Inter-application delegated authentication
First Claim
Patent Images
1. A method for authenticating an application executing on a client device, the method comprising:
- receiving an authentication request from a first application executing on a client device;
identifying, at a server remote from the client device, a plurality of trusted applications executing on the client device to which authentication of the first application is delegable, the plurality of trusted applications being previously authenticated using a device profile, the device profile comprising information associated with the client device;
selecting a second application from the plurality of applications based on the device profile; and
authenticating the first application with the device profile associated with the client device based on the first application continuing authentication via the selected second application.
4 Assignments
0 Petitions
Accused Products
Abstract
Disclosed is a system for delegating authentication of an untrusted application executing on a client device. For delegated authentication, an untrusted application relies on a trusted application executing in the same environment for authentication purposes. The delegated authentication process avoids requiring the user of the untrusted application to provide authentication credentials. The disclosed system for delegating authentication enables any trusted application executing in the same computing environment to authenticate the untrusted application.
26 Citations
30 Claims
-
1. A method for authenticating an application executing on a client device, the method comprising:
-
receiving an authentication request from a first application executing on a client device; identifying, at a server remote from the client device, a plurality of trusted applications executing on the client device to which authentication of the first application is delegable, the plurality of trusted applications being previously authenticated using a device profile, the device profile comprising information associated with the client device; selecting a second application from the plurality of applications based on the device profile; and authenticating the first application with the device profile associated with the client device based on the first application continuing authentication via the selected second application. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A non-transitory computer readable storage medium storing instructions for authenticating an application executing on a client device, the instructions when executed by a processor causes the processor to:
-
receive an authentication request from a first application executing on a client device; identify, at a server remote to the client device, a plurality of trusted applications executing on the client device to which authentication of the first application is delegable, the plurality of trusted applications being previously authenticated using a device profile, the device profile comprising information associated with the client device; select a second application from the plurality of trusted application based on the device profile; and authenticate the first application with the device profile associated with the client device based on the first application continuing authentication via the selected second application. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A method for authenticating an application executing on a client device, the method comprising:
-
receiving an authentication request from a first application executing on a first client device; identifying, at a server remote from the client device, a second application executing on a second client device to which authentication of the first application on the first client device is delegable, the second application being previously authenticated with credentials associated with the second client device; transmitting an instruction to the first application to continue authentication via the second application; and authenticating the first application with the credentials associated with the second client device based on the first application on the first client device continuing authentication via the second application on the second client device; and responsive to the authentication, sharing information between the first application and the second application based on the credentials associated with the second client device. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A non-transitory computer readable storage medium storing instructions for authenticating an application executing on a client device, the instructions when executed by a processor causes the processor to:
-
receive an authentication request from a first application executing on a first client device; identify, at a server remote from the client device, a second application executing on a second client device to which authentication of the first application on the first client device is delegable, the second application being previously authenticated with credentials associated with the second client device; transmit an instruction to the first application to continue authentication via the second application; and authenticate the first application with the credentials associated with the second client device based on the first application on the first client device continuing authentication via the second application on the second client device; and responsive to the authentication, share information between the first application and the second application based on the credentials associated with the second client device. - View Dependent Claims (17, 18, 19, 20)
-
-
21. A system comprising a processor and a memory storing computer program instructions for authenticating an application on a client device, the instructions when executed by a processor causes the processor to:
-
receive an authentication request from a first application executing on a client device; identify, at a server remote to the client device, a plurality of trusted applications executing on the client device to which authentication of the first application is delegable, the plurality of trusted applications being previously authenticated using a device profile, the device profile comprising information associated with the client device; select a second application from the plurality of trusted application based on the device profile; and authenticate the first application with the device profile associated with the client device based on the first application continuing authentication via the selected second application. - View Dependent Claims (22, 23, 24, 25)
-
-
26. A system comprising a processor and a memory storing computer program instructions for authenticating an application on a client device, the instructions when executed by a processor causes the processor to:
-
receive an authentication request from a first application executing on a first client device; identify, at a server remote from the client device, a second application executing on a second client device to which authentication of the first application on the first client device is delegable, the second application being previously authenticated with credentials associated with the second client device; transmit an instruction to the first application to continue authentication via the second application; and authenticate the first application with the credentials associated with the second client device based on the first application on the first client device continuing authentication via the second application on the second client device; and responsive to the authentication, share information between the first application and the second application based on the credentials associated with the second client device. - View Dependent Claims (27, 28, 29, 30)
-
Specification