Authentication with secondary approver

US 10,142,835 B2
Filed: 04/21/2016
Issued: 11/27/2018
Est. Priority Date: 09/29/2011
Status: Active Grant

First Claim

Patent Images

1. A system comprising:

a first device logged into a first user account and configured to request authorization to perform a restricted activity on the first device by transmitting a request signal through a network before performing the restricted activity, receive an authorizing signal through the network, and perform the restricted activity in response to receiving the authorizing signal, wherein the restricted activity includes accessing restricted content; and

a second device logged into a second user account and configured to receive the request signal from the first device through the network, display an authentication input for authenticating an authorized user associated with the second user account, display an authorization input for authorizing the restricted activity on the first device, and transmit the authorizing signal through the network if the second device is authenticated and if the first device is authorized, wherein content on the first device that is common to the first user account and the second user account is not restricted content.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques are provided for giving access to restricted content on a first device from a second device through a wireless network. In one embodiment, the first device transmits an authorization request signal to the second device or to a server in the wireless network. The second device, having received the authorization request, prompts an authorized user to give authorization to the first device by inputting an authentication key such as a password car gesture on the second device. Upon verification of the authentication key, an authorization signal may be wirelessly transmitted to the first device, permitting access to the restricted content or functions on the first device. In some embodiments, the second device may be alerted to an authorization request and may elect a request for authorization from a selectable queue of requests.

695 Citations

28 Claims

1. A system comprising:
- a first device logged into a first user account and configured to request authorization to perform a restricted activity on the first device by transmitting a request signal through a network before performing the restricted activity, receive an authorizing signal through the network, and perform the restricted activity in response to receiving the authorizing signal, wherein the restricted activity includes accessing restricted content; and
  
  a second device logged into a second user account and configured to receive the request signal from the first device through the network, display an authentication input for authenticating an authorized user associated with the second user account, display an authorization input for authorizing the restricted activity on the first device, and transmit the authorizing signal through the network if the second device is authenticated and if the first device is authorized, wherein content on the first device that is common to the first user account and the second user account is not restricted content.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system of claim 1, wherein the authorization input comprises a text input, a gesture input, or an option between the text input and the gesture input.
  - 3. The system of claim 1, wherein the first device is configured to transmit the request signal to a plurality of second devices.
  - 4. The system of claim 1, wherein the second device is configured to receive request signals from, and send authorizing signals to, a plurality of first devices.
  - 5. The system of claim 1, wherein the second device is configured to receive the authentication input to authenticate the authorized user for a session, and the second device is configured to transmit the authorizing signal to the first device when the first device is authorized without additionally authenticating the authorized user on the second device during the session.
  - 6. The system of claim 1, wherein the first user account has limited authority to access the restricted content and the second user account has full authority to access the restricted content.

7. A method comprising:
- receiving, by a device associated with a first user account, request to access content on the device; and
  
  when the content is restricted for the first user account, requesting authorization, from a second user account, to access the restricted content on the device,wherein content that is common to the first user account and the second user account is not restricted.
- View Dependent Claims (8, 9, 10)
- - 8. The method of claim 7 further comprising:
    - receiving, by the device, an authorization signal to access the restricted content.
  - 9. The method of claim 7, wherein the authorization is requested from a plurality of user accounts having full authority.
  - 10. The method of claim 7, wherein the first user account has limited authority to access the restricted content and the second user account has full authority to access the restricted content.

11. A method comprising:
- receiving, by a device, a request for authorization to access restricted content on the device by a first user account logged into the device; and
  
  determining, through a second user account logged into the device, whether to authorize the access to the restricted content on the device by the first user account.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The method of claim 11 further comprising:
    - receiving, by the device, authorization input that authorizes the access; and
      
      transmitting, by the device, an authorization signal in response to receiving the authorization input.
  - 13. The method of claim 12, wherein the authorization input comprises a text input, a gesture input, or an option between the text input and the gesture input.
  - 14. The method of claim 11 further comprising:
    - receiving, by the device, authentication input to authenticate the user account having full authority.
  - 15. The method of claim 11, wherein the first user account has limited authority to access the restricted content and the second user account has full authority to access the restricted content.

