WO2013025586A3 - Apparatus and method for performing session validation - Google Patents

Apparatus and method for performing session validation Download PDF

Info

Publication number
WO2013025586A3
WO2013025586A3 PCT/US2012/050537 US2012050537W WO2013025586A3 WO 2013025586 A3 WO2013025586 A3 WO 2013025586A3 US 2012050537 W US2012050537 W US 2012050537W WO 2013025586 A3 WO2013025586 A3 WO 2013025586A3
Authority
WO
WIPO (PCT)
Prior art keywords
token
performing session
session validation
session
tokens includes
Prior art date
Application number
PCT/US2012/050537
Other languages
French (fr)
Other versions
WO2013025586A2 (en
Inventor
Rakesh Radhakrishnan
Original Assignee
Bank Of America Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US13/210,101 external-priority patent/US8789162B2/en
Priority claimed from US13/479,554 external-priority patent/US8572724B2/en
Priority claimed from US13/479,491 external-priority patent/US8572688B2/en
Priority claimed from US13/479,616 external-priority patent/US8584201B2/en
Priority claimed from US13/479,619 external-priority patent/US8572690B2/en
Priority claimed from US13/479,452 external-priority patent/US8850515B2/en
Priority claimed from US13/479,480 external-priority patent/US8572686B2/en
Priority claimed from US13/479,462 external-priority patent/US8726339B2/en
Priority claimed from US13/479,489 external-priority patent/US8572687B2/en
Priority claimed from US13/479,533 external-priority patent/US8752157B2/en
Priority claimed from US13/479,633 external-priority patent/US8601541B2/en
Priority claimed from US13/479,454 external-priority patent/US9159065B2/en
Application filed by Bank Of America Corporation filed Critical Bank Of America Corporation
Publication of WO2013025586A2 publication Critical patent/WO2013025586A2/en
Publication of WO2013025586A3 publication Critical patent/WO2013025586A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • G06F21/335User authentication using certificates for accessing specific resources, e.g. using Kerberos tickets
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2129Authenticate client device independently of the user

Abstract

According to one embodiment, an apparatus may receive a first token indicating that access to the resource has been requested. The apparatus may determine at least one token-based rule based at least in part upon the first token, and determine that a plurality of tokens includes a second token associated with the at least one token-based rule. The apparatus may then generate a session token based at least in part upon the first token and the second token in response to the determination that the plurality of tokens includes the second token. The apparatus may terminate the session token based on a received third token.
PCT/US2012/050537 2011-08-15 2012-08-13 Apparatus and method for performing session validation WO2013025586A2 (en)

Applications Claiming Priority (24)

Application Number Priority Date Filing Date Title
US13/210,101 2011-08-15
US13/210,101 US8789162B2 (en) 2011-08-15 2011-08-15 Method and apparatus for making token-based access decisions
US13/479,491 2012-05-24
US13/479,619 US8572690B2 (en) 2011-08-15 2012-05-24 Apparatus and method for performing session validation to access confidential resources
US13/479,452 US8850515B2 (en) 2011-08-15 2012-05-24 Method and apparatus for subject recognition session validation
US13/479,452 2012-05-24
US13/479,533 2012-05-24
US13/479,616 2012-05-24
US13/479,554 US8572724B2 (en) 2011-08-15 2012-05-24 Method and apparatus for network session validation
US13/479,462 US8726339B2 (en) 2011-08-15 2012-05-24 Method and apparatus for emergency session validation
US13/479,491 US8572688B2 (en) 2011-08-15 2012-05-24 Method and apparatus for session validation to access third party resources
US13/479,533 US8752157B2 (en) 2011-08-15 2012-05-24 Method and apparatus for third party session validation
US13/479,462 2012-05-24
US13/479,489 2012-05-24
US13/479,554 2012-05-24
US13/479,633 US8601541B2 (en) 2011-08-15 2012-05-24 Method and apparatus for session validation to access mainframe resources
US13/479,454 US9159065B2 (en) 2011-08-15 2012-05-24 Method and apparatus for object security session validation
US13/479,489 US8572687B2 (en) 2011-08-15 2012-05-24 Apparatus and method for performing session validation
US13/479,619 2012-05-24
US13/479,454 2012-05-24
US13/479,480 US8572686B2 (en) 2011-08-15 2012-05-24 Method and apparatus for object transaction session validation
US13/479,616 US8584201B2 (en) 2011-08-15 2012-05-24 Method and apparatus for session validation to access from uncontrolled devices
US13/479,633 2012-05-24
US13/479,480 2012-05-24

Publications (2)

Publication Number Publication Date
WO2013025586A2 WO2013025586A2 (en) 2013-02-21
WO2013025586A3 true WO2013025586A3 (en) 2014-05-15

Family

ID=47715655

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2012/050537 WO2013025586A2 (en) 2011-08-15 2012-08-13 Apparatus and method for performing session validation

Country Status (1)

Country Link
WO (1) WO2013025586A2 (en)

