Personalized I/O Device as Trusted Data Source
First Claim
1. A personalized input/output (I/O) device as trusted credential source, comprising:
- an I/O interface configured to transmit one or more user credentials from a user or owner of the I/O device to an authenticator; and
a personalized certificate configured on the I/O device containing combined information of the user and the I/O device, wherein the personalized certificate is traceable to a trusted source.
1 Assignment
0 Petitions
Accused Products
Abstract
Personalized input/output (I/O) device as trusted credential source is described. According to one exemplary embodiment of the invention, a personalized I/O device used as trusted credential source is configured with a personalized certificate that includes a combination of the user and device information. One or more user credentials are signed with the private key associated with the personalized certificate and sent to an authenticator. An optional secure link based on personalized certificate provides additional security for transmitting the credentials either signed or unsigned. User credentials may include biometric measures (something the user is) such as user'"'"'s voiceprint sample or fingerprint sample, and passwords (something the user knows). When the user credentials must be originated from the personalized I/O device (something the user has), all three factors of authentication can be included.
94 Citations
20 Claims
-
1. A personalized input/output (I/O) device as trusted credential source, comprising:
-
an I/O interface configured to transmit one or more user credentials from a user or owner of the I/O device to an authenticator; and a personalized certificate configured on the I/O device containing combined information of the user and the I/O device, wherein the personalized certificate is traceable to a trusted source. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method of authenticating a user or owner of an input/output (I/O) device, comprising:
-
requesting and receiving one or more user credentials entered by the user via the I/O device; verifying the received one or more user credentials are traceable to a trusted source, and the received one or more user credentials match previously agreed respective credentials associated with the user; and receiving a personalized certificate that contains combined information of the user and the I/O device. - View Dependent Claims (13, 14, 15)
-
-
16. A method of personalizing an input/output (I/O) device such that the I/O device can be used to transmit trusted user credentials, the method comprising:
-
installing a manufacturer certificate on the I/O device by a manufacturer of the I/O device, wherein the manufacturer certificate contains information of the I/O device; and creating a personalized certificate on a registration server by combining the information of the I/O device and information of a user or owner of the I/O device, wherein the information of the user is included in an independent user certificate that has been gathered along with the manufacturer certificate during a registration procedure. - View Dependent Claims (17, 18, 19, 20)
-
Specification