Apparatus, system and method employing a wireless user-device

US 10,616,198 B2
Filed: 08/19/2016
Issued: 04/07/2020
Est. Priority Date: 09/17/2010
Status: Active Grant

First Claim

Patent Images

1. An authentication system for controlling access to resources on at least one computer, the authentication system comprising:

a protected computer having associated computer resources, the protected computer including a wireless signal receiver for receiving a wireless signal,a portable device configured to communicate with the protected computer, the portable device including;

a processor configured to provide a user interface configured to receive and to authenticate an identity of a user based on at least secret information known to the user of the portable device;

the processor further configured to generate a first unique value following a successful authentication, by the portable device, of the user; and

a wireless transceiver coupled to the processor and configured to transmit the wireless signal including the first unique value; and

a secure registry component, connected to the protected computer, the secure registry component configured to receive the first unique value and successfully authenticate the user of the portable device where the first unique value is matched to the user by the secure registry component,wherein the secure registry component is further configured to permit access to the user of the portable device to operate the protected computer to access the associated computer resources based on the successful authentication of the user, and is further configured to maintain access to the user of the portable device to operate the protected computer to access the associated computer resources so long as;

the portable device is determined, by the protected computer, to be within a minimum wireless signal proximity of the wireless signal receiver of the protected computer, andthe secure registry component periodically receives at least one second unique value that maintains authentication of the portable device to the secure registry component, the at least one second unique value being different than the first unique value.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the invention generally relate to apparatus, systems and methods for authenticating an entity for computer and/or network security and for selectively granting access privileges and providing other services in response to such authentications.

216 Citations

25 Claims

1. An authentication system for controlling access to resources on at least one computer, the authentication system comprising:
- a protected computer having associated computer resources, the protected computer including a wireless signal receiver for receiving a wireless signal,a portable device configured to communicate with the protected computer, the portable device including;
  
  a processor configured to provide a user interface configured to receive and to authenticate an identity of a user based on at least secret information known to the user of the portable device;
  
  the processor further configured to generate a first unique value following a successful authentication, by the portable device, of the user; and
  
  a wireless transceiver coupled to the processor and configured to transmit the wireless signal including the first unique value; and
  
  a secure registry component, connected to the protected computer, the secure registry component configured to receive the first unique value and successfully authenticate the user of the portable device where the first unique value is matched to the user by the secure registry component,wherein the secure registry component is further configured to permit access to the user of the portable device to operate the protected computer to access the associated computer resources based on the successful authentication of the user, and is further configured to maintain access to the user of the portable device to operate the protected computer to access the associated computer resources so long as;
  
  the portable device is determined, by the protected computer, to be within a minimum wireless signal proximity of the wireless signal receiver of the protected computer, andthe secure registry component periodically receives at least one second unique value that maintains authentication of the portable device to the secure registry component, the at least one second unique value being different than the first unique value.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The system of claim 1 wherein the portable device is configured to periodically re-send a unique code to the protected computer.
  - 3. The system of claim 1, wherein the wireless signal comprises a radio frequency transmission.
  - 4. The system of claim 3, wherein the radio frequency transmission includes at least one of a low-energy signal transmitted according to a wireless technology standard, and a radio frequency identification signal.
  - 5. The system of claim 1, wherein the protected computer triggers a re-authentication request of the portable device that is transmitted to the portable device by the wireless signal.
  - 6. The system of claim 5, wherein the protected computer is further configured to periodically re-authenticate the portable device.
  - 7. The system of claim 6, wherein the protected computer generates a time signal, and wherein the protected computer periodically re-authenticates the portable device based on a periodic or random time.
  - 8. The system of claim 5, wherein the protected computer is configured to trigger re-authentication responsive to one or more events executed on the protected computer.
  - 9. The system of claim 8, wherein the one or more events include any one or more of:
    - a request to copy files or data, request to print, request to access sensitive designated information, request to access sensitive files, request to display sensitive information, request to alter stored data, request to alter viewed data, or any sensitive protected action, or request to use privilege, exceeding a threshold number of requests or activities, exceeding a fixed or random time period.
  - 10. The system of claim 1, wherein the protected computer and the portable device are configured to execute a handshake protocol to re-authenticate the portable device responsive to determining that the portable device is within the minimum wireless signal proximity subsequent to being outside of the minimum wireless signal proximity for a threshold period of time.
  - 11. The system of claim 10, wherein the portable device and the protected computer execute the handshake protocol by the protected computer sending a pseudo random code to the portable device that authenticates the pseudo random code, by the portable device sending a next pseudo random code to the protected computer that the protected computer authenticates, and by the protected computer communicating a subsequent pseudo random code to the portable device.
  - 12. The system of claim 1, wherein the protected computer and the portable device are configured to execute a challenge/response protocol to re-authenticate the portable device to the protected computer.
  - 13. The system of claim 1, wherein a signal strength of the transmitted wireless signal is used to determine whether the portable device is within the minimum wireless signal proximity of the wireless signal receiver of the protected computer.
  - 14. The system of claim 1, wherein each of the first unique value and the at least one second unique value is a time- or event-varying Pseudo Random Code.

