SG11201803963TA - Systems and methods for authenticating network messages - Google Patents

Abstract

INTERNATIONAL APPLICATION PUBLISHED UNDER THE PATENT COOPERATION TREATY (PCT) (19) World Intellectual Property ---- Organization International Bureau (43) International Publication Date .... ......1 26 May 2017(26.05.2017) WIPO I PCT (10) WO International 111111111111311111111111111111111111111111111111111111111111111111111311111111111111111 2017/087243 Publication Al Number (51) International Patent Classification: (81) Designated States (unless HO4L 29/06 (2006.01) H04W 12/06 (2009.01) kind of national protection HO4L 9/32 (2006.01) AO, AT, AU, AZ, BA, BZ, CA, CH, CL, CN, (21) International Application Number: DO, DZ, EC, EE, EG, PCT/US2016/061277 HN, HR, HU, ID, IL, (22) International Filing Date: KW, KZ, LA, LC, LK, 10 November 2016 (10.11.2016) MG, MK, MN, MW, OM, PA, PE, PG, PH, (25) Filing Language: English SC, SD, SE, SG, SK, SL, SM, ST, SV, SY, TH, TJ, TM, (26) Publication Language: English TN, TR, TT, TZ, UA, ZW. (30) Priority Data: 14/942,048 16 November 2015 (16.11.2015) US (84) Designated States (unless kind of regional protection (71) Applicant: MASTERCARD INTERNATIONAL IN- GM, KE, LR, LS, MW, CORPORATED [US/US]; 2000 Purchase Street, Pur- TZ, UG, ZM, ZW), Eurasian chase, NY 10577 (US). TJ, TM), European (AL, DK, EE, ES, FL FR, GB, GR, HR, HU, IE, IS, IT, LT, LU, (72) Inventors: ZHANG, Jenny; 730 Hesemann Ridge Court, LV, MC, MK, MT, NL, Wildwood, MO 63021 (US). SRIGIRI, Justus; 2000 Pur- SM, TR), OAPI (BF, chase Street, Purchase, NY 10577 (US). LOEFFLER, Brian; 11499 Loeffler Lane, Wright City, MO 63390 (US). GW, KM, ML, MR, NE, SN, TD, TG). otherwise indicated, for every available): AE, AG, AL, AM, BB, BG, BH, BN, BR, BW, BY, CO, CR, CU, CZ, DE, DJ, DK, DM, ES, FI, GB, GD, GE, GH, GM, GT, IN, IR, IS, JP, KE, KG, KN, KP, KR, LR, LS, LU, LY, MA, MD, ME, MX, MY, MZ, NA, NG, NI, NO, NZ, PL, PT, QA, RO, RS, RU, RW, SA, UG, US, UZ, VC, VN, ZA, ZM, otherwise indicated, for every available): ARIPO (BW, GH, MZ, NA, RW, SD, SL, ST, SZ, (AM, AZ, BY, KG, KZ, RU, AT, BE, BG, CH, CY, CZ, DE, NO, PL, PT, RO, RS, SE, SI, SK, BJ, CF, CG, CI, CM, GA, GN, GQ, PANTHI, Ankur; 1903 Scenic Meadow Court, Saint Published: Peters, MO 63376 (US). PHILLIPS, Marc; 2005 Arch- with international search 21(3)) report (Art Drive, Wentzville, MO 63385 way (US). Agent: DOBBYN, Colm, J Mastercard International In- (74) ; corporated, 2000 Purchase Street, Purchase, NY 10577 (US). (54) Title: SYSTEMS AND METHODS FOR AUTHENTICATING NETWORK MESSAGES 304 ( LOCAL RECEIVE MESSAGE AP I 1TCEO E 1 ,2EPOSITORY RROM GLEN\" IE0T PERFORM TRANSMIT THE VALDATON up a - MESSAGE cOWARD T-IF CE 1HE CD --- — A1 1 1 GATEWAY CERTIFICATE VA DA TED 316 / ,2744 CS ,11 . 3 1E 'E 123 4 ,L , DAT I -212 si. AL ACC,E 4 B E OBJECT MAGER N (C E \ T CERT ) Pr-15 A LL C'PCUP1TY SERV CE TTTTTTTTTT T TTT „ T T , GENERATE INTERNAL eOPPUTINS DEV CE TO COWER I K , TTT rr SECURITY TOKEN GENE AT TOKEN RASED Il ON INTERNAL TOKEN ETSCJR'TY I3KEN .4t TSANSVIT MISSAG i AND SECURITY TNEN 312 M 11. 322-4 TO THE anDEND SERVERSERVICE N IN GO ---- (57) : Networks and methods for use in provided. One exemplary method generally includes ..::::; certificate identifying the computing device as one N API gateway, validation of the client based on the client emplary method further includes causing a security client are validated, whereby the security token is indicative one or more backend services. FIG.3 authenticating messages, based on the clients performing, by an API gateway, validation of the recognized computing devices, via certificate via a global access manager, token indicative of the client to be generated, of the client and permits the message, and the computing devices, are of a computing device based on a the repository, and performing, by the separate from the repository. The ex- when the computing device and the from the client, to be delivered to