IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0413847
(2012-03-07)
|
등록번호 |
US-8572712
(2013-10-29)
|
발명자
/ 주소 |
- Rice, Mike
- Keshav, Sineesh
|
출원인 / 주소 |
- American Express Travel Related Services Company, Inc.
|
대리인 / 주소 |
|
인용정보 |
피인용 횟수 :
19 인용 특허 :
19 |
초록
▼
A system is disclosed which facilitates authentication processes with web-enabled wireless devices, including those that do not support the use of cookie files. To facilitate such authentication, a web server analyzes an HTTP request file from a communication device for the presence of security toke
A system is disclosed which facilitates authentication processes with web-enabled wireless devices, including those that do not support the use of cookie files. To facilitate such authentication, a web server analyzes an HTTP request file from a communication device for the presence of security token data. Where none is found, a client is directed to a login page for input of authentication data, such as a user name and password information. Upon proper authentication, the client's communication device is issued a security token using standard HTML-INPUT tags. Thereafter, the web server determines if each additional HTTP request file received from the client includes a security token before responding to the request.
대표청구항
▼
1. A method comprising: receiving, by a computer based system for initiating a secure communication session, a http request file and browser identification data, wherein the http request file includes client agent data and communication device model data;analyzing, by the computer based system, the
1. A method comprising: receiving, by a computer based system for initiating a secure communication session, a http request file and browser identification data, wherein the http request file includes client agent data and communication device model data;analyzing, by the computer based system, the browser identification data to selectively grant access to proceed based upon a determination that a device sending the http request file is a supported type of device;at least one of by the computer based system, comparing the client agent data to authorized client agents, or comparing the communication device model data to authorized communication device models on an associated database; andbased on the comparing, at least one of: configure, grant, or deny access, by the computer based system, to the host web server. 2. The method of claim 1, further comprising receiving, by the computer based system, authentication credentials. 3. The method of claim 1, further comprising receiving authentication credentials, by the computer based system, over a secure communication channel. 4. The method of claim 1, further comprising transmitting, by the computer based system, a security token in response to authentication credentials having been authenticated. 5. The method of claim 1, wherein an error message is transmitted to the device. sending the http request file, in response to the device not being a supported device, 6. The method of claim 1, wherein access to proceed is not established, in response to the device not being a supported device. 7. The method of claim 1, further comprising transmitting, by the computer based system, an encrypted security token in a reply communication. 8. The method of claim 1, further comprising transmitting, by the computer based system, an encrypted security token in a reply communication, within an HTML INPUT tag. 9. The method of claim 8, wherein the transmitting is in response to a determination of no security token being present in the HTTP request file. 10. The method of claim 1, further comprising receiving, by the computer based system, a request to initiate a secure session comprising an encrypted security token. 11. The method of claim 1, further comprising analyzing, by the computer based system, the HTTP request file for a presence of a security token. 12. The method of claim 1, wherein a communication device associated with at least one of the client agent data or the communication device model data is at least one of a wireless device or a PC-based device. 13. The method of claim 1, further comprising receiving, by the computer based system, URL information identifying a type of a communication device issuing the request. 14. The method of claim 1, further comprising receiving, by the computer based system, device-specific browser information identifying a type of communication device issuing the request. 15. The method of claim 1, further comprising: issuing, by the computer based system, a login page in response to a determination of no security token being present in the HTTP request file, wherein the login page requests input of at least one of a user name or a password;validating, by the computer based system, the user name or the password; andissuing the security token in response to the successful validating. 16. The method of claim 1, wherein a security token facilitates at least one of: establishing a secure session with a web server or tracking a particular web session within a web site. 17. An article of manufacture including a non-transitory, tangible computer readable storage medium having instructions stored thereon that, in response to execution by a computer-based system for initiating a secure communication session, cause the computer-based system to perform operations comprising: receiving, by the computer based system, a http request file and browser identification data, wherein the http request file includes client agent data and communication device model data;analyzing, by the computer based system, the browser identification data to selectively grant access to proceed based upon a determination that a device sending the http request file is a supported type of device;at least one of by the computer based system, comparing the client agent data to authorized client agents, or comparing the communication device model data to authorized communication device models on an associated database; andbased on the comparing, at least one of: configure, grant, or deny access, by the computer based system, to the host web server. 18. The medium of claim 17, wherein an error message is transmitted to the device sending the http request file, in response to the device not being a supported device. 19. The medium of claim 17, wherein access to proceed is not established, in response to the device not being a supported device. 20. A system comprising: a processor for initiating a secure communication session,a tangible, non-transitory memory configured to communicate with the processor,the tangible, non-transitory memory having instructions stored thereon that, in response to execution by the processor, cause the processor to perform operations comprising: receiving, by the processor, a http request file and browser identification data, wherein the http request file includes client agent data and communication device model data;analyzing, by the processor, the browser identification data to selectively grant access to proceed based upon a determination that a device sending the http request file is a supported type of device;at least one of, by the processor, comparing the client agent data to authorized client agents, or comparing the communication device model data to authorized communication device models on an associated database; andbased on the comparing, at least one of: configure, grant, or deny access, by the processor, to the host web server.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.