| CPC H04L 63/102 (2013.01) [H04L 63/0807 (2013.01); H04L 63/162 (2013.01)] | 20 Claims |
|
1. A method for enhancing security of pre-authenticated links for data content using one or more hardware processors, the method comprising:
generating a pre-authenticated link activatable to gain access to data content stored by a computing system, wherein the pre-authenticated link includes a network address indicating a network location of the data content, a link credential that authenticates an access request for the data content made through activation of the pre-authenticated link; and an entity identifier that identifies an entity having permission to activate the pre-authenticated link to access the data content;
receiving a first request for the data content from a first requesting entity generated through activation of the pre-authenticated link;
receiving the link credential associated with the first request from the first requesting entity;
receiving an entity token associated with the first request, wherein the entity token indicates an authenticated identity of the first requesting entity;
granting access to the data content to the first requesting entity in response to:
verifying that the link credential associated with the first request is valid; and
verifying that the first requesting entity is authorized to access the data content by verifying that the authenticated identity specified by the entity token matches the entity identifier for the pre-authenticated link, the entity identifier specific to the pre-authenticated link and the authenticated identity;
receiving a second request for the data content from a second requesting entity generated through activation of the pre-authenticated link; and
denying access to the data content to the second requesting entity in response to a determination that the second requesting entity is not authorized to access the data content.
|