Cryptographic security functions based on anticipated changes in dynamic minutiae
First Claim
1. A system comprising:
- a non-transitory memory storing information associated with one or more identities, wherein the information stored for a first identity includes a plurality of identity validation objects comprising an attribute type, an attribute value associated with the attribute type, and information related to one or more anticipated changes for modifying the attribute value, wherein the attribute value is obtained based on user customization data generated from user activities on a first device associated with the first identity; and
one or more hardware processors in communication with the non-transitory memory and configured to execute instructions to cause the system to perform operations comprising;
receiving, from a second device not associated with the first identity, a request to use a service associated with the first identity, wherein the request comprises a message generated based on a data value from the second device corresponding to a first attribute type;
retrieving a first identity validation object that corresponds to the first identity and the first attribute type, the first identity validation object comprising a first attribute value and first information related to one or more anticipated changes for modifying the first attribute value;
generating a set of possible attribute values corresponding to the first identity and the first attribute type by applying the first information to the first attribute value;
determining whether the data value used to create the message corresponds to at least one possible attribute value from the set of possible attribute values; and
granting the second device access to use the service based on the determining.
1 Assignment
0 Petitions
Accused Products
Abstract
Dynamic key cryptography validates mobile device users to cloud services by uniquely identifying the user'"'"'s electronic device using a very wide range of hardware, firmware, and software minutiae, user secrets, and user biometric values found in or collected by the device. Processes for uniquely identifying and validating the device include: selecting a subset of minutia from a plurality of minutia types; computing a challenge from which the user device can form a response based on the selected combination of minutia; computing a set of pre-processed responses that covers a range of all actual responses possible to be received from the device if the combination of the particular device with the device'"'"'s collected actual values of minutia is valid; receiving an actual response to the challenge from the device; determining whether the actual response matches any of the pre-processed responses; and providing validation, enabling authentication, data protection, and digital signatures.
-
Citations
20 Claims
-
1. A system comprising:
-
a non-transitory memory storing information associated with one or more identities, wherein the information stored for a first identity includes a plurality of identity validation objects comprising an attribute type, an attribute value associated with the attribute type, and information related to one or more anticipated changes for modifying the attribute value, wherein the attribute value is obtained based on user customization data generated from user activities on a first device associated with the first identity; and one or more hardware processors in communication with the non-transitory memory and configured to execute instructions to cause the system to perform operations comprising; receiving, from a second device not associated with the first identity, a request to use a service associated with the first identity, wherein the request comprises a message generated based on a data value from the second device corresponding to a first attribute type; retrieving a first identity validation object that corresponds to the first identity and the first attribute type, the first identity validation object comprising a first attribute value and first information related to one or more anticipated changes for modifying the first attribute value; generating a set of possible attribute values corresponding to the first identity and the first attribute type by applying the first information to the first attribute value; determining whether the data value used to create the message corresponds to at least one possible attribute value from the set of possible attribute values; and granting the second device access to use the service based on the determining. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method comprising:
-
storing information associated with one or more identities, wherein the information stored for a first identity includes a plurality of identity validation objects comprising an attribute type, an attribute value associated with the attribute type and obtained based on user customization data generated from user activities on a first device associated with the first identity, and information related to one or more anticipated changes for modifying the attribute value; receiving, from a second device not associated with the first identity, a request to use a service associated with the first identity, wherein the request comprises a message generated based on a data value from the second device corresponding to a first attribute type; retrieving a first identity validation object that corresponds to the first identity and the first attribute type, the first identity validation object comprising a first attribute value and first information related to one or more anticipated changes for modifying the first attribute value; generating a set of anticipated attribute values corresponding to the first identity and the first attribute type by applying the first information to the first attribute value; determining whether the data value used to create the message corresponds to at least one anticipated attribute value from the set of anticipated attribute values; and granting the second device access to use the service based on the determining. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
Specification