Providing a second factor authorization

摘要

A system for generating a second factor authorization for a request to access a web site includes a data store having a computer readable medium storing a program for generating the second factor authorization, and a processor. A packet receiving unit receives the request from a user device via a local network to access the web site via an external network. A trigger database stores the web site. A device database stores a rule associated with the user device for the web site, and a corresponding paired device with the user device. A second factor determination unit requests a second factor authorization from the corresponding paired device in response to the packet receiving unit receiving the request. A communication unit communicates the request to the external network in response to a valid assertion from the paired device based on the second factor authorization.

主权项

1. A method for generating a second factor authorization for a request to access a web site, comprising:
receiving, by a gateway device deployed as an intermediary between a first network and a second network, a request to access a web site hosted by a server connected to the second network from a first user device connected to the first network; determining, by the gateway device, that a trigger database identifies the web site as requiring second factor authorization; requesting, by the gateway device, a second factor authorization from a second user device paired with the first user device, responsive to receiving the request; and communicating the request to the server connected to the second network, by the gateway device, responsive to receiving a valid second factor authorization from the second user device.