; receive a communication from a client browser, the communication comprising the login token; in response to verifying that the login token is valid, receive a plurality of actions from the client browser regarding the picture password proof of knowledge of the image; in response to authenticating the plurality of actions from the client browser regarding the picture password proof of knowledge of the image based on stored information for the identifier, generate and send a communication comprising an authentication token to the client browser; receive, from the relying party server, a request for an identification token, the request including the authentication token; and in response to verifying that the authentication token is valid, send a communication comprising the identification token to the relying party server to enable a login to the relying party server at the client browser. - View Dependent Claims (2)
-
3. A method of providing a picture password proof of knowledge of an image by a picture password server, said method comprising:
-
creating a login token in response to a request for the login token including an identifier which identifies a user when communicating with a relying party server, the request originating from the relying party server; sending the login token to the relying party server; receiving a communication from a client browser, the communication comprising the login token; in response to verifying that the login token is valid, receiving a plurality of actions from the client browser regarding the picture password proof of knowledge of the image; in response to authenticating the plurality of actions from the client browser regarding the picture password proof of knowledge of the image based on stored information for the identifier, generating and sending a communication comprising an authentication token to the client browser; receiving, from the relying party server, a request for an identification token from the relying party server, the request including the authentication token; and in response to verifying that the authentication token is valid, send a communication comprising the identification token to the relying party server to enable a login to the relying party server at the client browser. - View Dependent Claims (4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A system providing a picture password proof of knowledge of an image, said system comprising:
-
a relying party server; a client device including a web browser; and a web server cooperating with the relying party server and the web browser of the client device, said web server being operable to; create a login token in response to a request for the login token including an identifier which identifies a user when communicating with a relying party server, the request originating from the relying party server; send the login token to the relying party server for redirection of the web browser; receive a communication from the web browser, the communication comprising the login token; in response to verifying that the login token is valid, receive a plurality of actions from the web browser regarding the picture password proof of knowledge of the image; in response to authenticating the plurality of actions from the web browser regarding the picture password proof of knowledge of the image based on stored information for the identifier, generate and send a communication comprising an authentication token to the web browser; receive, from the relying party server, a request for an identification token, the request including the authentication token; and in response to verifying that the authentication token is valid, send a communication comprising the identification token to the relying party server to enable a login to the relying party server at the web browser. - View Dependent Claims (23)
-
Specification