KR101579801B1 - 크리덴셜 유출로부터 단일 사인-온 도메인을 보호하기 위한 방법 및 장치 - Google Patents

크리덴셜 유출로부터 단일 사인-온 도메인을 보호하기 위한 방법 및 장치 Download PDF

Info

Publication number
KR101579801B1
KR101579801B1 KR1020147012094A KR20147012094A KR101579801B1 KR 101579801 B1 KR101579801 B1 KR 101579801B1 KR 1020147012094 A KR1020147012094 A KR 1020147012094A KR 20147012094 A KR20147012094 A KR 20147012094A KR 101579801 B1 KR101579801 B1 KR 101579801B1
Authority
KR
South Korea
Prior art keywords
cookie
authentication
domain
single sign
restricted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
KR1020147012094A
Other languages
English (en)
Korean (ko)
Other versions
KR20140084126A (ko
Inventor
제시카 엠. 플라나간
크레이그 엠. 브라운
마이클 더블유. 패든
Original Assignee
퀄컴 인코포레이티드
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 퀄컴 인코포레이티드 filed Critical 퀄컴 인코포레이티드
Publication of KR20140084126A publication Critical patent/KR20140084126A/ko
Application granted granted Critical
Publication of KR101579801B1 publication Critical patent/KR101579801B1/ko
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G01MEASURING; TESTING
    • G01SRADIO DIRECTION-FINDING; RADIO NAVIGATION; DETERMINING DISTANCE OR VELOCITY BY USE OF RADIO WAVES; LOCATING OR PRESENCE-DETECTING BY USE OF THE REFLECTION OR RERADIATION OF RADIO WAVES; ANALOGOUS ARRANGEMENTS USING OTHER WAVES
    • G01S19/00Satellite radio beacon positioning systems; Determining position, velocity or attitude using signals transmitted by such systems
    • G01S19/01Satellite radio beacon positioning systems transmitting time-stamped messages, e.g. GPS [Global Positioning System], GLONASS [Global Orbiting Navigation Satellite System] or GALILEO
    • G01S19/13Receivers
    • G01S19/32Multimode operation in a single same satellite system, e.g. GPS L1/L2
    • GPHYSICS
    • G01MEASURING; TESTING
    • G01SRADIO DIRECTION-FINDING; RADIO NAVIGATION; DETERMINING DISTANCE OR VELOCITY BY USE OF RADIO WAVES; LOCATING OR PRESENCE-DETECTING BY USE OF THE REFLECTION OR RERADIATION OF RADIO WAVES; ANALOGOUS ARRANGEMENTS USING OTHER WAVES
    • G01S19/00Satellite radio beacon positioning systems; Determining position, velocity or attitude using signals transmitted by such systems
    • G01S19/01Satellite radio beacon positioning systems transmitting time-stamped messages, e.g. GPS [Global Positioning System], GLONASS [Global Orbiting Navigation Satellite System] or GALILEO
    • G01S19/13Receivers
    • G01S19/24Acquisition or tracking or demodulation of signals transmitted by the system
    • G01S19/246Acquisition or tracking or demodulation of signals transmitted by the system involving long acquisition integration times, extended snapshots of signals or methods specifically directed towards weak signal acquisition
    • GPHYSICS
    • G01MEASURING; TESTING
    • G01SRADIO DIRECTION-FINDING; RADIO NAVIGATION; DETERMINING DISTANCE OR VELOCITY BY USE OF RADIO WAVES; LOCATING OR PRESENCE-DETECTING BY USE OF THE REFLECTION OR RERADIATION OF RADIO WAVES; ANALOGOUS ARRANGEMENTS USING OTHER WAVES
    • G01S19/00Satellite radio beacon positioning systems; Determining position, velocity or attitude using signals transmitted by such systems
    • G01S19/38Determining a navigation solution using signals transmitted by a satellite radio beacon positioning system
    • G01S19/39Determining a navigation solution using signals transmitted by a satellite radio beacon positioning system the satellite radio beacon positioning system transmitting time-stamped messages, e.g. GPS [Global Positioning System], GLONASS [Global Orbiting Navigation Satellite System] or GALILEO
    • G01S19/42Determining position
    • G01S19/421Determining position by combining or switching between position solutions or signals derived from different satellite radio beacon positioning systems; by combining or switching between position solutions or signals derived from different modes of operation in a single system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information

