Systems and methods for internet-wide monitoring and protection of user credentials

Assignee

• Akamai Technologies, Inc. · US

Inventors

• Emile Delcourt · Wellesley, US
• Harish Somaraddi · Cambridge, US
• Tadhg Pearson · Somerville, US
• Branko Matijasevic · Quincy, US
• Blair Charles Caple · Sudbury, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L2463/082
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Among other things, this document describes systems, methods, and apparatus for monitoring and protecting a user credential issued by an organization when that credential is used outside that organization's network security perimeter. For example, a reverse proxy server (RPS) receives a client request directed to a content provider's site. The RPS initiates a process that involves parsing the request message and extracting a user credential. The RPS locates a credential policy from the credential owner based on the user credential. The RPS can issue an API request to a credential service that is authoritative for the credential. That credential service may return a directive to the RPS specifying how to handle the client request message. Preferably, the operation is transparent to the content provider whose site was the target of the client's request message. Activity records can be presented in visualizations that enhance security analysts' tactical comprehension at a glance.