| 发明名称 |
AUTHENTICATION OF API-BASED ENDPOINTS |
| 摘要 |
A method includes detecting an incoming request from a first application to a second application. The method further includes performing an authentication that involves sending a challenge message to a first application. The challenge message may request an account of information associated with processed transactions between the first application and the second application during a particular period preceding the incoming request, a solution to a high-cost calculation associated with a high level of resource use, or a concatenated sequence of characters located at specific positions of a shared value. The authentication further involves receiving a challenge response to the challenge message from the first application, determining a verified response based on the challenge message, and determining whether the challenge response matches the verified response. The method includes authorizing the second application to process the incoming request in response to determining that the challenge response matches the verified response. |
| 申请公布号 |
US2016080355(A1) |
申请公布日期 |
2016.03.17 |
| 申请号 |
US201414485662 |
申请日期 |
2014.09.12 |
| 申请人 |
GREENSPAN Steven L.;CHELL Charley |
发明人 |
GREENSPAN Steven L.;CHELL Charley |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method of performing an authentication comprising:
detecting, via a monitoring device, an incoming request from a first application to a second application; performing an authentication, the authentication comprising:
sending a challenge message to the first application, the challenge message requesting at least one of:
an account of information associated with processed transactions between the first application and the second application during a particular period preceding the incoming request,a solution to a high-cost calculation, the high-cost calculation associated with a high level of resource use, anda concatenated sequence of characters located at specific positions of a shared value;receiving a challenge response to the challenge message from the first application;determining a verified response based on the challenge message; anddetermining whether the challenge response matches the verified response; and authorizing the second application to process the incoming request in response to determining that the challenge response matches the verified response. |
| 地址 |
Scotch Plains NY US |
