138 results about "Internet Authentication Service" patented technology

Embodiments are directed to authenticating a user to a remote application provisioning service. In one scenario, a client computer system receives authentication credentials from a user at to authenticate the user to a remote application provisioning service that provides virtual machine-hosted remote applications. The client computer system sends the received authentication credentials to an authentication service, which is configured to generate an encrypted token based on the received authentication credentials. The client computer system then receives the generated encrypted token from the authentication service, stores the received encrypted token and the received authentication credentials in a data store, and sends the encrypted token to the remote application provisioning service. The encrypted token indicates to the remote application provisioning service that the user is a valid user.

An Access System can provide identity management and/or access management services. Examples of access management services include authentication and authorization services. In some implementations, users of an Access System want to use the authorization services of the Access System but do not want to use the authentication services of the Access System. The present invention allows some or all of the resources protected by the Access System to use the authentication services of the Access System and some or all of the resources protected by the Access System to use external authentication services.

A web site can be authenticated by a third party authentication service. A user designates an authentication device that is a shared secret between the user and the authentication service. A web site page includes a URL that points to the authentication service. The URL includes a digital signature by the web site. When the user receives the page, the user's browser issues a request to the authentication service, which attempts to authenticate the digital signature. If the authentication is successful, it sends the authentication device to the user computer.

A system and method for providing authentication service for IoT security are disclosed herein. The system for providing authentication service for IoT security includes an Internet of Things (IoT) service server, and an IoT gateway node. The IoT service server supports an IoT communication service in accordance with an IoT communication service policy. The IoT gateway node receives an IoT service request from a terminal attempting to control an IoT device that supports the IoT communication service while operating in conjunction with the IoT service server, identifies whether the terminal attempting to control the IoT device is a normal user based on profile information, collected from the terminal via the IoT service request, via the IoT service server, and performs the security authentication of the IoT device.

A federated authentication service technology (10) for authenticating a subject (20) residing in a subject domain (12) on a network to a server application (38) residing in a server domain (18), wherein an authentication mechanism (32) residing in an authentication domain (16) affects the service provided by the server application (38). A client (22), which may be integrated non-human instances of the subject (20), authenticates the subject (20) and a protocol proxy (34) mediates with the authentication mechanism (32) to obtain a name assertion which the client can use to access the server application (38). When multiple authentication mechanisms (32) are available, an optional agent (24), mechanism resolution process (26) and mechanism repository (28), all residing in an agent domain (14), may be used to resolve to one suitable authentication mechanism (32).

The authenticity of a website is tested with software that runs on a personal computing device and a service that is provided via the Internet. The software on the personal computing device is in the form of a proxy, or transparent component in the Internet Protocol implementation. The proxy receives all outbound messages, analyzes them and forwards or modifies them without the user's intervention. The service tests the IP address and/or the behavior of the target website.

A payment authentication service authenticates the identity of a payer during online transactions. The authentication service of the present invention allows a card issuer to verify a cardholder's identity using a variety of authentication methods, such as the use of passwords. Also, the only system participant requiring a certificate is the issuing financial institution. One embodiment of the invention for authenticating the identity of a cardholder during an online transaction involves querying an access control server to determine if a cardholder is enrolled in the payment authentication service, requests a password from the cardholder, verifies the password, and notifies a merchant whether the cardholder's authenticity has been verified. In another aspect of the invention, a chip card and the authentication service independently generate cryptograms that must match in order for the service to verify that the correct chip card is being used by the cardholder.

An authentication service provides authentication information to help potential buyers determine the legitimacy of an offer to sell a good or service. For example, an authentication service stores registration information that indicates (a) that a particular item was purchased by a particular party, and (b) contact information that indicates a particular address for communicating with the party. When the registered owner of an item wants to sell the item, the owner sends an intent-to-sell message to the authentication service. In response to receiving the intent-to-sell message, the authentication service sends access information to the particular address. The access information specifies a manner of receiving authentication information about the item from the authentication service. The registered owner includes the access information in his or her advertisements for the item. When a potential buyer sees the access information in an advertisement, the potential buyer can obtain the authentication information, directly from the authentication service, using the manner specified in the access information.

The invention discloses an information portal single sign-on and accessing system based on facing to service architecture authentication service agent. The system includes: an authentication service terminal (1) based on facing to service architecture, an authentication service agent (2), an application system (3) and a user browser (4). The authentication service terminal (1) is composed of an authentication service terminal date structure set (11), an authentication service terminal atomic service set (12) and an authentication service terminal assistant service set (13). The authentication service terminal date structure set (11) is used for bearing exchanged date in single sign-on execution process; the authentication service terminal atomic service set can complete single sign-on and accessing to the application system (3) through response calling request of the authentication service agent (2); the authentication service terminal assistant service set (13) is used for maintaining local user role mapping LURM, global user identity information GUII in single sign-on, and can assistant complete single sign-on and accessing to the application system (3).

