Some content of this application is unavailable at the moment.
If this situation persist, please contact us atFeedback&Contact
1. (WO2019043539) AUTOMATIC UPGRADE FROM ONE STEP AUTHENTICATION TO TWO STEP AUTHENTICATION VIA APPLICATION PROGRAMMING INTERFACE
Latest bibliographic data on file with the International Bureau    Submit observation

Pub. No.: WO/2019/043539 International Application No.: PCT/IB2018/056437
Publication Date: 07.03.2019 International Filing Date: 24.08.2018
IPC:
H04L 29/06 (2006.01) ,G06F 21/32 (2013.01)
H ELECTRICITY
04
ELECTRIC COMMUNICATION TECHNIQUE
L
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29
Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
02
Communication control; Communication processing
06
characterised by a protocol
G PHYSICS
06
COMPUTING; CALCULATING; COUNTING
F
ELECTRIC DIGITAL DATA PROCESSING
21
Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
30
Authentication, i.e. establishing the identity or authorisation of security principals
31
User authentication
32
using biometric data, e.g. fingerprints, iris scans or voiceprints
Applicants:
INTERNATIONAL BUSINESS MACHINES CORPORATION [US/US]; New Orchard Road Armonk, New York 10504, US
IBM UNITED KINGDOM LIMITED [GB/GB]; PO Box 41, North Harbour Portsmouth Hampshire PO6 3AU, GB (MG)
IBM (CHINA) INVESTMENT COMPANY LIMITED [CN/CN]; 25/F, Pangu Plaza No.27, Central North 4th Ring Road, Chaoyang District, Beijing 100101, CN (MG)
Inventors:
BROCIOUS, Larry, Allen; US
HOWLAND, Michael, James; US
ROGERS, Paul, Edward; US
Agent:
GRAHAM, Timothy; GB
Priority Data:
15/689,07329.08.2017US
15/813,71215.11.2017US
Title (EN) AUTOMATIC UPGRADE FROM ONE STEP AUTHENTICATION TO TWO STEP AUTHENTICATION VIA APPLICATION PROGRAMMING INTERFACE
(FR) MISE À NIVEAU AUTOMATIQUE D'UNE AUTHENTIFICATION À UNE ÉTAPE À UNE AUTHENTIFICATION EN DEUX ÉTAPES PAR L'INTERMÉDIAIRE D'UNE INTERFACE DE PROGRAMMATION D'APPLICATION
Abstract:
(EN) A client transmits a user identifier and a password to a server via an application programming interface (API). The client establishes an authenticated session with the server in which the client has a first set of permissions for Operations associated with the API, The client receives, responsive to a verification of the user identifier and password by the server, a logon response and a shared secret. The client generates a one time passcode (OTP) based upon the shared: secret. The client sends the OTP to the server via the API. Responsive to the server.Validating the OTP against the shared secret, the: server grants a second set of permissions for operations associated with the API.
(FR) Un client transmet un identifiant d'utilisateur et un mot de passe à un serveur par l'intermédiaire d'une interface de programmation d'application (API). Le client établit une session authentifiée avec le serveur dans laquelle le client dispose d'un premier ensemble de permissions pour des opérations associées à l'API, le client reçoit, en réponse à une vérification de l'identifiant d'utilisateur et du mot de passe par le serveur, une réponse d'ouverture de session et un secret partagé. Le client génère un mot de passe à usage unique (OTP) sur la base du secret partagé. Le client envoie l'OTP au serveur par l'intermédiaire de l'API. En réponse au serveur. Validation de l'OTP en le comparant au secret partagé, le serveur accorde un second ensemble de permissions pour des opérations associées à l'API.
front page image
Designated States: AE, AG, AL, AM, AO, AT, AU, AZ, BA, BB, BG, BH, BN, BR, BW, BY, BZ, CA, CH, CL, CN, CO, CR, CU, CZ, DE, DJ, DK, DM, DO, DZ, EC, EE, EG, ES, FI, GB, GD, GE, GH, GM, GT, HN, HR, HU, ID, IL, IN, IR, IS, JO, JP, KE, KG, KH, KN, KP, KR, KW, KZ, LA, LC, LK, LR, LS, LU, LY, MA, MD, ME, MG, MK, MN, MW, MX, MY, MZ, NA, NG, NI, NO, NZ, OM, PA, PE, PG, PH, PL, PT, QA, RO, RS, RU, RW, SA, SC, SD, SE, SG, SK, SL, SM, ST, SV, SY, TH, TJ, TM, TN, TR, TT, TZ, UA, UG, US, UZ, VC, VN, ZA, ZM, ZW
African Regional Intellectual Property Organization (ARIPO) (BW, GH, GM, KE, LR, LS, MW, MZ, NA, RW, SD, SL, ST, SZ, TZ, UG, ZM, ZW)
Eurasian Patent Office (AM, AZ, BY, KG, KZ, RU, TJ, TM)
European Patent Office (EPO) (AL, AT, BE, BG, CH, CY, CZ, DE, DK, EE, ES, FI, FR, GB, GR, HR, HU, IE, IS, IT, LT, LU, LV, MC, MK, MT, NL, NO, PL, PT, RO, RS, SE, SI, SK, SM, TR)
African Intellectual Property Organization (BF, BJ, CF, CG, CI, CM, GA, GN, GQ, GW, KM, ML, MR, NE, SN, TD, TG)
Publication Language: English (EN)
Filing Language: English (EN)