TW201334482A - 用於保護單點登錄域免於身份碼洩露的方法和裝置 - Google Patents
用於保護單點登錄域免於身份碼洩露的方法和裝置 Download PDFInfo
- Publication number
- TW201334482A TW201334482A TW101136700A TW101136700A TW201334482A TW 201334482 A TW201334482 A TW 201334482A TW 101136700 A TW101136700 A TW 101136700A TW 101136700 A TW101136700 A TW 101136700A TW 201334482 A TW201334482 A TW 201334482A
- Authority
- TW
- Taiwan
- Prior art keywords
- cookie
- authentication
- domain
- browser client
- user
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 27
- 235000014510 cooky Nutrition 0.000 claims abstract description 179
- 238000004891 communication Methods 0.000 claims description 58
- 238000004590 computer program Methods 0.000 claims description 12
- 230000004044 response Effects 0.000 claims description 11
- 238000012795 verification Methods 0.000 claims description 8
- 238000010200 validation analysis Methods 0.000 abstract 1
- 238000010586 diagram Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 3
- 238000004422 calculation algorithm Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000002730 additional effect Effects 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 210000004556 brain Anatomy 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- 239000006249 magnetic particle Substances 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 239000002245 particle Substances 0.000 description 1
- 230000001902 propagating effect Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G01—MEASURING; TESTING
- G01S—RADIO DIRECTION-FINDING; RADIO NAVIGATION; DETERMINING DISTANCE OR VELOCITY BY USE OF RADIO WAVES; LOCATING OR PRESENCE-DETECTING BY USE OF THE REFLECTION OR RERADIATION OF RADIO WAVES; ANALOGOUS ARRANGEMENTS USING OTHER WAVES
- G01S19/00—Satellite radio beacon positioning systems; Determining position, velocity or attitude using signals transmitted by such systems
- G01S19/01—Satellite radio beacon positioning systems transmitting time-stamped messages, e.g. GPS [Global Positioning System], GLONASS [Global Orbiting Navigation Satellite System] or GALILEO
- G01S19/13—Receivers
- G01S19/32—Multimode operation in a single same satellite system, e.g. GPS L1/L2
-
- G—PHYSICS
- G01—MEASURING; TESTING
- G01S—RADIO DIRECTION-FINDING; RADIO NAVIGATION; DETERMINING DISTANCE OR VELOCITY BY USE OF RADIO WAVES; LOCATING OR PRESENCE-DETECTING BY USE OF THE REFLECTION OR RERADIATION OF RADIO WAVES; ANALOGOUS ARRANGEMENTS USING OTHER WAVES
- G01S19/00—Satellite radio beacon positioning systems; Determining position, velocity or attitude using signals transmitted by such systems
- G01S19/01—Satellite radio beacon positioning systems transmitting time-stamped messages, e.g. GPS [Global Positioning System], GLONASS [Global Orbiting Navigation Satellite System] or GALILEO
- G01S19/13—Receivers
- G01S19/24—Acquisition or tracking or demodulation of signals transmitted by the system
- G01S19/246—Acquisition or tracking or demodulation of signals transmitted by the system involving long acquisition integration times, extended snapshots of signals or methods specifically directed towards weak signal acquisition
-
- G—PHYSICS
- G01—MEASURING; TESTING
- G01S—RADIO DIRECTION-FINDING; RADIO NAVIGATION; DETERMINING DISTANCE OR VELOCITY BY USE OF RADIO WAVES; LOCATING OR PRESENCE-DETECTING BY USE OF THE REFLECTION OR RERADIATION OF RADIO WAVES; ANALOGOUS ARRANGEMENTS USING OTHER WAVES
