公开(公告)号：US20240250812A1

公开(公告)日：2024-07-25

申请号：US18156993

申请日：2023-01-19

Applicant: Cisco Technology, Inc.

Inventor： Shayne Miel ,  Brian Lindauer ,  Glenn J. Stempeck ,  David William Matteson ,  Ian Edward Beals ,  Josh Matz ,  Edgar Calderon ,  Laura Cole

IPC: H04L9/08 ,  H04L9/32

CPC classification number: H04L9/0863 ,  H04L9/3234

Abstract: The present disclosure provides protection to communications after establishing a secured connection to a secured website or application. An authentication service, after establishing a secured session, can calculate a trust score for a user. Based on the trust score, the security agent can encrypt access tokens used to authenticate a secure connection. The system can interrupt the secure connection based on the trust score of the user or the user device. The interruption takes place by ignoring requests to decrypt the access token. Without the decrypted access token, the browser is unable to authenticate the session, preventing further communications. After the user improves the security posture of the device or user, the security agent can recalculate the trust score. When the trust score is above a threshold, the security agent can being decrypting the access token, thereby authenticating communications from the browser.

公开(公告)号：US20240297887A1

公开(公告)日：2024-09-05

申请号：US18177502

申请日：2023-03-02

Applicant: Cisco Technology, Inc.

Inventor： Shayne Miel ,  Josh Matz ,  Nancy Cam-Winget ,  Joshua Terry ,  Brian Lindauer ,  David William Matteson ,  Jen Bammel ,  Courtney Irwin

IPC: H04L9/40

CPC classification number: H04L63/108 ,  H04L63/0876 ,  H04L63/105

Abstract: The present technology provides for receiving communications at an authentication service, and the communication is indicative of a change in a security posture of an authenticated session between a user device and a secure service. The authentication service can then determine that the change in the security posture of the authenticated session impacts the trust level associated with the user device and causes the trust level to fall below the threshold. The authentication service can then send an enforcement signal to a security agent on a network device that provides remedial actions that a user can undertake to improve the security posture of the authenticated session.