Automated authentication of software applications using a limited-use token
US8132242B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Feb 13, 2006 |
| Grant date | Mar 6, 2012 |
| Priority date | — |
| Expiry date | Nov 25, 2029 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/166
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
In general, the invention is directed to techniques of automated authentication of network-enabled software applications launched by a web browser. For example, an intermediate device, such as a Virtual Private Network (VPN) gateway, intercepts communications between a client device and a server. The gateway device automatically issues a temporary token to the client device when the web browser requests a resource that will result in the launch of an additional software application external to the web browser. This temporary token is only valid for a limited time and a limited number of uses. Subsequently, the gateway device uses the temporary token to authenticate the second software application, thereby avoiding passing user credentials from the web browser to the second application on the client device via an insecure persistent cookie.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.