Method and apparatus for authenticating a user of an electronic system
First Claim
1. A system comprising:
- at least a first input mechanism to receive first multi-factor authentication data associated with Z authentication factors;
a cryptographic engine to encrypt the first multi-factor authentication data;
a separated user authentication, non-volatile data store to store the encrypted first multi-factor authentication data; and
a first processing unit to determine whether second authentication data received via the at least first input mechanism matches a subset of the first multi-factor authentication data, the second authentication data associated with N authentication factors where N is less than or equal to Z.
1 Assignment
0 Petitions
Accused Products
Abstract
A user-authentication sub-system and approach for user authentication. The user authentication sub-system of one aspect includes at least a first input mechanism to receive first multi-factor authentication data associated with Z authentication factors, a cryptographic engine to encrypt the first multi-factor authentication data, and a separated user authentication, non-volatile data store to store the encrypted first multi-factor authentication data. The sub-system further includes a processing unit to determine whether second authentication data received via the at least first input mechanism matches a subset of the first multi-factor authentication data, the second authentication data associated with N authentication factors where N is less than or equal to Z.
-
Citations
29 Claims
-
1. A system comprising:
-
at least a first input mechanism to receive first multi-factor authentication data associated with Z authentication factors;
a cryptographic engine to encrypt the first multi-factor authentication data;
a separated user authentication, non-volatile data store to store the encrypted first multi-factor authentication data; and
a first processing unit to determine whether second authentication data received via the at least first input mechanism matches a subset of the first multi-factor authentication data, the second authentication data associated with N authentication factors where N is less than or equal to Z. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system comprising:
-
a first processor to execute instructions;
a first non-volatile memory to store instructions to be executed by the processor;
a bus coupled to the processor and the first non-volatile memory to communicate information; and
a user authentication sub-system coupled to the bus, the user authentication sub-system including;
a user authentication input module to receive first user authentication data;
a second, separated non-volatile memory to store an encrypted version of the first user authentication data; and
a second user-authentication processor to determine whether second user authentication data matches at least a corresponding subset of the first user authentication data. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. A method comprising:
-
receiving first multi-factor authentication data at a user-authentication sub-system;
decrypting second multi-factor authentication stored in a separated non-volatile memory; and
determining whether the first multi-factor authentication data matches at least a corresponding subset of the second multi-factor authentication data. - View Dependent Claims (15, 16, 17, 18, 19)
-
-
20. A method comprising:
-
generating at a requestor a request to authenticate a user;
performing a bi-lateral authentication process to bi-laterally authenticate a user authentication sub-system and the requestor; and
authenticating a user with the user authentication sub-system prior to granting access to a resource if the sub-system and the requestor are bi-laterally authenticated. - View Dependent Claims (21, 22)
-
-
23. A method comprising:
-
in response to receiving a request for user authentication, checking a platform configuration register to determine if a platform configuration has changed since a previous time the platform configuration register was checked; and
performing a user authentication process with a user authentication sub-system only if it is determined that the platform configuration has not changed. - View Dependent Claims (24, 25, 26, 27)
-
-
28. A machine-accessible storage medium storing data that, when accessed by a machine, causes the machine to perform a method including:
-
requesting an autonomous user authentication sub-system to perform a user authentication process;
requesting a user to provide first multi-factor authentication data; and
determining whether to grant access to a resource based on whether the user authentication sub-system determines that the first multi-factor authentication data matches at least a corresponding subset of second multi-factor authentication data encrypted and stored in a separated non-volatile memory of the sub-system. - View Dependent Claims (29)
-
Specification