IDENTIFYING AND DESTROYING POTENTIALLY MISAPPROPRIATED ACCESS TOKENS
摘要
A computer receives a request for protected user data with an access token presented by a client as authorization for the client to access the protected user data in a delegated environment. The computer parses the request to create a device fingerprint identifying the device submitting the request for the client. The computer compares the device fingerprint of the request to a previously stored device fingerprint of an authorized device associated with the access token. The computer automatically determines whether to identify the access token as potentially misappropriated based on the comparison of the device fingerprint of the request to the previously stored device fingerprint.
申请公布号
WO2015078244(A1)
申请公布日期
2015.06.04
申请号
WO2014CN89002
申请日期
2014.10.21
申请人
INTERNATIONAL BUSINESS MACHINES CORPORATION;IBM (CHINA) CO., LIMITED
发明人
CANNING, SIMON G.;SREEDHAR, PRANAM C.;WARDROP, PATRICK R.;WEEDEN, SHANE B.