- G01S19/00—Satellite radio beacon positioning systems; Determining position, velocity or attitude using signals transmitted by such systems
- G01S19/38—Determining a navigation solution using signals transmitted by a satellite radio beacon positioning system
- G01S19/39—Determining a navigation solution using signals transmitted by a satellite radio beacon positioning system the satellite radio beacon positioning system transmitting time-stamped messages, e.g. GPS [Global Positioning System], GLONASS [Global Orbiting Navigation Satellite System] or GALILEO
- G01S19/42—Determining position
- G01S19/421—Determining position by combining or switching between position solutions or signals derived from different satellite radio beacon positioning systems; by combining or switching between position solutions or signals derived from different modes of operation in a single system
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/02—Services making use of location information
Landscapes
- Engineering & Computer Science (AREA)
- Radar, Positioning & Navigation (AREA)
- Remote Sensing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Transfer Between Computers (AREA)
- Storage Device Security (AREA)
- Computer And Data Communications (AREA)
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US13/252,931 US8943571B2 (en) | 2011-10-04 | 2011-10-04 | Method and apparatus for protecting a single sign-on domain from credential leakage |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| TW201334482A true TW201334482A (zh) | 2013-08-16 |
Family
ID=47993958
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| TW101136700A TW201334482A (zh) | 2011-10-04 | 2012-10-04 | 用於保護單點登錄域免於身份碼洩露的方法和裝置 |
Country Status (8)
| Country | Link |
|---|---|
| US (1) | US8943571B2 (OSRAM) |
| EP (1) | EP2764673B1 (OSRAM) |
| JP (1) | JP5791814B2 (OSRAM) |
| KR (1) | KR101579801B1 (OSRAM) |
| CN (1) | CN103843300B (OSRAM) |
| IN (1) | IN2014CN02076A (OSRAM) |
| TW (1) | TW201334482A (OSRAM) |
| WO (1) | WO2013052693A1 (OSRAM) |
Families Citing this family (27)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2013177687A1 (en) * | 2012-05-31 | 2013-12-05 | Netsweeper Inc. | Policy service authorization and authentication |
| US8977560B2 (en) * | 2012-08-08 | 2015-03-10 | Ebay Inc. | Cross-browser, cross-machine recoverable user identifiers |
| US9419963B2 (en) * | 2013-07-02 | 2016-08-16 | Open Text S.A. | System and method for controlling access |
| US9521146B2 (en) | 2013-08-21 | 2016-12-13 | Microsoft Technology Licensing, Llc | Proof of possession for web browser cookie based security tokens |
| US9106642B1 (en) * | 2013-09-11 | 2015-08-11 | Amazon Technologies, Inc. | Synchronizing authentication sessions between applications |
| US20150244704A1 (en) * | 2014-02-27 | 2015-08-27 | Netapp, Inc. | Techniques to authenticate user requests involving multiple applications |
| US9454773B2 (en) | 2014-08-12 | 2016-09-27 | Danal Inc. | Aggregator system having a platform for engaging mobile device users |
| US9461983B2 (en) * | 2014-08-12 | 2016-10-04 | Danal Inc. | Multi-dimensional framework for defining criteria that indicate when authentication should be revoked |
| US10154082B2 (en) | 2014-08-12 | 2018-12-11 | Danal Inc. | Providing customer information obtained from a carrier system to a client device |