16. A non-transitory computer-readable storage medium having executable instructions to cause a processor on a device to perform operations comprising:
- receiving a request from a first user account to access content on a device; and
  
  when the content is restricted for the first user account, requesting authorization, from a second user account, to access the restricted content on the device by the first user account,wherein content that is common to the first user account and the second user account is not restricted.
- View Dependent Claims (17, 18, 19)
- - 17. The non-transitory computer-readable storage medium of claim 16, wherein the operations further comprise:
    - receiving an authorization signal to access the content that is restricted.
  - 18. The non-transitory computer-readable storage medium of claim 16, wherein the operations further comprise:
    - requesting authorization from a plurality of user accounts having full authority.
  - 19. The non-transitory computer-readable storage medium of claim 16, wherein the first user account has limited authority to access the restricted content and the second user account has full authority to access the restricted content.

20. A non-transitory computer-readable storage medium having executable instructions to cause a processor on a device to perform operations comprising:
- receiving a request for authorization to access restricted content on a device by a user account logged into the device; and
  
  determining, through a second user account logged into the device, whether to authorize the access to the restricted content on the device by the first user account,wherein content that is common to the first user account and the second user account is not restricted.
- View Dependent Claims (21, 22, 23, 24)
- - 21. The non-transitory computer-readable storage medium of claim 20, wherein the operations further comprise:
    - receiving authorization input that authorizes the access; and
      
      transmitting an authorization signal in response to receiving the authorization input.
  - 22. The non-transitory computer-readable storage medium of claim 21, wherein the authorization input comprises a text input, a gesture input, or an option between the text input and the gesture input.
  - 23. The non-transitory computer-readable storage medium of claim 20, wherein the operations further comprise:
    - receiving authentication input to authenticate the user account having full authority.
  - 24. The non-transitory computer-readable storage medium of claim 20, wherein the first user account has limited authority to access the restricted content and the second user account has full authority to access the restricted content.

25. A device comprising:
- one or more processors;
  
  a network interface coupled to the one or more processors through the bus; and
  
  a memory coupled to the one or more processors through the bus, the memory storing instructions to cause the one or more processors toreceive a request from a first user account to access content on the device; and
  
  when the content is restricted for the first user account, transmitting, through the network interface, a request for authorization from a second user account to access the restricted content on the device by the first user account,wherein content that is common to the first user account and the second user account is not restricted.
- View Dependent Claims (26)
- - 26. The device of claim 25, wherein the first user account has limited authority to access the restricted content and the second user account has full authority to access the restricted content.

27. A device comprising:
- one or more processors;
  
  a network interface coupled to the one or more processors through a bus; and
  
  a memory coupled to the one or more processors through the bus, the memory storing instructions to cause the one or more processors toreceive, through the network interface, a request for authorization to access restricted content on the device by a first user account logged into the device; and
  
  determine, through a second user account logged into the device, whether to authorize the access to the restricted content on the device by the first user account,wherein content that is common to the first user account and the second user account is not restricted.
- View Dependent Claims (28)
- - 28. The device of claim 27, wherein the first user account has limited authority to access the restricted content and the second user account has full authority to access the restricted content.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Apple Inc.
Inventors
Cotterill, Stephen Hayden
Primary Examiner(s)
Bhattacharya, Sam

Application Number

US15/134,638
Publication Number

US 20160345172A1
Time in Patent Office

950 Days
Field of Search

455406, 455410, 455411, 455415, 726 14
US Class Current
CPC Class Codes

G06F 21/35   communicating wirelessly

G06F 21/36   by graphic or iconic repres...

G06F 21/40   by quorum, i.e. whereby two...

G06Q 10/10   Office automation; Time man...

H04L 63/083   using passwords cryptograph...

H04W 12/068   using credential vaults, e....

H04W 12/069   using certificates or pre-s...

Authentication with secondary approver

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

695 Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication with secondary approver

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

695 Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links