METHOD AND APPARATUS FOR SERVER-SIDE AUTHENTICATION AND AUTHORIZATION FOR MOBILE CLIENTS WITHOUT CLIENT-SIDE APPLICATION MODIFICATION

摘要

A method (and structure) for enforcing authentication and authorization includes making a resource access request, by a client application being executed by a processor on a digital device, to invoke authentication and authorization services to evaluate the resource access request by the client application. A security application on the digital device is activated and executed, the security application being separate from the client application, the security application including instructions for processing a challenge-response protocol for the resource access request. The client application communicates outside the digital device using a primary communication channel and the security application uses a secondary communication channel that is out-of-band from the primary communication channel.

主权项

1. A method of enforcing authentication/authorization, said method comprising:
making a resource access request, by a client application being executed by a processor on a digital device, to invoke services for evaluation of at least one of authentication and authorization of the resource access request by said client application; and activating and executing a security application on said digital device, said security application being separate from said client application, said security application comprising instructions for processing a challenge-response protocol for said resource access request, wherein said client application communicates outside said digital device using a primary communication channel and said security application uses a secondary communication channel that is out-of-band from said primary communication channel.