System, method and computer program product for providing unified authentication services for online applications
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-017/30
H04L-009/00
H04K-001/00
출원번호
US-0814971
(2001-03-23)
등록번호
US-7441263
(2008-10-21)
발명자
/ 주소
Bakshi,Bikram S
Helms,David W
Rochon,Anthony C
Walker,Trevor J
출원인 / 주소
Citibank, N.A.
대리인 / 주소
Marcou,George T.
인용정보
피인용 횟수 :
36인용 특허 :
119
초록▼
A system, method and computer program product for providing unified authentication services in an Application Service Provider (ASP) setting to a registered end-user of one or more online (or web) applications. The system includes client side components, a user management component coupled to the c
A system, method and computer program product for providing unified authentication services in an Application Service Provider (ASP) setting to a registered end-user of one or more online (or web) applications. The system includes client side components, a user management component coupled to the client side components and server side components coupled to the user management component. The client side components include an authentication control component that manages the process of capturing a user-determined policy for a first account and user credentials. This allows the user to define the level of protection to access the first account. This includes, but is not limited to, accounts/applications that have been configured specifically for used with the system and particular user credentials and accounts that have been subsequently set up but configured to use the same user credentials. The client side components then communicate the result of capturing the user-determined policy and user credentials to the user management component. The user management component stores the user-determined policy and user credentials in a centralized location. In addition, the user management component organizes the user-determined policy and user credentials such that the user credentials can be reused for user authentication to a second account. Finally, the server side components include an authentication server. The user management component indicates to the authentication server to use the user-determined policy for user authentication to the first account.
대표청구항▼
What is claimed is: 1. A system for providing user authentication to a first account provided by a first server via a communication medium, comprising: client side components; a user management component coupled to said client side components via the communication medium; and server side components
What is claimed is: 1. A system for providing user authentication to a first account provided by a first server via a communication medium, comprising: client side components; a user management component coupled to said client side components via the communication medium; and server side components coupled to said user management component via the communication medium, wherein said client side components include an authentication control component that manages a process of capturing a user-determined policy for the first account and user credentials, thereby allowing a user to define a level of protection by selecting one or more identification devices from a list of at least two identification devices that are used to execute the policy for accessing the first account and wherein said client side components communicate the result of capturing said user-determined policy and said user credentials to said user management component, wherein said user management component stores said user-determined policy and said user credentials in a centralized location and organizes said user-determined policy and said user credentials such that said user credentials can be reused for user authentication to a second account provided by a second server; wherein said user-determined policy for the first account and a second user-determined policy for said second account utilize different sets of devices; and wherein said server side components include an authentication server, and wherein said user management component indicates to said authentication server to use said user-determined policy for user authentication to the first account. 2. The system of claim 1, wherein the communication medium is the Internet. 3. The system of claim 1, wherein the communication medium is a local network. 4. The system of claim 1, wherein the communication medium is a wireless network. 5. The system of claim 1, wherein the first server and said second server are web servers. 6. The system of claim 1, wherein the first server and said second server are application servers. 7. The system of claim 1, wherein said authentication control component is checked for integrity each time it is invoked. 8. The system of claim 1, wherein the first server and said second server are unrelated. 9. The system of claim 1, wherein the first server and said second server are related. 10. A method for providing user authentication to a first account provided by a first server via a communication medium, comprising the steps of: managing, via an authentication control component, the process of capturing a user-determined policy for the first account and user credentials, thereby allowing a user to define a level of protection by selecting one or more identification devices from a list of at least two identification devices that are used to execute the policy for accessing the first account; communicating, from said authentication control component to a user management component, the result of capturing said user-determined policy and said user credentials; organizing, by said user management component, said user-determined policy and said user credentials in a centralized location such that said user credentials can be reused for user authentication to a second account provided by a second server; wherein said user-determined policy for the first account and a second user-determined policy for said second account utilize different sets of devices; and indicating, by said user management component to said authentication server, to use said user-determined policy for user authentication to the first account. 11. The method of claim 10, wherein the communication medium is the Internet. 12. The method of claim 10, wherein the communication medium is a local network. 13. The method of claim 10, wherein the communication medium is a wireless network. 14. The method of claim 10, wherein the first server and said second server are web servers. 15. The method of claim 10 wherein the first server and said second server are application servers. 16. The method of claim 10 wherein said authentication control component is checked for integrity each time it is invoked. 17. The method of claim 10, wherein the first server and said second server are unrelated. 18. The method of claim 10, wherein the first server and said second server are related.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (119)
Gokcebay Asil T. (San Francisco CA), Access control system with mechanical keys which store data.
Cheng Jane (Spring Valley Rockland NY) Martinez Edgar (East White Plains NY) Naik Jayant (Stamford Fairfield CT), Apparatus and accompanying methods for preventing toll fraud through use of centralized caller voice verification.
Kapp Michael A. (New Philadelphia) Protheroe Robert L. (Cambridge) Onega Albert (Lore City OH), Apparatus and method for producing a digitized transaction record including an encrypted signature.
Berson William (Westport CT) Zemlok Kenneth C. (Shelton CT), Apparatus for verifying an identification card and identifying a person by means of a biometric characteristic.
Regnier Barbara Ann ; Youngers David Nicholas ; Dettinger Richard Dean ; Spors Daniel Arlan ; Thorson John David, Client/server computer system having personalizable and securable views of database data.
