Brokering multiple authentications through a single proxy

Assignee

• EMC Corporation · US

Inventors

• Anton Khitrenovich · Netanya, IL
• Oleg Freylafert · Hod HaSharon, IL
• Yedidya Dotan · Newton, US
• Lawrence N. Friedman · Arlington, US
• Karl Ackerman · Topsfield, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/08
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A method includes (a) receiving, from an application server, a login message for a user, the login message including a user credential for a credential-based authentication (CBA), (b) forwarding the user credential to a CBA server for the CBA, (c) in response, receiving, an authentication decision message from the CBA server, (d) sending decision information from the authentication decision message received from the CBA server to a risk-based authentication (RBA) server, the RBA server being distinct from the CBA server, the decision information to be used by the RBA server in performing RBA authentication decisions, (e) if the authentication decision message is positive, then sending a challenge message to the application server to initiate RBA to be performed by the RBA server supplementary to the CBA, and (f) if the authentication decision message is negative, then sending a rejection message to the application server.