Asymmetric key pair having a kiosk mode
First Claim
1. A method for providing different levels of access based upon a same authentication factor, comprising;
- receiving a first message transformed with a first portion of a split private key, the first portion based upon a user password and another factor, and the split private key associated with an asymmetric key pair having a public key and the split private key;
authenticating the user for a first level of network access based upon the received first message being transformed with the first portion;
receiving a second message transformed with a second portion of the split private key, the second portion based upon the password only and not combinable with the first portion to complete the split private key;
authenticating the user for a second level of network access different that the first level based upon the received second message being transformed with the second portion.
5 Assignments
0 Petitions
Accused Products
Abstract
Techniques for providing different levels of access based upon a same authentication factor are provided. A first message is received that is transformed with a first portion of a split private key, the first portion based upon a user password and another factor, and the split private key associated with an asymmetric key pair having a public key and the split private key. The user is authenticated for a first level of network access based upon the received first message being transformed with the first portion. A second message is received that is transformed with a second portion of the split private key, the second portion based upon the password only and not combinable with the first portion to complete the split private key. The user is authenticated for a second level of network access different that the first level based upon the received second message being transformed with the second portion.
-
Citations
18 Claims
-
1. A method for providing different levels of access based upon a same authentication factor, comprising;
-
receiving a first message transformed with a first portion of a split private key, the first portion based upon a user password and another factor, and the split private key associated with an asymmetric key pair having a public key and the split private key;
authenticating the user for a first level of network access based upon the received first message being transformed with the first portion;
receiving a second message transformed with a second portion of the split private key, the second portion based upon the password only and not combinable with the first portion to complete the split private key;
authenticating the user for a second level of network access different that the first level based upon the received second message being transformed with the second portion. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for providing different levels of access based upon a same authentication factor, comprising:
-
a communications interface configured to receive i) a first message transformed with a first portion of a split private key, the first portion based upon a user password and another factor, and the split private key associated with an asymmetric key pair having a public key and the split private key, and ii) a second message transformed with a second portion of the split private-key, the second portion based upon the password only and not combinable with the first portion to complete the split private key; and
a processor configured to i) authenticate the user for a first level of network access based upon the received first message being transformed with the first portion, and ii) authenticate the user for a second level of network access different that the first level based upon the received second message being transformed with the second portion. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
Specification