×

Authenticating a user device associated with a user to communicate via a wireless network in a secure web-based environment

  • US 10,778,682 B1
  • Filed: 10/01/2019
  • Issued: 09/15/2020
  • Est. Priority Date: 01/26/2015
  • Status: Active Grant
0
Associated Cases
0
Associated Defendants
0
Product Citations
0
Petitions
1
Forward Citation
2
Assignments
First Claim
Patent Images

1. A computer system comprising:

  • (a) a web server associated with a first ip address;

    (b) a server sub-system operatively connected to the web server and associated with a second ip address; and

    (c) an identity provider sub-system operatively connected to the web server,wherein the identity provider sub-system is associated with the first ip address, andwherein the identity provider sub-system is configured to perform the following steps;

    (1) receiving, at the identity provider sub-system via a secure transmission over a wireless network, from a user device associated with a user, an electronic login request comprising login credential data comprising an alphanumeric text sequence,wherein the electronic login request is received by the web server, andwherein the electronic login request is communicated from the user device to the identity provider sub-system via the web server;

    (2) verifying, by the identity provider subsystem, that the login credential data is valid login credential data,wherein the login credential data is verified if the login credential data is valid login credential data;

    (3) in the case where the login credential data is verified, generating, at the identity provider sub-system;

    (A) a first payload comprising login credential verification information and a first session identifier; and

    (B) a first digital signature of the identity provider sub-system comprising a first hash of the first payload, the first hash being encrypted using a first identity provider sub-system private key;

    (4) transmitting, from the identity provider sub-system to the user device via the secure transmission over the wireless network, the first payload and the first digital signature,wherein the first payload and the first digital signature are communicated by the identity provider sub-system to the user device via the web server;

    (5) receiving, from the user device via the secure transmission over the wireless network at the identity provider sub-system;

    (A) a second payload comprising the first session identifier and a first one-time token generated by the user device using a shared secret seed; and

    (B) a second digital signature of the user device comprising a second hash of the second payload,wherein the second payload and the second digital signature are communicated by the user device to the identity provider sub-system via the web server;

    (6) verifying, by the identity provider sub-system, the second payload;

    (7) in the case where the second payload is verified, authorizing, by the identity provider sub-system, the user device to communicate with the server sub-system associated with the second ip address via the identity provider sub-system; and

    (8) transmitting, from the user device via the secure transmission over the wireless network to the server sub-system, a third payload, and a third digital signature,wherein the third payload and third digital signature are communicated by the user device to the server sub-system via the identity provider sub-system and the web server.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×