发明名称 |
Secure authentication in a multi-party system |
摘要 |
An authentication server transmits a random number to and receives a other information from a service provider. Later, the first random number is received from a requester and a provider identifier, the received other information and provider authentication policy requirements are transmitted to the requester. A user identifier and validation information are received from the requester. The received validation information is determined to correspond to the provider authentication policy requirements, and compared with stored user validation information associated with the received user identifier to authenticate the requester. A message, including both the random number and other information, signed with a credential of the requesting user is received and transmitted to the first provider. |
申请公布号 |
US9641505(B2) |
申请公布日期 |
2017.05.02 |
申请号 |
US201514630169 |
申请日期 |
2015.02.24 |
申请人 |
Early Warning Services, LLC |
发明人 |
Neuman Michael;Neuman Diana |
分类号 |
H04L29/06;H04L29/08;G06F17/30;H04L9/32;H04L9/30 |
主分类号 |
H04L29/06 |
代理机构 |
Kilpatrick Townsend & Stockton LLP |
代理人 |
Kilpatrick Townsend & Stockton LLP |
主权项 |
1. A method of operating an authentication server to notify a network entity of a transaction via a network, comprising:
receiving, by the authentication server from a first network entity via the network, an identifier of a second network entity, a transaction identifier, transaction approval and authentication requirements, and a message regarding the transaction, wherein the message is encrypted with a credential of the second network entity; transmitting, by the authentication server to the second network entity via the network, the received transaction identifier, transaction approval and any authentication requirements, and encrypted message; receiving, by the authentication server from the second network entity via the network after transmitting the transaction identifier, transaction approval and authentication requirements, and encrypted message, at least one of a transaction approval and authentication information; determining, by the authentication server based on any received authentication information, that the second network entity is authentic; and transmitting, by the authentication server, to the first network entity a notification of any determination and any received transaction approval. |
地址 |
Scottsdale AZ US |