Cryptographic binding of authentication schemes
Methods and apparatus cryptographically bind authentication schemes to verify that a secure authentication sequence was executed for access to sensitive applications/resources. Users execute two login sequences with a strong authentication framework. Upon completion of the first, the framework gener...
Saved in:
Main Authors | , , |
---|---|
Format | Patent |
Language | English |
Published |
07.09.2010
|
Online Access | Get full text |
Cover
Loading…
Summary: | Methods and apparatus cryptographically bind authentication schemes to verify that a secure authentication sequence was executed for access to sensitive applications/resources. Users execute two login sequences with a strong authentication framework. Upon completion of the first, the framework generates an unencrypted token from underlying data, later hashed into an authentication token. With a private key corresponding to the first sequence, the authentication token is encrypted and passed to the second sequence where it is encrypted again with a private key corresponding to the second sequence. Upon access attempts to the sensitive applications/resources, verification of execution of the two login sequences includes recovering the authentication token from its twice encrypted form and comparing it to a comparison token independently generated by the application/resource via the underlying data. An audit log associated with the application/resource stores the data, the recovered authentication token, etc., for purposes of later non-repudiation. |
---|