Patent · US Active

System and method for website authentication using a shared secret

US8060916B2 · kind B2 · utility

146Cited by

6References

16Claims

0Family size

Assignee

Symantec Corporation · US

Inventors

Siddharth Bajaj · San Francisco, US
Roxana Alina Bradescu · Davis, US
Jeffrey Burstein · San Jose, US
David M'Raihi · Redwood City, US
Nicolas Popp · Menlo Park, US

Key dates

Filing date	Nov 6, 2006
Grant date	Nov 15, 2011
Priority date	—
Expiry date	Jun 15, 2030

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/2119
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A web site can be authenticated by a third party authentication service. A user designates an authentication device that is a shared secret between the user and the authentication service. A web site page includes a URL that points to the authentication service. The URL includes a digital signature by the web site. When the user receives the page, the user's browser issues a request to the authentication service, which attempts to authenticate the digital signature. If the authentication is successful, it sends the authentication device to the user computer.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.