IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0825044
(2010-06-28)
|
등록번호 |
US-8302163
(2012-10-30)
|
발명자
/ 주소 |
- Mereu, Stephen
- Schnarr, Matt
- Chin, Joseph
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 |
피인용 횟수 :
0 인용 특허 :
24 |
초록
▼
A secure communication module is provided for securing communication between a client application and a network service. The secure communication module comprises an authentication identifier provider for providing the client application a pool of authentication identifiers for use in subsequent com
A secure communication module is provided for securing communication between a client application and a network service. The secure communication module comprises an authentication identifier provider for providing the client application a pool of authentication identifiers for use in subsequent communication with the network service, and an authentication identifier validator for checking the validity of an authentication identifiers from the pool of authentication identifiers sent with the subsequent communication.
대표청구항
▼
1. An authentication apparatus for authenticating communication between a client and one or more web services, the authentication apparatus comprising: a non-transitory computer readable memory storing instructions; anda processor for executing the instructions stored in the computer readable memory
1. An authentication apparatus for authenticating communication between a client and one or more web services, the authentication apparatus comprising: a non-transitory computer readable memory storing instructions; anda processor for executing the instructions stored in the computer readable memory, the instructions when executed by the processor causing the processor to perform authentication tasks including:providing to a client application executed on the client a plurality of authentication identifiers over a secure communication channel established over a network, individual authentication identifiers of the plurality of authentication identifiers for use in validating subsequent client application requests to access functionality provided by a web service, wherein the secure communication channel is an encrypted communication channel;receiving, over an unsecure communication channel established over the network, a client application request to access a functionality provided by the web service and an associated authentication identifier from the plurality of authentication identifiers, wherein the unsecure communication channel is an unencrypted communication channel;validating an authorization for the client application to access the requested functionality of the web service using the associated authentication identifier from the plurality of authentication identifiers received with the client application request to access the functionality provided by the web service; andsending the request to access the functionality to the web service when the client application authorization to access the functionality of the web service is validated. 2. The authentication apparatus of claim 1, wherein each authentication identifier is invalidated after being validated, whereby each authentication identifier can only be used once. 3. The authentication apparatus of claim 1, wherein the instructions when executed by the processor further cause the processor to perform authentication tasks including: authenticating the client application prior to providing the client application the plurality of authentication identifiers. 4. The authentication apparatus of claim 1, wherein the instructions when executed by the processor further cause the processor to perform authentication tasks including: checking if the client application has authorization to access the functionality of the web service. 5. The authentication apparatus of claim 1, further comprising a repository for storing information relating to the plurality of authentication identifiers. 6. The authentication apparatus of claim 5, wherein the repository further stores information relating to the client application, and the web service. 7. The authentication apparatus of claim 1, wherein the instructions when executed by the processor further cause the processor to perform authentication tasks including: billing for the plurality of authentication identifiers. 8. The authentication apparatus of claim 1, wherein the instructions when executed by the processor further cause the processor to perform authentication tasks including: tracking usage of the plurality of authentication identifiers. 9. A system for authenticating communication over a network comprising: a client computing device coupled to the network, the client computing device executing a client application for receiving a plurality authentication identifiers over a secure communication channel through the network and sending over an unsecure communication channel through the network a client application request to access a functionality provided by a web service and an associated authentication identifier from the plurality of authentication identifiers;the web service coupled to an authentication apparatus through the network for receiving the request to access the functionality of the web service; andan authentication server coupled to the network for:providing the plurality of authentication identifiers to the client application over the secure communication channel established through the network, individual authentication identifiers of the plurality of authentication identifiers for use in validating subsequent client application requests to access functionality provided by the web service, wherein the secure communication channel is an encrypted communication channel;receiving, over the unsecure communication channel established through the network, the client application request to access the functionality provided by the web service and the associated authentication identifier from the plurality of authentication identifiers, wherein the unsecure communication channel is an unencrypted communication channel;validating an authorization for the client application to access the requested functionality of the web service using the associated authentication identifier from the plurality of authentication identifiers received with the client application request to access the functionality provided by the web service; andsending the request to access the functionality of the web service when the client application authorization to access the functionality of the web service is validated. 10. The system of claim 9, wherein each authentication identifier is invalidated after being validated by the authentication validator, whereby each authentication identifier can only be used once. 11. The system of claim 9, wherein the authentication server is further coupled to the network for: authenticating the client application prior to providing the client application the plurality of authentication identifiers. 12. The system of claim 9, wherein the authentication server is further coupled to the network for: checking if the client application has authorization to access the functionality of the web service. 13. The system of claim 9, wherein the authentication apparatus further comprises a repository for storing information relating to the plurality of authentication identifiers. 14. The system of claim 13, wherein the repository further stores information relating to the client application, and the web service. 15. The system of claim 9, wherein the authentication server is further coupled to the network for: billing for the plurality of authentication identifiers. 16. The system of claim 9, wherein the authentication server is further coupled to the network for: tracking usage of the plurality of authentication identifiers. 17. The system of claim 9, wherein the communication module of the authentication apparatus further receives a response from the web service and sends the response back to client. 18. A method of authenticating communication between a client and a web service, the method comprising: sending, from the client, client application credentials over a secure communication channel;receiving and authenticating, at a server, the client application credentials;providing a plurality of authentication identifiers to the client over the secure communication channel established through a network, individual authentication identifiers of the plurality of authentication identifiers for use in validating subsequent client application requests to access functionality provided by a web service, wherein the secure communication channel is an encrypted communication channel; receiving at the client the plurality of authentication identifiers;sending a client application request to access a functionality provided by the web service, the request including an associated authentication identifier from the plurality of received authentication identifiers;receiving, over an unsecure communication channel established through the network, the client application request to access the functionality provided by the web service and the associated authentication identifier, wherein the unsecure communication channel is an unencrypted communication channel;validating an authorization for the client application to access the requested functionality of the web service using the associated authentication identifier from the plurality of authentication identifiers received with the client application request to access the functionality provided by the web service; andsending the request to access the functionality of the web service when the client application authorization to access the web service is validated. 19. The method of claim 18, further comprising: receiving at the web service the web service request;processing at the web service the web service request;sending a web service response to the server in response to the received web service request; receiving the web service response at the server; andsending the web service response to the client. 20. The method of claim 19, further comprising: sending a second client application request to access the web service with a second associated authentication identifier from the plurality of received authentication identifiers.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.