Consumer internet authentication device
First Claim
1. A method of isolating information associated with a user from an authentication service provider in an authentication system, comprising:
- providing information associated with the user along with information identifying an authentication code source;
providing the information identifying the authentication code source, along with information identifying a subscribing site, to the authentication service provider;
generating a service user identifier; and
, creating an association of the service user identifier and the information associated with the user, and isolating the association within the subscribing site.
14 Assignments
0 Petitions
Accused Products
Abstract
A method of allowing a user to authenticate to an authentication service while isolating information associated with the user from the authentication service includes generating a service user identifier (SUID) associated with an authentication code source, a subscribing site and an authentication service. The method includes creating an association of the SUID with the information associated with the user, and isolating the association within the subscribing site. The method includes providing an authentication code generated by the authentication code-generating device from the user to the subscribing site, and providing the authentication code along with the SUID and information identifying the subscribing site to the authentication service. The method includes identifying the code-generating device, using the SUID and the information identifying the subscribing site, and generating an authentication decision for the authentication code with respect to the code-generating device, and providing the decision to the subscribing site.
-
Citations
29 Claims
-
1. A method of isolating information associated with a user from an authentication service provider in an authentication system, comprising:
-
providing information associated with the user along with information identifying an authentication code source;
providing the information identifying the authentication code source, along with information identifying a subscribing site, to the authentication service provider;
generating a service user identifier; and
,creating an association of the service user identifier and the information associated with the user, and isolating the association within the subscribing site.
-
-
2. A method of isolating information associated with a user from an authentication service provider in an authentication system, comprising:
-
providing, from the user to a subscribing site, information associated with the user along with information identifying an authentication code source;
providing, from the subscribing site to the authentication service provider, the information identifying the authentication code source along with information identifying the subscribing site;
generating, by the authentication service provider, a service user identifier that is a predetermined function of at least the information identifying the authentication code source and the information identifying the subscribing site;
providing, from the authentication service provider to the subscribing site, the service user identifier; and
,creating an association of the service user identifier and the information associated with the user, and isolating the association within the subscribing site. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A method of allowing a user to authenticate to an authentication service provider while isolating information associated with the user from the authentication service provider, comprising:
-
generating a service user identifier associated with an authentication code source, a subscribing site and an authentication service provider;
creating an association of the service user identifier with the information associated with the user, and isolating the association within the subscribing site;
providing a authentication code generated by the authentication code source from the user to the subscribing site;
providing the authentication code along with the service user identifier and information identifying the subscribing site to the authentication service provider;
identifying the authentication code source, using the service user identifier and the information identifying the subscribing site, and generating an authentication decision for the authentication code with respect to the authentication code source; and
,providing the authentication decision to the subscribing site. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A method of regulating activities of a user on a subscribing site, comprising:
-
generating a service user identifier associated with an authentication code source, a subscribing site and an authentication service provider;
creating an association of the service user identifier with the information associated with the user, and isolating the association within the subscribing site;
receiving, at the subscribing site, a request from the user for permission to perform an activity, wherein the request includes an authentication code generated by the authentication code source;
providing the authentication code along with the service user identifier and information identifying the subscribing site to the authentication service provider;
identifying the authentication code source, using the service user identifier and the information identifying the subscribing site, and generating an authentication decision for the authentication code with respect to the authentication code source;
providing the authentication decision to the subscribing site; and
,granting permission for the user to perform the activity if the authentication decision indicates successful authentication, and denying permission for the user to perform the activity if the authentication decision indicates unsuccessful authentication.
-
-
27. A system for isolating information associated with a user from an authentication service provider in an authentication system, comprising:
-
a user having an authentication code source, wherein the user provides to a subscribing site, information associated with the user along with information identifying an authentication code source;
an authentication service provider for receiving, from the subscribing site, the information identifying the authentication code source along with information identifying the subscribing site;
wherein the authentication service provider (i) generates a service user identifier that is a predetermined function of at least the information identifying the authentication code source and the information identifying the subscribing site, (ii) provides the service user identifier to the subscribing site, and (iii) creates an association of the service user identifier and the information associated with the user, and isolates the association within the subscribing site.
-
-
28. A system for allowing a user to authenticate to an authentication service provider while isolating information associated with the user from the authentication service, comprising:
-
a user having an authentication code source;
a subscribing site for providing a service to the user;
an authentication service provider for generating a service user identifier associated with the authentication code source, the subscribing site and the authentication service;
a network through which the user, the subscribing site and the authentication service provider communicate;
wherein the subscribing site creates an association of the service user identifier with the information associated with the user, and isolates the association within the subscribing site;
wherein the user provides, to the subscribing site, an authentication code generated by the authentication code source;
wherein the subscribing site provides, to the authentication service provider, the authentication code along with the service user identifier and information identifying the subscribing site; and
,wherein the authentication service provider (i) identifies the authentication code source using the service user identifier and the information identifying the subscribing site, (ii) generates an authentication decision for the authentication code with respect to the authentication code source, and (iii) provides the authentication decision to the subscribing site.
-
-
29. A system for regulating activities of a user on a subscribing site, comprising:
-
a user having an authentication code source;
a subscribing site for providing a service to the user;
an authentication service provider for generating a service user identifier associated with the authentication code source, the subscribing site and the authentication service;
a network through which the user, the subscribing site and the authentication service provider communicate;
wherein the subscribing site creates an association of the service user identifier with the information associated with the user, and isolates the association within the subscribing site;
wherein the user submits a request to the subscribing site for permission to perform a service activity, the request including an authentication code generated by the authentication code source;
wherein the subscribing site provides the authentication code along with the service user identifier and information identifying the subscribing site to the authentication service provider;
wherein the authentication service provider (i) identifies the authentication code source using the service user identifier and the information identifying the subscribing site, (ii) generates an authentication decision for the authentication code with respect to the authentication code source, and (iii) provides the authentication decision to the subscribing site; and
,wherein the subscribing site grants permission for the user to perform the service activity if the authentication decision indicates successful authentication, and denies permission for the user to perform the service activity if the authentication decision indicates unsuccessful authentication.
-
Specification