Authentication translation

US 10,360,351 B1
Filed: 02/12/2016
Issued: 07/23/2019
Est. Priority Date: 12/09/2011
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

one or more processors configured to;

receive, at an authentication translator at a device, an authentication input and an indication of a request, by a user of the device, to access a resource external to the device;

in response to determining, by the authentication translator at the device, a match using the received authentication input, obtain access to a record stored on the device, wherein the record is associated at least with the external resource;

retrieve, from the stored record accessed at least in part by determining, by the authentication translator at the device, the match using the received authentication input, a previously stored credential associated with the external resource, wherein the previously stored credential is different from the received authentication input, and wherein the previously stored credential retrieved from the record stored on the device comprises at least one of a cryptographic key and a cookie;

establish a connection between the device and the external resource to which the user requested access; and

facilitate a login of the user to the external resource at least in part by transmitting, on behalf of the user, from the device and via the established connection, output based at least in part on the at least one of the cryptographic key and the cookie retrieved from the record accessed at least in part by determining, by the authentication translator at the device, the matching using the received authentication input, wherein the user of the device is logged into the external resource based at least in part on the output transmitted from the device on behalf of the user; and

a memory coupled to the one or more processors and configured to provide the one or more processors with instructions.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Authentication translation is disclosed. A request to access a resource is received at an authentication translator, as is an authentication input. The authentication input corresponds to at least one stored record. The stored record is associated at least with the resource. In response to the receiving, a previously stored credential associated with the resource is accessed. The credential is provided to the resource.

17 Citations

View as Search Results

32 Claims

1. A system, comprising:
- one or more processors configured to;
  
  receive, at an authentication translator at a device, an authentication input and an indication of a request, by a user of the device, to access a resource external to the device;
  
  in response to determining, by the authentication translator at the device, a match using the received authentication input, obtain access to a record stored on the device, wherein the record is associated at least with the external resource;
  
  retrieve, from the stored record accessed at least in part by determining, by the authentication translator at the device, the match using the received authentication input, a previously stored credential associated with the external resource, wherein the previously stored credential is different from the received authentication input, and wherein the previously stored credential retrieved from the record stored on the device comprises at least one of a cryptographic key and a cookie;
  
  establish a connection between the device and the external resource to which the user requested access; and
  
  facilitate a login of the user to the external resource at least in part by transmitting, on behalf of the user, from the device and via the established connection, output based at least in part on the at least one of the cryptographic key and the cookie retrieved from the record accessed at least in part by determining, by the authentication translator at the device, the matching using the received authentication input, wherein the user of the device is logged into the external resource based at least in part on the output transmitted from the device on behalf of the user; and
  
  a memory coupled to the one or more processors and configured to provide the one or more processors with instructions.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The system of claim 1 wherein the authentication input is received in response to a user-supplied biometric input matching a template.
  - 3. The system of claim 1 wherein the device further includes a biometric input component.
  - 4. The system of claim 1 wherein the one or more processors are further configured to facilitate a session renegotiation.
  - 5. The system of claim 1 wherein the one or more processors are further configured to receive, from a remote system, an encrypted container that includes at least one template containing biometric features.
  - 6. The system of claim 1 wherein the authentication input comprises user agent information.
  - 7. The system of claim 1 wherein the one or more processors are further configured to receive a password change request from the external resource and wherein the one or more processors are configured to update the previously stored credential without user input.
  - 8. The system of claim 1 wherein access to another stored record associated with another resource is obtained using a different authentication input.
  - 9. The system of claim 1 wherein the authentication input comprises a biometric input, and wherein access to the record stored on the device including the previously stored credential associated with the external resource is obtained at least in part by determining a match using the biometric input.
  - 10. The system of claim 1 wherein the authentication translator at the device is associated with a plurality of records stored on the device, wherein the plurality of records comprise previously stored credentials associated with a plurality of external resources, and wherein the accessed record is included in the plurality of records.
  - 11. The system of claim 1 further comprising a secure storage and an insecure storage, wherein the record is stored in the insecure storage, and wherein obtaining access to the record comprises loading the record to the secure storage.
  - 12. The system of claim 11 wherein the record stored in the insecure storage is encrypted, and wherein obtaining access to the record further comprises decrypting the record loaded to the secure storage.
  - 13. The system of claim 4 wherein the established connection via which the output was transmitted is associated with a first session, and wherein facilitating the session renegotiation comprises replacing a first key associated with the first session with a second key associated with a renegotiated session.
  - 14. The system of claim 1 wherein the record stored on the device further comprises at least one of a username, a password, an account number, address information, phone information, and health care data.
  - 15. The system of claim 1 wherein the match is determined at least in part by using at least one of a password and a template, the template comprising at least one of a fingerprint feature, a voice biometric feature, a facial recognition feature, an iris detection feature, and a retina scan feature.
  - 16. The system of claim 1, wherein the one or more processors are further configured to:
    - encrypt and authenticate at least a portion of the record; and
      
      perform a backup of the encrypted and authenticated record to a remote storage entity, wherein the remote storage entity is configured to synchronize records between at least two devices associated with the user.

