Confidence-based authentication discovery for an outbound proxy
US9722991B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jan 4, 2016 |
| Grant date | Aug 1, 2017 |
| Priority date | — |
| Expiry date | Jan 4, 2036 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L9/321
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A confidence-based authentication discovery scheme is implemented at a proxy. The scheme assumes that some level of unauthenticated browsing is allowed prior to enforcing authentication at the proxy. Once a known and trusted set of identity providers has been accessed and the user is required to authenticate at the proxy (e.g., as a result of policy), the proxy initiates Federated Single Sign-On (F-SSO) to one or more (or, preferably, all) known sites accessed by the browser. This F-SSO operation is performed seamlessly, preferably without the user's knowledge (after the user allows an initial trust decision between the proxy acting as a service provider and the external identity provider). The proxy collates the results and, based on the trust it has with those sites, produces a confidence score. That score is then used as input into policy around whether or not a user should be permitted to access a particular site.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.