Augmenting service provider and third party authentication
US9137228B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Jun 28, 2013 |
| Grant date | Sep 15, 2015 |
| Priority date | — |
| Expiry date | Sep 13, 2033 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2463/082
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
An SP's default user authentication is automatically augmented. An access request from a user is redirected from the SP to an authentication augmentation system. The SP also sends an augmentation request. The augmentation system redirects the access request to an IdP, and receives back an authenticated user identity. The default authentication is automatically augmented with additional techniques such as identity proofing and/or multifactor authentication, without the SP or the IdP modifying their code to implement or integrate the augmented authentication. Responsive to successfully authenticating the user according to the additional techniques, an augmented authenticated user identity is redirected to the SP. The augmentation system can use an identity management protocol such as SAML to communicate with the SP and IdP. Authentication performed by a third party and extended to the SP can be augmented, in which case a session id can be used to access third party services.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.