Landscapes

  • Engineering & Computer Science (AREA)
  • Remote Sensing (AREA)
  • Radar, Positioning & Navigation (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Information Transfer Between Computers (AREA)
  • Storage Device Security (AREA)
  • Computer And Data Communications (AREA)
KR1020147012094A 2011-10-04 2012-10-04 크리덴셜 유출로부터 단일 사인-온 도메인을 보호하기 위한 방법 및 장치 Expired - Fee Related KR101579801B1 (ko)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US13/252,931 US8943571B2 (en) 2011-10-04 2011-10-04 Method and apparatus for protecting a single sign-on domain from credential leakage
US13/252,931 2011-10-04
PCT/US2012/058789 WO2013052693A1 (en) 2011-10-04 2012-10-04 Method and apparatus for protecting a single sign-on domain from credential leakage

Publications (2)

Publication Number Publication Date
KR20140084126A KR20140084126A (ko) 2014-07-04
KR101579801B1 true KR101579801B1 (ko) 2015-12-24

Family

ID=47993958

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020147012094A Expired - Fee Related KR101579801B1 (ko) 2011-10-04 2012-10-04 크리덴셜 유출로부터 단일 사인-온 도메인을 보호하기 위한 방법 및 장치

Country Status (8)

Country Link
US (1) US8943571B2 (enExample)
EP (1) EP2764673B1 (enExample)
JP (1) JP5791814B2 (enExample)
KR (1) KR101579801B1 (enExample)
CN (1) CN103843300B (enExample)
IN (1) IN2014CN02076A (enExample)
TW (1) TW201334482A (enExample)
WO (1) WO2013052693A1 (enExample)

Families Citing this family (27)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10498734B2 (en) * 2012-05-31 2019-12-03 Netsweeper (Barbados) Inc. Policy service authorization and authentication
US8977560B2 (en) * 2012-08-08 2015-03-10 Ebay Inc. Cross-browser, cross-machine recoverable user identifiers
US9419963B2 (en) * 2013-07-02 2016-08-16 Open Text S.A. System and method for controlling access
US9521146B2 (en) 2013-08-21 2016-12-13 Microsoft Technology Licensing, Llc Proof of possession for web browser cookie based security tokens
US9106642B1 (en) 2013-09-11 2015-08-11 Amazon Technologies, Inc. Synchronizing authentication sessions between applications
US20150244704A1 (en) * 2014-02-27 2015-08-27 Netapp, Inc. Techniques to authenticate user requests involving multiple applications
US9454773B2 (en) 2014-08-12 2016-09-27 Danal Inc. Aggregator system having a platform for engaging mobile device users
US9461983B2 (en) * 2014-08-12 2016-10-04 Danal Inc. Multi-dimensional framework for defining criteria that indicate when authentication should be revoked
US10154082B2 (en) 2014-08-12 2018-12-11 Danal Inc. Providing customer information obtained from a carrier system to a client device
EP3183655B1 (en) 2014-08-21 2019-02-20 Veeam Software Ag User authorization for file level restoration from image level backups
KR102309744B1 (ko) * 2014-11-21 2021-10-07 삼성전자 주식회사 세션 기반 웹 서비스를 제공하는 방법 및 장치
CN104410650A (zh) * 2014-12-24 2015-03-11 四川金网通电子科技有限公司 基于Session和Cookie验证用户的方法
US20160241536A1 (en) * 2015-02-13 2016-08-18 Wepay, Inc. System and methods for user authentication across multiple domains
US10243957B1 (en) * 2015-08-27 2019-03-26 Amazon Technologies, Inc. Preventing leakage of cookie data
JP6719875B2 (ja) * 2015-09-01 2020-07-08 キヤノン株式会社 認証サーバ、認証方法およびプログラム
EP3362935B1 (en) * 2015-10-12 2020-01-15 Telefonaktiebolaget LM Ericsson (PUBL) Methods to authorizing secondary user devices for network services and related user devices and back-end systems
US10348712B2 (en) * 2016-02-26 2019-07-09 Ricoh Company, Ltd. Apparatus, authentication system, and authentication method
US10715513B2 (en) * 2017-06-30 2020-07-14 Microsoft Technology Licensing, Llc Single sign-on mechanism on a rich client
US11196733B2 (en) * 2018-02-08 2021-12-07 Dell Products L.P. System and method for group of groups single sign-on demarcation based on first user login
US11212101B2 (en) * 2018-10-09 2021-12-28 Ca, Inc. Token exchange with client generated token
CN111404921B (zh) * 2020-03-12 2022-05-17 广州市百果园信息技术有限公司 网页应用访问方法、装置、设备、系统及存储介质
WO2021232347A1 (en) * 2020-05-21 2021-11-25 Citrix Systems, Inc. Cross device single sign-on
US11076002B1 (en) * 2020-06-22 2021-07-27 Amazon Technologies, Inc. Application streaming with specialized subdomains
KR102582904B1 (ko) * 2021-01-05 2023-09-27 고승곤 블록체인 기반 선불형 콘텐츠 과금 서비스 방법 및 시스템
CN113190828B (zh) * 2021-05-25 2024-11-08 网宿科技股份有限公司 一种请求代理方法、客户端设备及代理服务设备
KR20230012874A (ko) * 2021-07-16 2023-01-26 (주)모니터랩 보안 장치에서 쿠키를 활용한 사용자 인증 방법
GB2619518A (en) * 2022-06-07 2023-12-13 Id Ward Ltd Privacy-preserving cross-domain user tracking

