Application and device user verification from an operating system-based authentication service
First Claim
1. A method of verifying a user'"'"'s identity to utilize a software application functionality, comprising:
- initiating a functionality of a software application;
passing an application programming interface (API) call from the software application to an authentication service independent of the software application to determine whether initiation of the functionality is authorized based on verification of user identity;
at the authentication service, determining whether the functionality may be initiated without user identity verification; and
if the functionality does not require user identity verification, notifying the software application that the functionality may be initiated without user identity verification.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems provide an operating system-based user authentication service that operates independently of a computing device or software application requiring verification of a user'"'"'s identity to operate the device or utilize functionality of the software application. A given software application for providing functionality to a user or for allowing a user to operate a desired computing device calls the operating system-based authentication service for verifying the user'"'"'s identity to use the software application functionality or to operate the desired computing device. If the user'"'"'s identity is verified by the authentication service, the application is notified, and the user is allowed to operate the device or utilize the desired application functionality.
-
Citations
35 Claims
-
1. A method of verifying a user'"'"'s identity to utilize a software application functionality, comprising:
-
initiating a functionality of a software application;
passing an application programming interface (API) call from the software application to an authentication service independent of the software application to determine whether initiation of the functionality is authorized based on verification of user identity;
at the authentication service, determining whether the functionality may be initiated without user identity verification; and
if the functionality does not require user identity verification, notifying the software application that the functionality may be initiated without user identity verification. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method of authenticating a user'"'"'s identity to utilize a software application functionality, comprising:
-
initiating a functionality of a software application;
passing an application programming interface (API) call from the software application to a local authentication sub-system of an authentication service independent of the software application to determine whether initiation of the functionality is authorized;
at the local authentication sub-system (LASS), determining from a verification policies database whether the functionality may be initiated without user identity verification;
if the functionality requires user identity verification, passing the API call from the local authentication sub-system to a local authentication plug-in module for obtaining authentication credentials from the user;
receiving at the local authentication plug-in module authentication credentials from the user; and
determining at the local authentication plug-in module whether the authentication credentials verify the user'"'"'s identity to initiate the functionality. - View Dependent Claims (21, 22, 23, 24, 25)
-
-
26. A user authentication system operating independently from a software application in use by a user, the authentication system for authenticating a user'"'"'s identity to utilize one or more functionalities of the software application, comprising:
-
a local authentication sub-system operative to receive an application programming interface (API) call from the software application to determine whether an initiation of a given software functionality by a user is authorized;
to determine from a verification policies database whether the functionality may be initiated without user identity verification;
to pass the API call to a local authentication plug-in module for obtaining authentication credentials from the user if the functionality requires user identity verification;
the local authentication plug-in module operative to request and receive authentication credentials from the user; and
to determine from the received authentication credentials whether the user identity is verified to initiate the functionality. - View Dependent Claims (27, 28, 29)
-
-
30. A computer-readable medium containing computer-executable instructions which when executed by a computer perform a method of authenticating a user'"'"'s identity to utilize a software application functionality, comprising:
-
initiating a functionality of a software application;
passing an application programming interface (API) call from the software application to a local authentication sub-system of an authentication service independent of the software application to determine whether initiation of the functionality is authorized;
at the local authentication sub-system, determining from a verification policies database whether the functionality may be initiated without user identity verification;
if the functionality requires user identity verification, passing the API call from the local authentication sub-system to a local authentication plug-in module for obtaining authentication credentials from the user;
receiving at the local authentication plug-in module authentication credentials from the user; and
determining at the local authentication plug-in module whether the authentication credentials verify the user'"'"'s identity to initiate the functionality. - View Dependent Claims (31, 32, 33, 34, 35)
-
Specification