Wireless token device

US 10,070,313 B2
Filed: 06/05/2017
Issued: 09/04/2018
Est. Priority Date: 04/09/2012
Status: Active Grant

First Claim

Patent Images

1. At least one non-transitory, machine accessible storage medium having instructions stored thereon, wherein the instructions, when executed on a machine, cause the machine to perform a method comprising:

establishing a connection between a first computing device and a wireless token device over a short-range wireless network;

sending first authentication data from the wireless token device to the first computing device over the short-range wireless network, wherein the first authentication data is based at least in part on user identifier data;

detecting a second computing device as collocated with the wireless token device, using the short-range wireless network;

establishing a connection between the second computing device and the wireless token device over the short-range wireless network; and

sending second authentication data stored in memory of the wireless token device from the wireless token device to the second computing device over the short-range wireless network, wherein the second authentication data is based at least in part on the user identifier data, the second computing device is authenticated for use by a particular user in a particular computing session based on the second authentication data, authenticating the second computing device permits the second computing device to participate in the particular computing session and causes association with the particular user within the particular computing session to transition from the first computing device to the second computing device,the first computing device is authenticated for use in the particular computing session based on the first authentication data, authenticating the first computing device permits the first computing device to participate in the particular computing session, and authentication of the first computing device to the particular computing session is terminated.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A first computing device is detected as substantially collocated with a wireless token device, using a short-range wireless communication network, and a connection is established between the first computing device and the wireless token device over the short-range wireless network. Authentication data stored in memory of the wireless token device is sent from the wireless token device to the first computing device over the short-range wireless network. The first computing device is authenticated to a particular computing session based on the authentication data and authenticating the first computing device permits the first computing device to participate in the particular computing session.

Citations

24 Claims

1. At least one non-transitory, machine accessible storage medium having instructions stored thereon, wherein the instructions, when executed on a machine, cause the machine to perform a method comprising:
- establishing a connection between a first computing device and a wireless token device over a short-range wireless network;
  
  sending first authentication data from the wireless token device to the first computing device over the short-range wireless network, wherein the first authentication data is based at least in part on user identifier data;
  
  detecting a second computing device as collocated with the wireless token device, using the short-range wireless network;
  
  establishing a connection between the second computing device and the wireless token device over the short-range wireless network; and
  
  sending second authentication data stored in memory of the wireless token device from the wireless token device to the second computing device over the short-range wireless network, wherein the second authentication data is based at least in part on the user identifier data, the second computing device is authenticated for use by a particular user in a particular computing session based on the second authentication data, authenticating the second computing device permits the second computing device to participate in the particular computing session and causes association with the particular user within the particular computing session to transition from the first computing device to the second computing device,the first computing device is authenticated for use in the particular computing session based on the first authentication data, authenticating the first computing device permits the first computing device to participate in the particular computing session, and authentication of the first computing device to the particular computing session is terminated.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 20, 23)
- - 2. The storage medium of claim 1, wherein the particular computing session is hosted by a server remote from the first computing device and the wireless token device.
  - 3. The storage medium of claim 1, wherein the first authentication data is identical to the second authentication data.
  - 4. The storage medium of claim 1, wherein the first and second computing devices are to be, at least temporarily, concurrently authenticated to the particular computing session.
  - 5. The storage medium of claim 1, wherein at least some of the resources of the particular computing session are consumed by both the first and second computing devices and rendered on the first computing device differently than on the second computing device, and respective attributes of the first and second computing devices affect rendering of the resources of the particular computing session.
  - 6. The storage medium of claim 5, wherein attributes of the respective of the first and second computing devices are included in corresponding authentication data.
  - 7. The storage medium of claim 1, the method further comprising:
    - determining that the first computing device is no longer collocated with the wireless token device, wherein termination of the authentication of the first computing device to the particular computing session is based at least in part on the first computing device being no longer collocated with the wireless token device.
  - 8. The storage medium of claim 1, the method further comprising:
    - sending reauthentication data stored in memory of the wireless token device from the wireless token device to the first computing device over the short-range wireless network, wherein the first computing device is reauthenticated to the particular computing session based on the reauthentication data, and failure to reauthenticate to the particular computing session causes the first computing device to be removed from the particular computing session.
  - 9. The storage medium of claim 8, wherein the reauthentication data is different from the second authentication data.
  - 10. The storage medium of claim 1, wherein each of the first and second authentication data originates from the wireless token device and is forwarded by the first computing device to a server device that hosts the particular computing session.
  - 11. The storage medium of claim 10, wherein each of the first and second authentication data is encrypted using a public key paired to a private key of the server device.
  - 12. The storage medium of claim 1, wherein third authentication data is hosted on the first computing device, and receipt of the first authentication data from the wireless token device authorizes forwarding of the third authentication data to a server device that hosts the particular computing session.
  - 13. The storage medium of claim 1, wherein the wireless token device is paired to a server device that hosts the particular computing session.
  - 14. The storage medium of claim 1, wherein the particular computing session is at least one of a digital streaming media presentation, a session with a remotely hosted software application, and a session for interacting with a remotely hosted digital file associated with a user associated with the wireless token device.
  - 15. The storage medium of claim 1, wherein the second computing device is authenticated to a second computing session hosted by a second server system different from a first server system that hosts the particular computing session.
  - 16. The storage medium of claim 1, wherein the second computing session is active, at least temporarily, concurrently with the first computing session.
  - 20. The storage medium of claim 1, wherein the user identifier data comprises a globally unique user identifier of the particular user.
  - 23. The storage medium of claim 1, wherein the wireless token device is a bracelet, a ring, a mobile headset, a neck chain, a necklace, a lapel clip, a brooch, or a watch.