| EP3183655B1 (en) | 2014-08-21 | 2019-02-20 | Veeam Software Ag | User authorization for file level restoration from image level backups |
| KR102309744B1 (ko) * | 2014-11-21 | 2021-10-07 | 삼성전자 주식회사 | 세션 기반 웹 서비스를 제공하는 방법 및 장치 |
| CN104410650A (zh) * | 2014-12-24 | 2015-03-11 | 四川金网通电子科技有限公司 | 基于Session和Cookie验证用户的方法 |
| US20160241536A1 (en) * | 2015-02-13 | 2016-08-18 | Wepay, Inc. | System and methods for user authentication across multiple domains |
| US10243957B1 (en) * | 2015-08-27 | 2019-03-26 | Amazon Technologies, Inc. | Preventing leakage of cookie data |
| JP6719875B2 (ja) * | 2015-09-01 | 2020-07-08 | キヤノン株式会社 | 認証サーバ、認証方法およびプログラム |
| EP3362935B1 (en) | 2015-10-12 | 2020-01-15 | Telefonaktiebolaget LM Ericsson (PUBL) | Methods to authorizing secondary user devices for network services and related user devices and back-end systems |
| US10348712B2 (en) * | 2016-02-26 | 2019-07-09 | Ricoh Company, Ltd. | Apparatus, authentication system, and authentication method |
| US10715513B2 (en) * | 2017-06-30 | 2020-07-14 | Microsoft Technology Licensing, Llc | Single sign-on mechanism on a rich client |
| US11196733B2 (en) * | 2018-02-08 | 2021-12-07 | Dell Products L.P. | System and method for group of groups single sign-on demarcation based on first user login |
| US11212101B2 (en) * | 2018-10-09 | 2021-12-28 | Ca, Inc. | Token exchange with client generated token |
| CN111404921B (zh) * | 2020-03-12 | 2022-05-17 | 广州市百果园信息技术有限公司 | 网页应用访问方法、装置、设备、系统及存储介质 |
| WO2021232347A1 (en) * | 2020-05-21 | 2021-11-25 | Citrix Systems, Inc. | Cross device single sign-on |
| US11076002B1 (en) * | 2020-06-22 | 2021-07-27 | Amazon Technologies, Inc. | Application streaming with specialized subdomains |
| KR102582904B1 (ko) * | 2021-01-05 | 2023-09-27 | 고승곤 | 블록체인 기반 선불형 콘텐츠 과금 서비스 방법 및 시스템 |
| CN113190828B (zh) * | 2021-05-25 | 2024-11-08 | 网宿科技股份有限公司 | 一种请求代理方法、客户端设备及代理服务设备 |
| KR20230012874A (ko) * | 2021-07-16 | 2023-01-26 | (주)모니터랩 | 보안 장치에서 쿠키를 활용한 사용자 인증 방법 |
| GB2619518A (en) * | 2022-06-07 | 2023-12-13 | Id Ward Ltd | Privacy-preserving cross-domain user tracking |
Family Cites Families (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6226752B1 (en) * | 1999-05-11 | 2001-05-01 | Sun Microsystems, Inc. | Method and apparatus for authenticating users |
| US7188181B1 (en) * | 1999-06-30 | 2007-03-06 | Sun Microsystems, Inc. | Universal session sharing |
| US7174383B1 (en) | 2001-08-31 | 2007-02-06 | Oracle International Corp. | Method and apparatus to facilitate single sign-on services in a hosting environment |
| US7221935B2 (en) | 2002-02-28 | 2007-05-22 | Telefonaktiebolaget Lm Ericsson (Publ) | System, method and apparatus for federated single sign-on services |
| JP4303130B2 (ja) * | 2002-02-28 | 2009-07-29 | テレフオンアクチーボラゲット エル エム エリクソン(パブル) | シングルサインオンサービスのためのシステム、方法、および装置 |
| US7237118B2 (en) * | 2002-12-05 | 2007-06-26 | Microsoft Corporation | Methods and systems for authentication of a user for sub-locations of a network location |
| US7496953B2 (en) * | 2003-04-29 | 2009-02-24 | International Business Machines Corporation | Single sign-on method for web-based applications |
| KR101079238B1 (ko) * | 2003-08-11 | 2011-11-03 | 소니 주식회사 | 인증 방법, 인증 시스템 및 인증 서버 |
| US7503031B2 (en) * | 2004-02-19 | 2009-03-10 | International Business Machines Corporation | Method of transforming an application into an on-demand service |
| US20060085345A1 (en) * | 2004-10-19 | 2006-04-20 | Khandelwal Rajesh B | Right to receive data |
