Strong authentication via distributed stations
First Claim
Patent Images
1. A method of authentication and log-on to access a secure resource via a computer network, the method comprising the steps of:
- sending, via a computational device, an access request to a secure resource from a user via a network;
receiving, from the secure resource, a user authentication requirement involving an authentication modality, wherein the computational device does not support the authentication modality and cannot be solely utilized to satisfy the user authentication requirement;
locating, via a mobile device, a nearest authentication station supporting the authentication modality, wherein the nearest authentication station and the computational device are located at different locations;
establishing wireless communication between the mobile device and the authentication station;
obtaining, by the authentication station using the authentication modality, authentication credentials from the user, the user having traveled to the authentication station;
causing transmission of the authentication credentials to an authentication server different from the authentication station;
receiving, by the authentication station, an authentication confirmation from the authentication server and, via multiple-party communication among the mobile device, the authentication station, the computational device, and the secure resource, according access to the secure resource via the computational device.
7 Assignments
0 Petitions
Accused Products
Abstract
In various embodiments, authentication stations are distributed within a facility, particularly in spaces where mobile devices are predominantly used—e.g., a hospital'"'"'s emergency department. Each such station includes a series of authentication devices. Mobile device may run applications for locating the nearest such station and, in some embodiments, pair wirelessly with the station so that authentication thereon will accord a user access to the desired resource via a mobile device.
16 Citations
16 Claims
-
1. A method of authentication and log-on to access a secure resource via a computer network, the method comprising the steps of:
-
sending, via a computational device, an access request to a secure resource from a user via a network; receiving, from the secure resource, a user authentication requirement involving an authentication modality, wherein the computational device does not support the authentication modality and cannot be solely utilized to satisfy the user authentication requirement; locating, via a mobile device, a nearest authentication station supporting the authentication modality, wherein the nearest authentication station and the computational device are located at different locations; establishing wireless communication between the mobile device and the authentication station; obtaining, by the authentication station using the authentication modality, authentication credentials from the user, the user having traveled to the authentication station; causing transmission of the authentication credentials to an authentication server different from the authentication station; receiving, by the authentication station, an authentication confirmation from the authentication server and, via multiple-party communication among the mobile device, the authentication station, the computational device, and the secure resource, according access to the secure resource via the computational device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for facilitating authentication and log-on to access a secure resource via a computer network using an authentication modality, the system comprising:
-
a network; a plurality of authentication stations; an authentication server different from the authentication stations; a computational device configured for requesting access to a secure resource via the network but lacking the authentication modality, wherein the computational device is located at a location different from locations of the authentication stations; and a mobile device comprising a processor and a memory storing an application, the application, when executed by the processor as a running process, causing the mobile device to identify a nearest one of the authentication stations supporting the authentication modality and establish wireless communication therewith, wherein the identified authentication station is configured to (i) receive, using the authentication modality, authentication credentials from a user located at the authentication station, (ii) transmit the authentication credentials to the authentication server, and (iii) receive an authentication confirmation from the authentication server, and further wherein the mobile device, the authentication station, the computational device, and the secure resource, are configured for multiple-party communication whereby access is accorded to the secure resource via the computational device. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
Specification