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040111621A1 (en) * 2002-12-05 2004-06-10 Microsoft Corporation Methods and systems for authentication of a user for sub-locations of a network location
US20070044146A1 (en) * 2003-08-11 2007-02-22 Sony Corporation Authentication method, authentication system, and authentication server

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6226752B1 (en) * 1999-05-11 2001-05-01 Sun Microsystems, Inc. Method and apparatus for authenticating users
US7188181B1 (en) * 1999-06-30 2007-03-06 Sun Microsystems, Inc. Universal session sharing
US7174383B1 (en) 2001-08-31 2007-02-06 Oracle International Corp. Method and apparatus to facilitate single sign-on services in a hosting environment
WO2003073783A1 (en) * 2002-02-28 2003-09-04 Telefonaktiebolaget L M Ericsson System, method and apparatus for federated single sign-on services
US7221935B2 (en) 2002-02-28 2007-05-22 Telefonaktiebolaget Lm Ericsson (Publ) System, method and apparatus for federated single sign-on services
US7496953B2 (en) * 2003-04-29 2009-02-24 International Business Machines Corporation Single sign-on method for web-based applications
US7503031B2 (en) * 2004-02-19 2009-03-10 International Business Machines Corporation Method of transforming an application into an on-demand service
US20060085345A1 (en) * 2004-10-19 2006-04-20 Khandelwal Rajesh B Right to receive data
CA2634206A1 (en) 2005-12-22 2007-07-05 Catalog.Com, Inc. System and method for cross-domain social networking
JP2008181427A (ja) 2007-01-25 2008-08-07 Fuji Xerox Co Ltd シングルサインオンシステム、情報端末装置、シングルサインオンサーバ、プログラム
US20090259851A1 (en) 2008-04-10 2009-10-15 Igor Faynberg Methods and Apparatus for Authentication and Identity Management Using a Public Key Infrastructure (PKI) in an IP-Based Telephony Environment
WO2011128183A2 (en) * 2010-04-13 2011-10-20 Telefonaktiebolaget L M Ericsson (Publ) Method and apparatus for interworking with single sign-on authentication architecture

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040111621A1 (en) * 2002-12-05 2004-06-10 Microsoft Corporation Methods and systems for authentication of a user for sub-locations of a network location
US20070044146A1 (en) * 2003-08-11 2007-02-22 Sony Corporation Authentication method, authentication system, and authentication server

Also Published As

Publication number Publication date
IN2014CN02076A (enExample) 2015-05-29
EP2764673A1 (en) 2014-08-13
JP2014529156A (ja) 2014-10-30
EP2764673B1 (en) 2018-03-07
JP5791814B2 (ja) 2015-10-07
US8943571B2 (en) 2015-01-27
KR20140084126A (ko) 2014-07-04
WO2013052693A1 (en) 2013-04-11
CN103843300B (zh) 2017-05-24
CN103843300A (zh) 2014-06-04
US20130086656A1 (en) 2013-04-04
TW201334482A (zh) 2013-08-16

