主权项 |
1. A computer-implemented method to validate client authentication using timing data, comprising:
authenticating credentials entered by a user on a client; upon authenticating the credentials entered by the user, validating the client authentication using timing data, comprising:
receiving, by a processor, a connection request from the client, the connection request comprising a request to connect the client to an Internet-based resource, the credentials being authenticated and the client authentication being validated using timing data to determine whether to allow the client to connect to the Internet-based resource;receiving, by the processor, a validation token with the connection request;verifying, by the processor, the received validation token with an issuing server by matching the received validation token with a validation token generated by the issuing server;calculating, by the processor, timing data that indicate a time to transmit the data to the client and receive the retransmitted data from the client;applying, by the processor, a protective element to the timing data, wherein the protective element comprises a digital signature;transmitting, by the processor, data to the client, wherein the client retransmits the data, and wherein the data comprises the digitally signed timing data;receiving, by the processor, the retransmitted data from the client; andtransmitting the digitally signed timing data to a timing verification server, wherein the timing verification server determines whether the timing data fall within a predetermined range of timing data. |