User device security manager
First Claim
1. An apparatus comprising:
- an identification module comprising one or more hardware processors and configured to identify an access request issued from an application to access remote resources associated with a web service, the application being configured to execute at a user device and being separate from the user device security manager;
an artifact module configured to retrieve at least one user artifact from a security manager identifier (SMID) received from the web service;
a processor-implemented verification module to perform fingerprinting of the user device based on the at least one user artifact;
an acquisition module configured to acquire security information associated with the application, the security information including an application identification and at least an access scope for the application to access the remote resources or a nonce for the application, the acquisition of the security information being performed in response to the access request being identified; and
a communication module configured toissue an authentication request to the web service based on the access request to access the remote resources associated with the web service, the authentication request comprising the security information including the application identification and at least the access scope for the application to access the remote resources or the nonce for the application,transmit the authentication request to the web service for authentication of the application by the web service based on the security information associated with the application, andin response to the authentication request including the security information being transmitted, receiving an indication from the web service that the application is authenticated by the web service based on the security information including the application identification and at least the access scope for the application to access the remote resources or the nonce for the application.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods are disclosed to authenticate and authorize a user for web services using user devices. In various embodiments, a method may comprise: identifying, by a user device security manager executing at a user device corresponding to a user of a web service, a first request issued from an application to access remote resources associated with the web service, the application executing at the user device and separate from the user device security manager; acquiring, by the user device security manager, security information of the application in response to the identifying of the first request, the security information including at least one of an application identification, an access scope or a nonce of the application; and transmitting a second request from the user device security manager to the web service to authenticate the application by the web service based, at least in part, on the application identification.
40 Citations
19 Claims
-
1. An apparatus comprising:
-
an identification module comprising one or more hardware processors and configured to identify an access request issued from an application to access remote resources associated with a web service, the application being configured to execute at a user device and being separate from the user device security manager; an artifact module configured to retrieve at least one user artifact from a security manager identifier (SMID) received from the web service; a processor-implemented verification module to perform fingerprinting of the user device based on the at least one user artifact; an acquisition module configured to acquire security information associated with the application, the security information including an application identification and at least an access scope for the application to access the remote resources or a nonce for the application, the acquisition of the security information being performed in response to the access request being identified; and a communication module configured to issue an authentication request to the web service based on the access request to access the remote resources associated with the web service, the authentication request comprising the security information including the application identification and at least the access scope for the application to access the remote resources or the nonce for the application, transmit the authentication request to the web service for authentication of the application by the web service based on the security information associated with the application, and in response to the authentication request including the security information being transmitted, receiving an indication from the web service that the application is authenticated by the web service based on the security information including the application identification and at least the access scope for the application to access the remote resources or the nonce for the application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method comprising:
-
identifying, by a user device security manager of a user device corresponding to a user of a web service, using one or more hardware processors, an access request issued from an application to access remote resources associated with the web service, the application executing at the user device and being separate from the user device security manager; retrieving at least one user artifact from a security manager identifier (SMID) received from the web service; performing fingerprinting of the user device based on the at least one user artifact; acquiring, by the user device security manager, security information associated with the application, the security information including an application identification and at least an access scope for the application to access the remote resources or a nonce for the application, the acquiring of the security information being performed in response to the identifying of the access request; issuing, by the user device security manager, an authentication request to the web service based on the access request to access the remote resources associated with the web service, the authentication request comprising the security information including the application identification and at least the access scope for the application to access the remote resources or the nonce for the application; transmitting the authentication request from the user device security manager to the web service for authentication of the application by the web service based on the security information associated with the application; and in response to the transmitting of the authentication request including the security information, receiving an indication from the web service that the application is authenticated by the web service based on the security information including the application identification and at least the access scope for the application to access the remote resources or the nonce for the application. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A non-transitory machine-readable storage medium storing instructions that, when executed by one or more hardware processors, cause the one or more hardware processors to perform operations comprising:
-
identifying, by a user device security manager of a user device corresponding to a user of a web service, an access request issued from an application to access remote resources associated with the web service, the application executing at the user device and being separate from the user device security manager; retrieving at least one user artifact from a security manager identifier (SMID) received from the web service; performing fingerprinting of the user device based on the at least one user artifact; acquiring, by the user device security manager, security information associated with the application, the security information including an application identification and at least an access scope for the application to access the remote resources or a nonce for the application, the acquiring of the security information being performed in response to the identifying of the access request; issuing, by the user device security manager, an authentication request to the web service based on the access request to access the remote resources associated with the web service, the authentication request comprising the security information including the application identification and at least the access scope for the application to access the remote resources or the nonce for the application; transmitting the authentication request from the user device security manager to the web service for authentication of the application by the web service based on the security information associated with the application; and in response to the transmitting of the authentication request including the security information, receiving an indication from the web service that the application is authenticated by the web service based on the security information including the application identification and at least the access scope for the application to access the remote resources or the nonce for the application.
-
Specification