17523743. Using Device-Bound Credentials for Enhanced Security of Authentication in Native Applications simplified abstract (International Business Machines Corporation)

From WikiPatents
Jump to navigation Jump to search

Using Device-Bound Credentials for Enhanced Security of Authentication in Native Applications

Organization Name

International Business Machines Corporation

Inventor(s)

SHANE BRADLEY Weeden of PARADISE POINT (AU)

CRAIG Pearson of ROBINA TOWN CENTRE (AU)

CARSTEN Hagemann of ASHMORE (AU)

Using Device-Bound Credentials for Enhanced Security of Authentication in Native Applications - A simplified explanation of the abstract

This abstract first appeared for US patent application 17523743 titled 'Using Device-Bound Credentials for Enhanced Security of Authentication in Native Applications

Simplified Explanation

The abstract of this patent application describes a method for granting access to computer resources to authorized native applications on a client device. Here is a simplified explanation of the abstract:

  • An authorization server receives an initial authorization grant, a public key, and an attestation of authenticity from a native application on a device.
  • The authorization server also receives a refresh token and a digital signature of the refresh token from the native application.
  • The refresh token is only recognized if it is verified with a previously registered public key.
  • The authorization server validates the digital signature of the refresh token.
  • The authorization server then sends a new access token and a new refresh token to the native application, allowing it to access the computer resource.

Potential applications of this technology:

  • Secure access control for native applications on client devices.
  • Improved authentication and authorization processes for accessing computer resources.

Problems solved by this technology:

  • Ensures that only authorized native applications can access computer resources.
  • Provides a secure method for verifying the authenticity of native applications and their refresh tokens.

Benefits of this technology:

  • Enhanced security and protection against unauthorized access to computer resources.
  • Simplified and streamlined authentication and authorization processes for native applications.
  • Improved user experience by allowing seamless access to computer resources.


Original Abstract Submitted

A method allows access to computer resources to authorized native applications on a client device. An authorization server receives, from a native application on a device, an initial authorization grant, a public key of a private/public key pair generated on the device, and an attestation of authenticity of the native application. The authorization server receives, from the native application on the device, a refresh token and a digital signature of the refresh token that is created with the private key. The authorization server recognizes the refresh token only if the refresh token is verified with the public key that has been previously registered. The authorization server validates the digital signature of the refresh token, and transmits a new access token and a new refresh token to the native application on the device, thus allowing the native application on the device to access the computer resource.

Retrieved from "http://wikipatents.org/index.php?title=17523743._Using_Device-Bound_Credentials_for_Enhanced_Security_of_Authentication_in_Native_Applications_simplified_abstract_(International_Business_Machines_Corporation)&oldid=22352"