15. An authentication system for controlling access to resources on at least one computer, the authentication system comprising:
- a protected computer having associated computer resources, the protected computer including a wireless signal receiver for receiving a wireless signal;
  
  a portable device configured to communicate with the protected computer, the portable device including;
  
  a processor configured to provide a user interface programmed to authenticate a user to the portable device based on at least secret information known to the user of the portable device;
  
  the processor programmed to generate a first unique value following a successful authentication of the user to the portable device; and
  
  a wireless transceiver coupled to the processor and configured to transmit a wireless signal including the first unique value; and
  
  a secure registry component, executing at least in part on the protected computer including a communication interface, the secure registry component configured to receive the first unique value and successfully authenticate the user of the portable device to the protected computer where the first unique value is matched to the user by the secure registry component, and further configured to pass the successful authentication to the protected computer;
  
  wherein the user of the portable device is permitted to operate the protected computer to access the associated computer resources based on the successful authentication of the user, and is permitted to continue operating the protected computer so long as;
  
  the portable device is determined, by the protected computer, to be within a minimum wireless signal proximity of the wireless signal receiver of the protected computer, andthe secure registry component periodically receives at least one second unique value that maintains authentication of the portable device to the secure registry component, the at least one second unique value being different than the first unique value.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 16. The system of claim 15, wherein the portable device is configured to periodically re-send a unique code to the protected computer.
  - 17. The system of claim 15, wherein the protected computer sends a re-authentication request to the portable device by the wireless signal.
  - 18. The system of claim 17, wherein the protected computer is configured to periodically request re-authentication of the portable device.
  - 19. The system of claim 17, wherein the protected computer is configured to request re-authentication responsive to one or more events executed on the protected computer.
  - 20. The system of claim 19, wherein the one or more events include any one or more of:
    - a request to copy files or data, request to print, request to access sensitive designated information, request to access sensitive files, request to display sensitive information, request to alter stored data, request to alter viewed data, or any sensitive protected action, or request to use privilege, exceeding a threshold number of requests or activities, exceeding a fixed or random time period.
  - 21. The system claim 15, wherein the protected computer and the portable device are configured to execute a handshake protocol to re-authenticate the portable device responsive to determining that the portable device is within the minimum wireless signal proximity subsequent to being outside of the minimum wireless signal proximity for a threshold period of time.
  - 22. The system of claim 21, wherein the portable device and the protected computer execute the handshake protocol by the protected computer sending a pseudo random code to the portable device that authenticates the pseudo random code, by the portable device sending a next pseudo random code to the protected computer that the protected computer authenticates, and by the protected computer communicating a subsequent pseudo random code to the portable device.
  - 23. The system of claim 15, wherein the protected computer and the portable device are configured to execute a challenge/response protocol to re-authenticate the portable device to the protected computer.
  - 24. The system of claim 15, wherein a signal strength of the transmitted wireless signal is used to determine whether the portable device is within a minimum wireless signal proximity of the wireless signal receiver of the protected computer to remain unlocked.
  - 25. The system of claim 15, wherein the unique value is a time- or event-varying Pseudo Random Code.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Universal Secure Registry LLC
Original Assignee
Universal Secure Registry LLC
Inventors
Weiss, Kenneth P.
Primary Examiner(s)
Hirl, Joseph P
Assistant Examiner(s)
Beheshti Shirazi, Sayed Aresh

Application Number

US15/241,869
Publication Number

US 20160359850A1
Time in Patent Office

1,327 Days
Field of Search
US Class Current
CPC Class Codes

G06Q 20/3224   Transactions dependent on l...

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/40145   Biometric identity checks

H04L 63/08   for authentication of entit...

H04L 63/0846   using time-dependent-passwo...

H04L 63/0853   using an additional device,...

H04L 63/107   wherein the security polici...

H04W 12/068   using credential vaults, e....

Apparatus, system and method employing a wireless user-device

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

216 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus, system and method employing a wireless user-device

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

216 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links