Esc

Authentication Cache Invalidation

D3-ANCI (Authentication Cache Invalidation)

Definition

Removing tokens or credentials from an authentication cache to prevent further user associated account accesses.

How it works

Applications can locally cache user authentication credentials for certain server connections. An application may attempt to use the cached credential for a connection. If the cached credentials exist then the user will not be typically prompted for new credentials.

Considerations

Are these cached credentials only on the local host? Can they be persisted to the remote server?

Examples

Windows Credential Management API

json

References

All

Patent

The following references were used to develop the Authentication Cache Invalidation knowledge-base article.

(Note: the consideration of references does not imply specific functionality exists in an offering.)

Secure caching of server credentials

Reference Type: Patent Organization: Dell Products LP Author: Muhammed K. JaberMukund P. KhatriKevin T. MarksDon Charles McCall

Source: https://patents.google.com/patent/US20100107241A1

System and method for providing an actively invalidated client-side network resource cache

Reference Type: Patent Organization: IMVU Author: Jon Watte

Source: https://patents.google.com/patent/US9578081B2/en

D3FEND^™

A knowledge graph of cybersecurity countermeasures