AUTHENTICATION CERTIFICATE MANAGEMENT FOR ACCESS TO A WIRELESS COMMUNICATION DEVICE
First Claim
1. A method for authenticating a user to a user device, the method comprising:
- verifying, using authentication information stored at a user device, data received in association with a request for access to the user device and checking a status indicator stored at the user device and associated with the authentication information to determine whether the authentication information is valid;
allowing access to the user device if the data received in association with the request for access is verified and the status indicator indicates that the authentication information is valid; and
updating the status indicator on an intermittent basis when the user device is in communication with an authentication information status source.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method for authenticating a user to a user device using one or more-factor authentication with a certificate are provided. The status of the certificate is stored at the user device such that the stored status is queried during the authentication process. The status is updated as a background operation on the user device on a periodic basis. In the event that the user device fails to obtain updated status information, further status update requests are issued by the user device at varying time intervals until a response is received. In the event that the user is authenticated to the device but the certificate is subsequently revoked, access to all or a subset of user data and functions on the user device may be restricted.
-
Citations
25 Claims
-
1. A method for authenticating a user to a user device, the method comprising:
-
verifying, using authentication information stored at a user device, data received in association with a request for access to the user device and checking a status indicator stored at the user device and associated with the authentication information to determine whether the authentication information is valid; allowing access to the user device if the data received in association with the request for access is verified and the status indicator indicates that the authentication information is valid; and updating the status indicator on an intermittent basis when the user device is in communication with an authentication information status source. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A computer-readable medium comprising code executable by a computing device for causing said computing device to:
-
verify, using authentication information stored at a user device, data received in association with a request for access to the user device and checking a status indicator stored at the user device and associated with the authentication information to determine whether the authentication information is valid; allow access to the user device if the data received in association with the request for access is verified and the status indicator indicates that the authentication information is valid; and update the status indicator on an intermittent basis when the user device is in communication with an authentication information status source.
-
-
16. An authentication system for a user device, the authentication system comprising:
-
a memory storing authentication information for authenticating a user to the user device and for storing a status indicator comprising status information associated with the authentication information; a status checking module for checking the status indicator stored in association with the authentication information, wherein the user is allowed access to the user device if the user is authenticated wherein the status indicator indicates that the authentication information is valid; and an updating module for transmitting a request for status information for the authentication information to a authentication information status source periodically at a first predetermined time interval, receiving a response comprising status information in response to the request, and updating the stored status indicator with the received status information.
-
- 20. The authentication system of claim 20, wherein the authentication module is configured to lock the user out of the user device if the stored status indicator indicates that the certificate used to authenticate the user is not valid.
-
23. The authentication system of claim 23, wherein the authentication module is further configured to verify a user-entered password, such that the user is authenticated if the response is verified, the status indicator indicates that the certificate is valid, and the user-entered password is also verified.
-
25. A method for managing secure access to a wireless communication device, the method comprising:
-
receiving a request to authenticate a security token; determining, using authentication certificate status information, whether an authentication certificate is revoked, wherein the authentication certificate comprises public key data and wherein both the authentication certificate and the authentication certificate status information are locally stored at the wireless communication device; authenticating the security token using the locally stored authentication certificate if the locally stored authentication certificate is determined to be not revoked; and requesting authentication certificate status information from a remotely located certificate status source via a wireless communication link, wherein the act of requesting authentication certificate status information is automatically performed periodically according to a predetermined time interval.
-
Specification