| 发明名称 |
METHOD AND SYSTEM OF PROVIDING A PICTURE PASSWORD PROOF OF KNOWLEDGE AS A WEB SERVICE |
| 摘要 |
A server provides a picture password proof of knowledge. The server includes a processor creating a user identifier when communicating with a relying party (RP) server, sending the identifier to the RP server, creating a login token in response to a user authentication request originating from a client browser (CB), sending a web address containing the login token to the RP server, receiving and authenticating actions from the CB regarding the proof of knowledge, generating and sending an authentication token to the CB responsive to the received and authenticated actions, receiving from the RP server a request for an identification token, the request including the authentication token, and generating and sending the identification token to the RP server to enable the user at the CB to be verified and logged-in to the RP server. |
| 申请公布号 |
US2016050198(A1) |
申请公布日期 |
2016.02.18 |
| 申请号 |
US201414782257 |
申请日期 |
2014.03.31 |
| 申请人 |
ANTIQUE BOOKS, INC. |
发明人 |
THIBADEAU Sr. Robert H.;DONNELL Justin D. |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A picture password server providing a picture password proof of knowledge of an image, said picture password server comprising:
a processor operable to:
create a login token in response to a request for the login token including an identifier which identifies a user when communicating with a relying party server, the request originating from the relying party server;send the login token to the relying party server;receive a communication from a client browser, the communication comprising the login token;in response to verifying that the login token is valid, receive a plurality of actions from the client browser regarding the picture password proof of knowledge of the image;in response to authenticating the plurality of actions from the client browser regarding the picture password proof of knowledge of the image based on stored information for the identifier, generate and send a communication comprising an authentication token to the client browser;receive, from the relying party server, a request for an identification token, the request including the authentication token; andin response to verifying that the authentication token is valid, send a communication comprising the identification token to the relying party server to enable a login to the relying party server at the client browser. |
| 地址 |
Pittsburgh PA US |
