Brokered authentication with risk sharing
US10652282B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Feb 15, 2017 |
| Grant date | May 12, 2020 |
| Priority date | — |
| Expiry date | Mar 9, 2038 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L9/3247
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Embodiments described herein are implemented in authentication brokering systems where an authentication broker issues security tokens that represent its authentications of users. Client devices operated by the users store the security tokens and send them to resource providers. The resource providers authenticate and grant access to the users based on validation of the security tokens. Authentication related messages exchanged between the resource providers and the authentication broker are used to exchange authentication risk data that is obtained or derived by the resource providers and the authentication broker. The resource providers obtain authentication risk data directly from the authentication broker and indirectly, via the authentication broker, from each other. As security tokens are used or managed, authentication risk data is shared among the participants in the authentication brokering system. The participants are able to modify their authentication procedures or make authentication decisions based on shared authentication risk data.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.