发明名称 |
Proof of possession for web browser cookie based security tokens |
摘要 |
In one embodiment, a user device 110 may access a network service 122 using a secure cookie 300. A high trust process may create an authentication proof 360 using a secure key. The high trust process may provide a browsing token 310 and the authentication proof 360 to a low trust process to send to an authentication service 124. |
申请公布号 |
US9521146(B2) |
申请公布日期 |
2016.12.13 |
申请号 |
US201313971835 |
申请日期 |
2013.08.21 |
申请人 |
Microsoft Technology Licensing, LLC |
发明人 |
Kaluskar Sanket;Subotic Dejan;Kamel Tarek;Frei Adrian;Aphale Guruprasad;Wetter Allan |
分类号 |
H04L29/06;G06F21/33;G06F21/34;G06F21/57;H04L29/08 |
主分类号 |
H04L29/06 |
代理机构 |
|
代理人 |
Webster Bryan;Choi Dan;Minhas Micky |
主权项 |
1. A machine-implemented method, comprising:
sending a login credential to an authentication service for a network service from a system context process executing at an operating system level administrative privilege of a client device; receiving a browsing token and a secure key from the authentication service in the system context process; storing the secure key in a system context of a memory of the client device limiting access to the secure key to the operating system level administrative privilege; creating an authentication proof by creating a time sensitive signature of a browsing token in the system context of the client device using the secure key; and providing the browsing token and the authentication proof to a user context process executing at an application level administrative privilege of the client device to send to the authentication service to access the network service. |
地址 |
Redmond WA US |