Strong authentication via distributed stations
First Claim
1. A mobile device for facilitating authentication for a user to access a secure resource via a computer network using an authentication modality, wherein connected to the computer network are a plurality of authentication stations, an authentication server different from the authentication stations, and a computational device (i) configured for requesting access to the secure resource via the computer network, (ii) lacking the authentication modality, and (iii) located at a location different from locations of the authentication stations, the mobile device comprising:
- a processor; and
a memory storing an application, the application, when executed by the processor as a running process after the computational device requests access to the secure resource, causing the mobile device to;
identify a nearest one of the authentication stations supporting the authentication modality, wherein the identified authentication station is configured to (i) receive, using the authentication modality, authentication credentials from the user, (ii) transmit the authentication credentials to the authentication server, and (iii) receive an authentication confirmation from the authentication server,establish wireless communication with the identified authentication station,wirelessly receive from the identified authentication station a first token evidencing the authentication confirmation, andwirelessly transmit the first token to the computational device to thereby facilitate access by the user to the secure resource via the computational device.
3 Assignments
0 Petitions
Accused Products
Abstract
In various embodiments, authentication stations are distributed within a facility, particularly in spaces where mobile devices are predominantly used—e.g., a hospital'"'"'s emergency department. Each such station includes a series of authentication devices. Mobile device may run applications for locating the nearest such station and, in some embodiments, pair wirelessly with the station so that authentication thereon will accord a user access to the desired resource via a mobile device.
-
Citations
20 Claims
-
1. A mobile device for facilitating authentication for a user to access a secure resource via a computer network using an authentication modality, wherein connected to the computer network are a plurality of authentication stations, an authentication server different from the authentication stations, and a computational device (i) configured for requesting access to the secure resource via the computer network, (ii) lacking the authentication modality, and (iii) located at a location different from locations of the authentication stations, the mobile device comprising:
-
a processor; and a memory storing an application, the application, when executed by the processor as a running process after the computational device requests access to the secure resource, causing the mobile device to; identify a nearest one of the authentication stations supporting the authentication modality, wherein the identified authentication station is configured to (i) receive, using the authentication modality, authentication credentials from the user, (ii) transmit the authentication credentials to the authentication server, and (iii) receive an authentication confirmation from the authentication server, establish wireless communication with the identified authentication station, wirelessly receive from the identified authentication station a first token evidencing the authentication confirmation, and wirelessly transmit the first token to the computational device to thereby facilitate access by the user to the secure resource via the computational device. - View Dependent Claims (2, 3, 4)
-
-
5. A mobile device for facilitating authentication for a user to access a secure resource via a computer network using an authentication modality, wherein connected to the computer network are a plurality of authentication stations, an authentication server different from the authentication stations, and a computational device (i) configured for requesting access to the secure resource via the computer network, (ii) lacking the authentication modality, and (iii) located at a location different from locations of the authentication stations, the mobile device comprising:
-
a processor; and a memory storing an application, the application, when executed by the processor as a running process after the computational device requests access to the secure resource, causing the mobile device to; identify a nearest one of the authentication stations supporting the authentication modality, wherein the identified authentication station is configured to receive authentication credentials from the user using the authentication modality, establish wireless communication with the identified authentication station, wirelessly receive the authentication credentials from the identified authentication station after the identified authentication station receives the authentication credentials form the user, and wirelessly transmit the authentication credentials to the authentication server to thereby facilitate access by the user to the secure resource via the computational device. - View Dependent Claims (6, 7, 8, 9, 10, 11)
-
-
12. A mobile device for facilitating authentication for a user to access a secure resource, using an authentication modality, via a computer network connected a plurality of authentication stations and an authentication server different from the authentication stations, wherein the mobile device lacks the authentication modality and is configured for requesting access to the secure resource via the computer network, the mobile device comprising:
-
a processor; and a memory storing an application, the application, when executed by the processor as a running process after the user requests access to the secure resource, causing the mobile device to; identify a nearest one of the authentication stations supporting the authentication modality, wherein the identified authentication station is configured to receive authentication credentials from the user using the authentication modality, establish wireless communication with the identified authentication station, wirelessly receive the authentication credentials from the identified authentication station after the identified authentication station receives the authentication credentials form the user, wirelessly transmit the authentication credentials to the authentication server, and accord access by the user to the secure resource, via the mobile device, after acceptance of the authentication credentials by the authentication server. - View Dependent Claims (13, 14, 15, 16, 17)
-
-
18. A mobile device for facilitating authentication for a user to access a secure resource, using an authentication modality, via a computer network connected a plurality of authentication stations and an authentication server different from the authentication stations, wherein the mobile device lacks the authentication modality and is configured for requesting access to the secure resource via the computer network, the mobile device comprising:
-
a processor; and a memory storing an application, the application, when executed by the processor as a running process after the user requests access to the secure resource, causing the mobile device to; identify a nearest one of the authentication stations supporting the authentication modality, wherein the identified authentication station is configured to receive authentication credentials from the user using the authentication modality and transmit the authentication credentials to the authentication server, establish wireless communication with the identified authentication station, wirelessly transmit, to the identified authentication station, session information related to a session comprising the access request to the secure resource, wherein the identified authentication station is configured to transmit the session information to the authentication server, and accord access by the user to the secure resource, via the mobile device and within the session, after acceptance of the authentication credentials by the authentication server. - View Dependent Claims (19, 20)
-
Specification