| 发明名称 |
Remote sign-out of web based service sessions |
| 摘要 |
Remote sign-out of web based service sessions. As a part of remote sign-out of web based service sessions, a user authentication token is accessed that is used to establish a web based service session and this user authentication token is stored in memory of an authentication server and returned in a cookie to the device. User access and deletion of the user authentication token from memory is accommodated using a device different from that which initially established the web based service session. Upon receipt of a browser request involving the user authentication token, it is determined whether the user authentication token is stored in memory. An access denial indication is provided to a web based service that indicates that the user authentication token is not stored in memory. |
| 申请公布号 |
US8863265(B2) |
申请公布日期 |
2014.10.14 |
| 申请号 |
US200812143848 |
申请日期 |
2008.06.23 |
| 申请人 |
Microsoft Corporation |
发明人 |
Liu Johnny;Senzel Keith;Gu Ye |
| 分类号 |
H04L9/32;H04L29/06 |
主分类号 |
H04L9/32 |
| 代理机构 |
|
代理人 |
Webster Bryan;Drakos Kate;Minhas Micky |
| 主权项 |
1. A method for remote sign-out of web based service sessions, comprising:
accessing a user authentication token that is used to establish a first web based service session and storing said user authentication token in memory associated with a web based service, the user authentication token authorizing only a single user to access the first web based service session, a flag being associated with said user authentication token indicating validity of said user authentication token, said user authentication token being invalidated by clearing said flag; accommodating user access and deletion by the single user of said user authentication token from said memory using a device different from that which initially established the first web based service session, said deletion of said user authentication token being responsive to a user request by the single user to said web based service without installation of software on said device different from that which initially established the first web based service session; upon receipt of a browser request involving said user authentication token, determining if said user authentication token is stored in said memory; if it is determined that said user authentication token is not stored in said memory, providing an access denial indication to said web based service that indicates that said user authentication token is not valid and request for service is not granted; and determining if a user password has been changed periodically, and if said user password has been changed deleting all user authentication tokens from said memory. |
| 地址 |
Redmond WA US |