Families Citing this family (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8732814B2 (en) 2011-08-15 2014-05-20 Bank Of America Corporation Method and apparatus for token-based packet prioritization
US8789162B2 (en) 2011-08-15 2014-07-22 Bank Of America Corporation Method and apparatus for making token-based access decisions
US8601541B2 (en) 2011-08-15 2013-12-03 Bank Of America Corporation Method and apparatus for session validation to access mainframe resources
US8572688B2 (en) 2011-08-15 2013-10-29 Bank Of America Corporation Method and apparatus for session validation to access third party resources
US8752124B2 (en) 2011-08-15 2014-06-10 Bank Of America Corporation Apparatus and method for performing real-time authentication using subject token combinations
US8566918B2 (en) 2011-08-15 2013-10-22 Bank Of America Corporation Method and apparatus for token-based container chaining
US9055053B2 (en) 2011-08-15 2015-06-09 Bank Of America Corporation Method and apparatus for token-based combining of risk ratings
US8584202B2 (en) 2011-08-15 2013-11-12 Bank Of America Corporation Apparatus and method for determining environment integrity levels
US9166966B2 (en) 2011-08-15 2015-10-20 Bank Of America Corporation Apparatus and method for handling transaction tokens
US8572690B2 (en) 2011-08-15 2013-10-29 Bank Of America Corporation Apparatus and method for performing session validation to access confidential resources
US8572714B2 (en) 2011-08-15 2013-10-29 Bank Of America Corporation Apparatus and method for determining subject assurance level
US8726361B2 (en) 2011-08-15 2014-05-13 Bank Of America Corporation Method and apparatus for token-based attribute abstraction
US8726339B2 (en) 2011-08-15 2014-05-13 Bank Of America Corporation Method and apparatus for emergency session validation
US8584201B2 (en) 2011-08-15 2013-11-12 Bank Of America Corporation Method and apparatus for session validation to access from uncontrolled devices
US8752143B2 (en) 2011-08-15 2014-06-10 Bank Of America Corporation Method and apparatus for token-based reassignment of privileges
US8726341B2 (en) 2011-08-15 2014-05-13 Bank Of America Corporation Apparatus and method for determining resource trust levels
US8713672B2 (en) 2011-08-15 2014-04-29 Bank Of America Corporation Method and apparatus for token-based context caching
US8789143B2 (en) 2011-08-15 2014-07-22 Bank Of America Corporation Method and apparatus for token-based conditioning
US8539558B2 (en) 2011-08-15 2013-09-17 Bank Of America Corporation Method and apparatus for token-based token termination
US8474056B2 (en) 2011-08-15 2013-06-25 Bank Of America Corporation Method and apparatus for token-based virtual machine recycling
US9148447B2 (en) 2011-08-31 2015-09-29 Bank Of America Corporation Safe services framework
US11038886B1 (en) 2018-02-08 2021-06-15 Wells Fargo Bank, N.A. Compliance management system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030163787A1 (en) * 1999-12-24 2003-08-28 Hay Brian Robert Virtual token
US20040210771A1 (en) * 1999-08-05 2004-10-21 Sun Microsystems, Inc. Log-on service providing credential level change without loss of session continuity
US20070261054A1 (en) * 2006-05-03 2007-11-08 Bea Systems, Inc. Recovery mechanism for transactions
US20090298514A1 (en) * 2006-09-14 2009-12-03 Shah Ullah Real world behavior measurement using identifiers specific to mobile devices

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040210771A1 (en) * 1999-08-05 2004-10-21 Sun Microsystems, Inc. Log-on service providing credential level change without loss of session continuity
US20030163787A1 (en) * 1999-12-24 2003-08-28 Hay Brian Robert Virtual token
US20070261054A1 (en) * 2006-05-03 2007-11-08 Bea Systems, Inc. Recovery mechanism for transactions
US20090298514A1 (en) * 2006-09-14 2009-12-03 Shah Ullah Real world behavior measurement using identifiers specific to mobile devices

Also Published As

Publication number Publication date
WO2013025586A2 (en) 2013-02-21

Similar Documents

Publication Publication Date Title
WO2013025586A3 (en) Apparatus and method for performing session validation
WO2013025453A3 (en) Method and apparatus for token-based re-authentication
EP3667593A4 (en) Virtual token-based settlement providing system, virtual token generation apparatus, virtual token verification server, virtual token-based settlement providing method, and virtual token-based settlement providing program
PH12016501640A1 (en) Techniques to operate a service with machine generated authentication tokens
WO2012142045A3 (en) Multiple tokenization for authentication
WO2014204903A3 (en) Detecting co-presence in the physical world
WO2014024043A3 (en) System and method for determining graph relationships using images
WO2013101843A3 (en) Applications login using a mechanism relating sub-tokens to the quality of a master token
MY182572A (en) Method and apparatus for wireless charging
WO2013025599A3 (en) Apparatus and method for handling transaction tokens
GB201202344D0 (en) Method of locating a sensor and related apparatus
EP2983325A4 (en) Dynamic password token, and data transmission method and system for dynamic password token
WO2013003265A3 (en) Persistent key access to a resources in a collection
WO2014153462A3 (en) Advanced authentication techniques and applications
IN2012CN06919A (en)
WO2014031683A3 (en) Hierarchical based sequencing machine learning model
WO2015161042A3 (en) Interactive transations
WO2013055970A3 (en) Authenticating device users
WO2013190380A3 (en) Device context determination
EP3316544A4 (en) Token generation and authentication method, and authentication server
WO2011130288A3 (en) Method and apparatus for providing enhanced interference management at restricted access points
EP2779575A3 (en) Systems and methods for providing secure services
WO2012122217A3 (en) Method and apparatus for network access control
WO2014062756A3 (en) Person-based information aggregation
WO2013087989A3 (en) Method and apparatus for providing information collection using template-based user tasks

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12823825

Country of ref document: EP

Kind code of ref document: A2

122 Ep: pct application non-entry in european phase

Ref document number: 12823825

Country of ref document: EP

Kind code of ref document: A2