A system and method are described for integrating an authentication service within an existing network infrastructure. One embodiment of a method comprises: configuring a gateway to restrict access to an internal network; configuring an authentication client of a client device to establish a communication channel with the authentication server and to register one or more authentication devices with the authentication server; authenticating the user with the authentication server using one or more of the registered authentication devices in response to an attempt to gain access to the internal network via the gateway; providing the client device with a cryptographic data structure in response to a successful authentication; providing the cryptographic data structure to the gateway as proof of the successful authentication; validating the cryptographic data structure with the authentication server; providing access to the gateway upon receiving an indication from the authentication server that the cryptographic data structure is valid.

Techniques are provided for proxy authentication. A proxy includes a first port, a second port, and a secure port; each port processing a different service. Requests received on the first and second ports which require authentication are redirected to the secure port. The secure port processes an authentication router service. The authentication router service forwards requests for authentication to selective authentication services. The authentication services authenticate the requests over the secure port.

A system and method for secure network communication. In various embodiments of the present invention, data needed for authentication an encryption is included in each communication pass between network devices, so that when a network connection is broken, a secure connection can be reestablished with the next pass. A client authentication service on the client receives a server request and searches for a current client-side session key. If one is not present, the client authentication service generates and encrypts an initial session key, acquires credentials, adds the credentials to the server request, and encrypts the server request with the initial session key. The encrypted server request and the encrypted session key are sent to the server, where a server authentication service decrypts the initial session key, decrypts the server request with the initial session key, and authenticates the credentials before allowing the server request to be acted upon. Where a current client-side session key is detected, the client authentication service acquires the current client-side session key, generates a next step session key, adds the next step session key to the server request, and encrypts the server request with the current client-side session key. The encrypted server request is sent to the server where the server authentication service decrypts the server request with a current server-side session key allowing the server request to be acted upon.

The invention discloses trustworthy internet-oriented entity ID (Identity)-based ID authentication method and system. Through distributing a user basic ID and a user ID certificate in one-to-one correspondence to a user and using a safer entity authentication mode to access the internet, the security and the uniqueness of user information are ensured, various entities attempting to enter the network through false or error ID marks are recognized and ID authentication services are provided for various network applications. The IPv6 (Internet Protocol Version 6) address structure is resigned corresponding to the user basic ID and the user ID certificate, two address types, i.e. a real address and an anonymous address to be distributed in authentication are provided, and the user ID is expanded to richer user attribute certificates so that the user is provided with three network access, i.e. access based on an anonymous address, access based on a real address and access based on the realaddress and the user ID certificate.

The invention discloses a decentralized Internet of Things security authentication system, an equipment registration method and an identity authentication method, and belongs to the technical field ofInternet and network, the system comprises a bookkeeping node and a light node, and Internet of Things equipment in the system is the light node; and the system core module comprises an equipment certificate generation module, a key management module, a block chain basic service module, a security authentication service module and a visual management module. According to the invention, the blockchain basic service is operated in a system kernel mode; the method comprises the following steps: providing a security authentication service, a network basic service, a key management service, an equipment certificate generation service and a security authentication service, realizing complete protection of equipment and communication security assurance between the equipment based on the services, and providing services such as DDOS attack detection and defense schemes, point-to-point key distribution and blockchain application generation and deployment.

The invention provides a method and a device for equipment authentication and an authentication service system. The method for the equipment authentication comprises the following steps: receiving a network access request from user equipment; if an equipment identifier of the user equipment is contained in an equipment list, approving the network access request; if the equipment identifier of the user equipment is not contained in the equipment list and a token is not contained in the network access request, sending redirecting information, which is used for indicating the user equipment to authenticate authentication managing equipment, to the user equipment. A customized authentication service is supplied to a merchant, the merchant is assisted in building a WiFi (Wireless Fidelity) internet service system and a complex WiFi authentication process is shielded for the merchant.

The invention discloses a security certificate gateway, comprising a client crypto module, a client business module, a service business module and a service crypto module, wherein the client business module is used as an agent of an application client and used for calling the client crypto module and the service business module interactively to build an encrypted connection; and the service business module is used for calling the service crypto module and the service business module to build a secure encrypted channel. Based on the high-strength identity authentication service, the high-strength data link encryption service and the digital signature and authentication service of a digital certificate, the gateway provided by the invention effectively protects secure access of network resources, and supports B/S applications of a hypertext transport protocol (HTTP) and hypertext transfer protocol secure (HTTPS) as well as common C/S applications of a file transfer protocol (FTP), a remote desktop and the like.