CPC H04L 63/1466 (2013.01) [H04L 9/0643 (2013.01); H04L 63/1416 (2013.01); H04L 63/1425 (2013.01)] | 10 Claims |
1. A system for detecting and mitigating forged authentication attacks within a domain, comprising:
a computing system comprising a memory and a processor;
a policy manager subsystem comprising a plurality of programming instructions stored in the memory which, when operating on the processor, causes the computing system to:
receive and store a plurality of first authentication objects known to be generated by an identity provider associated with an authentication domain;
calculate and store an authentication object identifier for each first authentication object;
receive a request for access to a network resource associated with the authentication domain accompanied by a second authentication object;
calculate an authentication object identifier of the second authentication object;
compare the authentication object identifier of the second authentication object with the stored authentication object identifiers of the first authentication objects to determine whether the authentication object identifier of the second authentication object matches a stored first authentication object;
where the authentication object identifier of the second authentication object does not match a stored first authentication object, generate a notification that the identity provider may be compromised.
|