Gainsboro Jay L. (5 Bancroft Cir. Framingham MA 01701), Computer-based method and apparatus for controlling, monitoring, recording and reporting telephone access.
Sehr Richard P. (2276 Creek Bed Ct. Santa Clara CA 95054), Computerized theme park information management system utilizing partitioned smart cards and biometric verification.
Matchett Noel D. (1001 Spring St. ; Ste. 123 Silver Spring MD 20910) Kehoe Brian D. (1001 Spring St. ; Ste. 123 Silver Spring MD 20910), Continuous biometric authentication matrix.
Cohen Richard Jay ; Forsberg Richard Allen ; Kallfelz ; Jr. Paul A. ; Meckstroth John Robert ; Pascoe Christopher James ; Snow-Weaver Andrea Lynn, Coordinating user target logons in a single sign-on (SSO) environment.
See Michael E. ; Bailey John W. ; Panza Charles L. ; Pikover Yuri ; Stone Geoffrey C., Deterministic user authentication service for communication network.
Schneider John K. (Snyder NY) Keeney Frank W. (Williamsville NY) Drakes Russell J. (Cheektowaga NY) Gojevic Stephen M. (Buffalo NY) Leszczynski Nicholas G. (Amherst NY) Schneider Mark C. (East Amhers, High resolution ultrasonic imaging apparatus and method.
Abtahi Nooral S. (4924 Carmel Rd. Charlotte NC 28226) Shumate ; Sr. Grady C. (Charlotte NC) Heyward Waddie (Charlotte NC) Yang Hedong (Charlotte NC), Method and apparatus for confirming the identity of an individual presenting an identification card.
Lang Gerald S. (812 Downs Dr. Silver Spring MD 20904), Method and apparatus for protecting material on storage media and for transferring material on storage media to various.
Penzias Arno A. (Chatham NJ), Method and apparatus for restrospectively identifying an individual who had engaged in a commercial or retail transactio.
Tomko George J.,CAX ; Stoianov Alexei,CAX, Method and apparatus for securely handling a personal identification number or cryptographic key using biometric techniq.
Tal Peter (53 Driftwood Dr. Port Washington NY 11050), Method and apparatus for uniquely identifying individuals by particular physical characteristics and security system uti.
Larose Gordon Edward,CAX ; Allan David Ian,CAX, Method and system for networked installation of uniquely customized, authenticable, and traceable software application.
Smithies Christopher Paul Kenneth (Corfe Mullen ; Wimborne GB2) Newman Jeremy Mark (Frome ; Somerset GB2), Method and system for the verification of handwritten signatures.
Ugon Michel (Maurepas FRX) Oisel Andr (Elancourt FRX), Method for checking the integrity of a program or data, and apparatus for implementing this method.
Prokoski Francine J. (1510 Inlet Ct. Reston VA 22090) Coffin Jeffrey S. (Sterling VA) Riedel Robert B. (Great Falls VA), Method for identifying individuals from analysis of elemental shapes derived from biosensor data.
Monroe Midori J. (Vancouver IL CAX) Huang George Y. (Chicago IL) Martin Tony D. (Arlington Heights IL), Method of verifying fake-proof video identification data.
Puhl Larry C. (Sleepy Hollow IL) Comroe Richard A. (Dundee IL) Furtaw Robert W. (Arlington Heights IL) Cantarutti Tracey L. (Barrington IL), Portable authentification system.
Turner Stephen J. (Saffron Walden GB2) Lilley John B. (Brentwood GB2), Recognition procedure and an apparatus for carrying out the recognition procedure.
Rodwin Andrew S. ; Wenocur Jonathan H. ; Feinstein Michael G., Remote access apparatus and method which allow dynamic internet protocol (IP) address management.
McAllister Alex (Wheaton MD) Cheston Frank (Potomac MD) Young David E. (Silver Spring MD) Hanle John P. (Silver Spring MD), Selection of a voice recognition data base responsive to video data.
Schwalm Robert C. (Plano TX) Deffner Gerhard P. H. (Dallas TX), System and method for authenticating transmission and receipt of electronic information.
Houvener Robert C. ; Hoenisch Ian P., System and method of providing system integrity and positive audit capabilities to a positive identification system.
Monroe Midori J. (Vancouver IL CAX) Huang George Y. (Chicago IL) Martin Tony D. (Arlington Heights IL), System for encoding personalized identification for storage on memory storage devices.
Bogosian ; Jr. Charles A. (Warwick RI), System for verifying use of a credit/identification card including recording of physical attributes of unauthorized user.
Bianco Peter Garrett ; Boon William Taylor ; Sterling Robert Brewster ; Ware Karl Roger, System, method and computer program product for allowing access to enterprise resources using biometric devices.
Hoffman Ned (Berkeley CA) Pare ; Jr. David F. (Berkeley CA) Lee Jonathan A. (Berkeley CA), Tokenless identification system for authorization of electronic transactions and electronic transmissions.
Novack, Brian; Birkes, Jerry; Drake, Alton; Toretti, Gary, Methods, systems, and computer program products for authenticating an entity through use of a global identity of the entity that serves as a proxy for one or more local identities of the entity.
Bakshi, Bikram S.; Helms, David W.; Rochon, Anthony C.; Walker, Trevor J., System, method and computer program product for providing unified authentication services for online applications.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.