| US20070169165A1 (en) | 2005-12-22 | 2007-07-19 | Crull Robert W | Social network-enabled interactive media player |
| JP2008181427A (ja) | 2007-01-25 | 2008-08-07 | Fuji Xerox Co Ltd | シングルサインオンシステム、情報端末装置、シングルサインオンサーバ、プログラム |
| US20090259851A1 (en) | 2008-04-10 | 2009-10-15 | Igor Faynberg | Methods and Apparatus for Authentication and Identity Management Using a Public Key Infrastructure (PKI) in an IP-Based Telephony Environment |
| WO2011128183A2 (en) * | 2010-04-13 | 2011-10-20 | Telefonaktiebolaget L M Ericsson (Publ) | Method and apparatus for interworking with single sign-on authentication architecture |
-
2011
- 2011-10-04 US US13/252,931 patent/US8943571B2/en active Active
-
2012
- 2012-10-04 WO PCT/US2012/058789 patent/WO2013052693A1/en not_active Ceased
- 2012-10-04 KR KR1020147012094A patent/KR101579801B1/ko not_active Expired - Fee Related
- 2012-10-04 EP EP12778872.7A patent/EP2764673B1/en not_active Not-in-force
- 2012-10-04 JP JP2014534730A patent/JP5791814B2/ja not_active Expired - Fee Related
- 2012-10-04 CN CN201280048720.4A patent/CN103843300B/zh active Active
- 2012-10-04 IN IN2076CHN2014 patent/IN2014CN02076A/en unknown
- 2012-10-04 TW TW101136700A patent/TW201334482A/zh unknown
Also Published As
| Publication number | Publication date |
|---|---|
| JP5791814B2 (ja) | 2015-10-07 |
| KR20140084126A (ko) | 2014-07-04 |
| US8943571B2 (en) | 2015-01-27 |
| KR101579801B1 (ko) | 2015-12-24 |
| CN103843300A (zh) | 2014-06-04 |
| CN103843300B (zh) | 2017-05-24 |
| EP2764673B1 (en) | 2018-03-07 |
| US20130086656A1 (en) | 2013-04-04 |
| IN2014CN02076A (OSRAM) | 2015-05-29 |
| WO2013052693A1 (en) | 2013-04-11 |
| EP2764673A1 (en) | 2014-08-13 |
| JP2014529156A (ja) | 2014-10-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| TW201334482A (zh) | 用於保護單點登錄域免於身份碼洩露的方法和裝置 | |
| US20220182245A1 (en) | Systems and methods for preserving privacy of a registrant in a domain name system ("dns") | |
| Lodderstedt et al. | OAuth 2.0 threat model and security considerations | |
| JP6851970B2 (ja) | 期待値を有するデータセキュリティ処理 | |
| CA2708059C (en) | System and method for dynamic, multi-attribute authentication | |
| US10225260B2 (en) | Enhanced authentication security | |
| US12341891B2 (en) | Anonymous authentication with token redemption | |
| US20180212956A1 (en) | Anonymous token authentication | |
| JP2019165492A (ja) | 長期デジタル証明書の検証に基づく短期デジタル証明書の発行 | |
| CN114586315A (zh) | 去中心化的数据认证 | |
| Chadwick et al. | Attribute aggregation in federated identity management | |
| JP2018504806A5 (OSRAM) | ||
| Li et al. | Mitigating csrf attacks on oauth 2.0 systems | |
| Hasan et al. | Please permit me: Stateless delegated authorization in mashups | |
| Binu et al. | A mobile based remote user authentication scheme without verifier table for cloud based services | |
| CN114398620A (zh) | 单点登录方法、系统、电子设备及可读介质 | |
| Noor | FIDO: Fast IDentity Online. | |
| Anantula et al. | Authenticating users with multiple levels of validations in a secure Cloud Computing Environment | |
| Li et al. | ORCID: 0000-0001-8037-1685 (2018). Mitigating CSRF attacks on OAuth 2.0 Systems | |
| Sumitra et al. | Safe Cloud: Secure and Usable Authentication Framework for Cloud Environment | |
| Hahn | Security, Privacy and Cloud Computing | |
| McGloin et al. | RFC 6819: OAuth 2.0 Threat Model and Security Considerations |