The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Sep. 14, 2021
Filed:
Feb. 08, 2019
Microsoft Technology Licensing, Llc, Redmond, WA (US);
Douglas Brent Schmaltz, Redmond, WA (US);
Maria Furman, Redmond, WA (US);
Jean-Marc Prieur, Ollioules, FR;
Amit Kumar, Redmond, WA (US);
Yordan I. Rouskov, Seattle, WA (US);
Sriram Dhanasekaran, Kirkland, WA (US);
MICROSOFT TECHNOLOGY LICENSING, LLC, Redmond, WA (US);
Abstract
Methods for hardening security between web services using protected forwarded access tokens are implemented via systems and devices. User applications receive user tokens with user information from an identity provider and provide the user tokens to first services with data requests. Each first service extracts and transforms a portion of a user token to validate a user token signature, and determines a target service for the data request. The first services acquire actor tokens from the identity provider that uniquely identify the first services using public keys, and then generate authentication tokens, signed with corresponding private keys, that encapsulate the actor tokens and the transformed user tokens. The signed authentication tokens are provided to target services which validate the authentication tokens as well as the encapsulated tokens and their respective signatures. Upon validation, requested data is retrieved and provided back for the user applications from the target services.