Patent · US Active

Ticket based strong authentication with web service

US8584224B1 · kind B1 · utility

51Cited by

0References

19Claims

0Family size

Assignee

Symantec Corporation · US

Inventors

Mingliang Pei · Palo Alto, US
Jeff Burstein · San Jose, US
Liyu Yi · Fremont, US
Rosarin Jolly Roy Antonyraj · Sunnyvale, US
Rong Cao · Milpitas, US

Key dates

Filing date	Apr 13, 2011
Grant date	Nov 12, 2013
Priority date	—
Expiry date	Oct 5, 2031

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/0823
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A system for authenticating a user to a relying party. A user sends an access request to a relying party web application. In response, the application sends a page with JavaScript that detects a plug-in at the user and detects the relying party domain. The plug-in uses its device certificate or other pre-established credentials to sign a challenge along with other site and user information including the site domain, the authentication service URL and user identifier, and send it, along with the data including the domain and the user identifier, to an authentication service. The service authenticates the information and sends back to the plug-in a short ticket that can be passed on to the relying party, which can validate it using the Radius protocol and an authentication service call, thereby authenticating the user.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.