17. A method, comprising:
- establishing a connection between a first computing device and a wireless token device over a short-range wireless network;
  
  sending first authentication data from the wireless token device to the first computing device over the short-range wireless network, wherein the first authentication data is based at least in part on user identifier data;
  
  detecting a second computing device as collocated with a wireless token device, using the short-range wireless network;
  
  establishing a connection between the second computing device and the wireless token device over the short-range wireless network; and
  
  sending second authentication data stored in memory of the wireless token device from the wireless token device to the second computing device over the short-range wireless network, wherein the second authentication data is based at least in part on the user identifier data, the second computing device is authenticated for use by a particular user in a particular computing session based on the second authentication data, authenticating the second computing device permits the second computing device to participate in the particular computing session and causes association with the particular user within the particular computing session to transition from the first computing device to the second computing device,the first computing device is authenticated for use in the particular computing session based on the first authentication data, authenticating the first computing device permits the first computing device to participate in the particular computing session, the particular computing session persists during a transition from use of the first computing device to use of the second computing device by the particular user, and authentication of the first computing device to the particular computing session is terminated.
- View Dependent Claims (24)
- - 24. The method of claim 17, wherein the wireless token device is a bracelet, a ring, a mobile headset, a neck chain, a necklace, a lapel clip, a brooch, or a watch.

18. A wireless token apparatus comprising:
- a processor device;
  
  a memory element;
  
  a short-range wireless network adapter adapted todetect computing devices as collocated with the apparatus, using a short-range wireless network; and
  
  establish connections between a first computing device and the apparatus over the short-range wireless network; and
  
  an authentication broker adapted tosend first authentication data to the first computing device over the short-range wireless network, wherein the first authentication data is based at least in part on user identifier data;
  
  send second authentication data stored in the memory element to a second computing device over the short-range wireless network, wherein the second authentication data is based at least in part on the user identifier data, the second computing device is authenticated for use by a particular user in a particular computing session based on the second authentication data, authenticating the second computing device permits the second computing device to participate in the particular computing session and causes association with the particular user within the particular computing session to transition from the first computing device to the second computing device,the first computing device is authenticated for use in the particular computing session based on the first authentication data, authenticating the first computing device permits the first computing device to participate in the particular computing session, the particular computing session persists during a transition from use of the first computing device to use of the second computing device by the particular user, and authentication of the first computing device to the particular computing session is terminated.
- View Dependent Claims (19, 21, 22)
- - 19. The apparatus of claim 18, wherein the apparatus lacks user interfaces for user interaction with the particular computing session.
  - 21. The apparatus of claim 18, wherein the apparatus is a bracelet, a ring, a mobile headset, a neck chain, a necklace, a lapel clip, a brooch, or a watch.
  - 22. The apparatus of claim 18, wherein the user identifier data comprises a globally unique user identifier of the particular user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, LLC
Inventors
Schrecker, Sven
Primary Examiner(s)
Srivastava, Vivek
Assistant Examiner(s)
Asres, Hermon

Application Number

US15/613,967
Publication Number

US 20180091975A1
Time in Patent Office

456 Days
Field of Search

709229
US Class Current
CPC Class Codes

H04W 12/06 Authentication

H04W 12/43 using shared identity modul...

Wireless token device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Wireless token device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links