View source for 17523743. Using Device-Bound Credentials for Enhanced Security of Authentication in Native Applications simplified abstract (International Business Machines Corporation)

=Using Device-Bound Credentials for Enhanced Security of Authentication in Native Applications=


==Organization Name==

[[:Category:International Business Machines Corporation|International Business Machines Corporation]]


[[Category:International Business Machines Corporation]]

==Inventor(s)==

[[:Category:SHANE BRADLEY Weeden of PARADISE POINT (AU)|SHANE BRADLEY Weeden of PARADISE POINT (AU)]][[Category:SHANE BRADLEY Weeden of PARADISE POINT (AU)]]

[[:Category:CRAIG Pearson of ROBINA TOWN CENTRE (AU)|CRAIG Pearson of ROBINA TOWN CENTRE (AU)]][[Category:CRAIG Pearson of ROBINA TOWN CENTRE (AU)]]

[[:Category:CARSTEN Hagemann of ASHMORE (AU)|CARSTEN Hagemann of ASHMORE (AU)]][[Category:CARSTEN Hagemann of ASHMORE (AU)]]

==Using Device-Bound Credentials for Enhanced Security of Authentication in Native Applications - A simplified explanation of the abstract==


This abstract first appeared for US patent application 17523743 titled 'Using Device-Bound Credentials for Enhanced Security of Authentication in Native Applications

==Simplified Explanation==

The abstract of this patent application describes a method for granting access to computer resources to authorized native applications on a client device. Here is a simplified explanation of the abstract:

* An authorization server receives an initial authorization grant, a public key, and an attestation of authenticity from a native application on a device.
* The authorization server also receives a refresh token and a digital signature of the refresh token from the native application.
* The refresh token is only recognized if it is verified with a previously registered public key.
* The authorization server validates the digital signature of the refresh token.
* The authorization server then sends a new access token and a new refresh token to the native application, allowing it to access the computer resource.

Potential applications of this technology:

* Secure access control for native applications on client devices.
* Improved authentication and authorization processes for accessing computer resources.

Problems solved by this technology:

* Ensures that only authorized native applications can access computer resources.
* Provides a secure method for verifying the authenticity of native applications and their refresh tokens.

Benefits of this technology:

* Enhanced security and protection against unauthorized access to computer resources.
* Simplified and streamlined authentication and authorization processes for native applications.
* Improved user experience by allowing seamless access to computer resources.


==Original Abstract Submitted==

A method allows access to computer resources to authorized native applications on a client device. An authorization server receives, from a native application on a device, an initial authorization grant, a public key of a private/public key pair generated on the device, and an attestation of authenticity of the native application. The authorization server receives, from the native application on the device, a refresh token and a digital signature of the refresh token that is created with the private key. The authorization server recognizes the refresh token only if the refresh token is verified with the public key that has been previously registered. The authorization server validates the digital signature of the refresh token, and transmits a new access token and a new refresh token to the native application on the device, thus allowing the native application on the device to access the computer resource.



[[Category:H04L9/32]]
[[Category:H04L9/14]]
[[Category:G06F21/62]]
[[Category:H04L29/06]]