首页>
外国专利>
CRYPTOGRAPHIC BINDING OF AUTHENTICATION SCHEMES
CRYPTOGRAPHIC BINDING OF AUTHENTICATION SCHEMES
展开▼
机译:认证方案的密码学绑定
展开▼
页面导航
摘要
著录项
相似文献
摘要
Methods and apparatus cryptographically bind authentication schemes to verify that a secure authentication sequence was executed for access to sensitive applications/resources. Users execute two login sequences with a strong authentication framework. Upon completion of the first, the framework generates an unencrypted token from underlying data, later hashed into an authentication token. With a private key corresponding to the first sequence, the authentication token is encrypted and passed to the second sequence where it is encrypted again with a private key corresponding to the second sequence. Upon access attempts to the sensitive applications/resources, verification of execution of the two login sequences includes recovering the authentication token from its twice encrypted form and comparing it to a comparison token independently generated by the application/resource via the underlying data. An audit log associated with the application/resource stores the data, the recovered authentication token, etc., for purposes of later non-repudiation.
展开▼