17. A method, comprising:
- receiving, at an authentication translator at a device, an authentication input and an indication of a request, by a user of the device, to access a resource external to the device;
  
  in response to determining, by the authentication translator at the device, a match using the received authentication input, obtaining access to a record stored on the device, wherein the record is associated at least with the external resource;
  
  retrieving, from the stored record accessed at least in part by determining, by the authentication translator at the device, the match using the received authentication input, a previously stored credential associated with the external resource, wherein the previously stored credential is different from the received authentication input, and wherein the previously stored credential retrieved from the record stored on the device comprises at least one of a cryptographic key and a cookie;
  
  establishing, using one or more processors, a connection between the device and the external resource to which the user requested access; and
  
  facilitating a login of the user to the external resource at least in part by transmitting, on behalf of the user, from the device and via the established connection, output based at least in part on the at least one of the cryptographic key and the cookie retrieved from the record accessed at least in part by determining, by the authentication translator at the device, the match using the received authentication input, wherein the user of the device is logged into the external resource based at least in part on the output transmitted from the device on behalf of the user.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
- - 18. The method of claim 17 further comprising facilitating a session renegotiation.
  - 19. The method of claim 17 further comprising receiving, from a remote system, an encrypted container that includes at least one template containing biometric features.
  - 20. The method of claim 17 further comprising receiving a password change request from the external resource and updating the previously stored credential without user input.
  - 21. The method of claim 17 wherein access to another stored record associated with another resource is obtained using a different authentication input.
  - 22. The method of claim 17 wherein the authentication input is received in response to a user-supplied biometric input matching a template.
  - 23. The method of claim 17 wherein the device further includes a biometric input component.
  - 24. The method of claim 17 wherein the authentication input comprises user agent information.
  - 25. The method of claim 17 wherein the authentication input comprises a biometric input, and wherein access to the record stored on the device including the previously stored credential associated with the external resource is obtained at least in part by determining a match using the biometric input.
  - 26. The method of claim 17 wherein the authentication translator at the device is associated with a plurality of records stored on the device, wherein the plurality of records comprise previously stored credentials associated with a plurality of external resources, and wherein the accessed record is included in the plurality of records.
  - 27. The method of claim 17 wherein the record is stored in an insecure storage, and wherein obtaining access to the record comprises loading the record to a secure storage.
  - 28. The method of claim 27 wherein the record stored in the insecure storage is encrypted, and wherein obtaining access to the record further comprises decrypting the record loaded to the secure storage.
  - 29. The method of claim 18 wherein the established connection via which the output was transmitted is associated with a first session, and wherein facilitating the session renegotiation comprises replacing a first key associated with the first session with a second key associated with a renegotiated session.
  - 30. The method of claim 17 wherein the record stored on the device further comprises at least one of a username, a password, an account number, address information, phone information, and health care data.
  - 31. The method of claim 17 wherein the match is determined at least in part by using at least one of a password and a template, the template comprising at least one of a fingerprint feature, a voice biometric feature, a facial recognition feature, an iris detection feature, and a retina scan feature.
  - 32. The method of claim 17, further comprising:
    - encrypt and authenticate at least a portion of the record; and
      
      perform a backup of the encrypted and authenticated record to a remote storage entity, wherein the remote storage entity is configured to synchronize records between at least two devices associated with the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Carbyne Biometrics, LLC (Bjorn Markus Jakobsson)
Original Assignee
RightQuestion LLC (Bjorn Markus Jakobsson)
Inventors
Jakobsson, Bjorn Markus
Primary Examiner(s)
Steinle, Andrew J

Application Number

US15/042,636
Time in Patent Office

1,257 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/121   Restricting unauthorised ex...

G06F 21/128   involving web programs, i.e...

G06F 21/31   User authentication

G06F 21/32   using biometric data, e.g. ...

G06F 21/44   Program or device authentic...

H04L 63/0281   Proxies

H04L 63/08   for authentication of entit...

H04L 63/0815   providing single-sign-on or...

H04L 63/0823   using certificates cryptogr...

H04L 63/083   using passwords cryptograph...

H04L 63/0861   using biometrical features,...

H04L 63/0869   for achieving mutual authen...

H04L 63/10   for controlling access to d...

H04L 63/20   for managing network securi...

Authentication translation

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

17 Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication translation

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

17 Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links