Securing authorization tokens using client instance specific secrets
AB Bahety, N Pesic, M Potta - US Patent 10,972,273, 2021 - Google Patents
(57) ABSTRACT A system, method, and computer program product are provided for
securing authorization tokens using client instance specific secrets. Tokens are valid for
service requests only if time constraints and additional security constraints are met by
additional information stored in the token in hashed form. A required comparison of a
timestamp in a client service request header to the current server time limits the useful token
life, eg, to a few minutes. The service request header also includes data generated based on …
securing authorization tokens using client instance specific secrets. Tokens are valid for
service requests only if time constraints and additional security constraints are met by
additional information stored in the token in hashed form. A required comparison of a
timestamp in a client service request header to the current server time limits the useful token
life, eg, to a few minutes. The service request header also includes data generated based on …
以上显示的是最相近的搜索结果。 查看全部搜索结果