Mobile device user authentication for accessing protected network resources

What is claimed is: 1. A method, comprising: receiving, by a processor of a mobile computing device, a cryptographic nonce from a physical authentication token via a first communication interface, wherein the cryptographic nonce is based on a secret shared by the physical authentication token and an authentication server; transmitting, by the processor, via a second communication interface, an authentication request using the cryptographic nonce, to an authentication server via a Hypertext Transfer Protocol (HTTP) proxy server; receiving a single sign-on authentication token from the authentication server; transmitting, to the authentication server, a resource access token request using the single sign-on authentication token; receiving a resource access token from the authentication server; and transmitting a computing resource access request using the resource access token. 2. The method of claim 1 , further comprising: accessing, via the second communication interface, a computing resource referenced by the computing resource access request. 3. The method of claim 1 , wherein the first communication interface is provided by at least one of: a near field communication (NFC) interface, a Bluetooth interface, or an infrared interface. 4. The method of claim 1 , wherein the second communication interface is provided by a network communication interface. 5. The method of claim 1 , wherein the authentication request conforms to Kerberos protocol. 6. The method of claim 1 , wherein transmitting the authentication request is performed over a Secure Socket Layer (SSL) connection. 7. The method of claim 1 , wherein the cryptographic nonce is provided by one of: a short-lived certificate or a one-time password. 8. A mobile computing device comprising: a memory; and a processor, operatively coupled to the memory, to: receive a cryptographic nonce from a physical authentication token via a first communication interface, wherein the cryptographic nonce is based on a secret shared by the physical authentication token and an authentication server; transmit, via a second communication interface, an authentication request using the cryptographic nonce, to an authentication server via a Hypertext Transfer Protocol (HTTP) proxy server; receive a single sign-on authentication token from the authentication server; transmit, to the authentication server, a resource access token request using the single sign-on authentication token; receive a resource access token from the authentication server; and transmit a computing resource access request using the resource access token. 9. The mobile computing device of claim 8 , wherein the processor is further to: access, via the second communication interface, a computing resource referenced by the computing resource access request. 10. The mobile computing device of claim 8 , wherein the first communication interface is provided by at least one of: a near field communication (NFC) interface, a Bluetooth interface, or an infrared interface. 11. The mobile computing device of claim 8 , wherein the second communication interface is provided by a network communication interface. 12. The mobile computing device of claim 8 , wherein the authentication request conforms to Kerberos protocol. 13. The mobile computing device of claim 8 , wherein the cryptographic nonce is provided by one of: a short-lived certificate or a one-time password. 14. A computer-readable non-transitory storage medium comprising executable instructions to cause a processor to: receive, by the processor, a cryptographic nonce from a physical authentication token via a first communication interface, wherein the cryptographic nonce is based on a secret shared by the physical authentication token and an authentication server; transmit, via a second communication interface, an authentication request using the cryptographic nonce, to an authentication server via a Hypertext Transfer Protocol (HTTP) proxy server; receive a single sign-on authentication token from the authentication server; transmit, to the authentication server, a resource access token request using the single sign-on authentication token; receive a resource access token from the authentication server; and transmit a computing resource access request using the resource access token. 15. The computer-readable non-transitory storage medium of claim 14 , further comprising executable instructions to cause the processor to: access, via the second communication interface, a computing resource referenced by the computing resource access request. 16. The computer-readable non-transitory storage medium of claim 14 , wherein the first communication interface is provided by at least one of: a near field communication (NFC) interface, a Bluetooth interface, or an infrared interface. 17. The computer-readable non-transitory storage medium of claim 14 , wherein the cryptographic nonce is provided by one of: a short-lived certificate or a one-time password.