首页>
外国专利>
Protecting sensitive information in single sign-on (SSO) to the cloud
Protecting sensitive information in single sign-on (SSO) to the cloud
展开▼
机译:将单点登录(SSO)的敏感信息保护到云端
展开▼
页面导航
摘要
著录项
相似文献
摘要
A method to protect sensitive information during a single sign-on (SSO) process flow initiated from a client and directed to an authorization server configured to issue an access token upon verification of a credential. The technique leverages a first proxy that monitors a packet flow issued from the authorization server, and a second proxy that monitors a redirect packet flow issued from the client (in response to the packet flow). A message that includes the access token is modified by the first proxy to include a data string, and the modified message is delivered to the client; concurrently, the first proxy provides the data string/access token pair to the second proxy. When the client receives the modified message, it issues a response (that includes the data string) back to a resource server. As the response traverses the second proxy, it removes the data string and re-inserts the access token, and the resulting modified response is forwarded to the resource server.
展开▼