Similar Documents

Publication Publication Date Title
KR101579801B1 (ko) 크리덴셜 유출로부터 단일 사인-온 도메인을 보호하기 위한 방법 및 장치
US20240129290A1 (en) Authenticated name resolution
EP4162647B1 (en) Anonymous authentication with token redemption
US9648008B2 (en) Terminal identification method, and method, system and apparatus of registering machine identification code
US10225260B2 (en) Enhanced authentication security
CN102112991B (zh) 用于管理用户认证的装置
US20160381001A1 (en) Method and apparatus for identity authentication between systems
CN103716292A (zh) 一种跨域的单点登录的方法和设备
NZ586248A (en) User to workstation authentication system
US8504824B1 (en) One-time rotating key for third-party authentication
WO2021031689A1 (zh) 一种单点登录方法、装置及系统
Schwarz et al. Feido: Recoverable FIDO2 tokens using electronic ids
NL2017032A (en) Password generation device and password verification device
CN104426861B (zh) 网页检测方法及系统
US20130091355A1 (en) Techniques to Prevent Mapping of Internal Services in a Federated Environment
Li et al. Mitigating csrf attacks on oauth 2.0 systems
US8959596B2 (en) One-time password validation in a multi-entity environment
US20250070961A1 (en) Utilizing a device user key for access to third-party applications
KR20150117045A (ko) 웹 매쉬업 환경에서의 사용자 인증 시스템 및 그 방법
KR102048534B1 (ko) 인증 방법 및 시스템
US12367483B1 (en) Decentralized authorization
CN112597528B (zh) 信息安全保护方法、装置、电子设备及存储介质
Noor FIDO: Fast IDentity Online.

Legal Events

Date Code Title Description
A201 Request for examination
PA0105 International application

St.27 status event code: A-0-1-A10-A15-nap-PA0105

PA0201 Request for examination

St.27 status event code: A-1-2-D10-D11-exm-PA0201

PG1501 Laying open of application

St.27 status event code: A-1-1-Q10-Q12-nap-PG1501

P11-X000 Amendment of application requested

St.27 status event code: A-2-2-P10-P11-nap-X000

P13-X000 Application amended

St.27 status event code: A-2-2-P10-P13-nap-X000

E902 Notification of reason for refusal
PE0902 Notice of grounds for rejection

St.27 status event code: A-1-2-D10-D21-exm-PE0902

T11-X000 Administrative time limit extension requested

St.27 status event code: U-3-3-T10-T11-oth-X000

E13-X000 Pre-grant limitation requested

St.27 status event code: A-2-3-E10-E13-lim-X000

P11-X000 Amendment of application requested

St.27 status event code: A-2-2-P10-P11-nap-X000

P13-X000 Application amended

St.27 status event code: A-2-2-P10-P13-nap-X000

E701 Decision to grant or registration of patent right
PE0701 Decision of registration

St.27 status event code: A-1-2-D10-D22-exm-PE0701

GRNT Written decision to grant
PR0701 Registration of establishment

St.27 status event code: A-2-4-F10-F11-exm-PR0701

PR1002 Payment of registration fee

St.27 status event code: A-2-2-U10-U12-oth-PR1002

Fee payment year number: 1

PG1601 Publication of registration

St.27 status event code: A-4-4-Q10-Q13-nap-PG1601

FPAY Annual fee payment

Payment date: 20180928

Year of fee payment: 4

PR1001 Payment of annual fee

St.27 status event code: A-4-4-U10-U11-oth-PR1001

Fee payment year number: 4

PR1001 Payment of annual fee

St.27 status event code: A-4-4-U10-U11-oth-PR1001

Fee payment year number: 5

PC1903 Unpaid annual fee

St.27 status event code: A-4-4-U10-U13-oth-PC1903

Not in force date: 20201218

Payment event data comment text: Termination Category : DEFAULT_OF_REGISTRATION_FEE

PC1903 Unpaid annual fee

St.27 status event code: N-4-6-H10-H13-oth-PC1903

Ip right cessation event data comment text: Termination Category : DEFAULT_OF_REGISTRATION_FEE

Not in force date: 20201218