DEVICE AUTHENTICATION WITHIN DEPLOYABLE COMPUTING ENVIRONMENT
First Claim
1. A method of representing a relationship between a device and a user claiming the device in a deployable computing environment, comprising:
- receiving from the device a device identification ticket and a user identification ticket;
upon receiving the device identification ticket and the user identification ticket;
authenticating the device identification ticket and the user identification ticket; and
upon authenticating the device identification ticket and the user identification ticket;
representing a device claim regarding a relationship between the device and the user in the deployable computing environment; and
issuing to at least one of the device and the user a device claim ticket associated with the device claim.
3 Assignments
0 Petitions
Accused Products
Abstract
A deployable computing environment may facilitate interaction and data sharing between users and devices. Users, devices, and relationships between the users and devices may be represented within the deployable computing environment. A relationship between a user and a device may specify that the device is owned by the user and that the device is authorized to perform operations within the deployable computing environment on behalf of the user. Secure authentication of devices and users for interaction within the deployable computing environment is achieved by authenticating tickets corresponding to the user, the device, and the relationship. A device identification ticket and a user identification ticket are used to authenticate the device and user for interaction within the deployable computing environment. A device claim ticket allows the device to perform delegated operations (e.g., data synchronization, peer connectivity, etc.) on behalf of the user without the user'"'"'s credentials (e.g., user identification ticket).
-
Citations
20 Claims
-
1. A method of representing a relationship between a device and a user claiming the device in a deployable computing environment, comprising:
-
receiving from the device a device identification ticket and a user identification ticket; upon receiving the device identification ticket and the user identification ticket; authenticating the device identification ticket and the user identification ticket; and upon authenticating the device identification ticket and the user identification ticket; representing a device claim regarding a relationship between the device and the user in the deployable computing environment; and issuing to at least one of the device and the user a device claim ticket associated with the device claim. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method of authenticating at least one operation by a device in a deployable computing environment, comprising:
-
requesting from the device a device claim ticket; and upon receiving the device claim ticket; authenticating the device claim ticket; verifying permission of the device to perform at least one authorized user operation; and upon authenticating the device claim ticket and verifying permission, performing the at least one authorized user operation. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
-
20. A system for representing and authenticating a relationship between a device and a user within a deployable computing environment, comprising:
an authenticator comprising; a representation generating component configured to perform at least one of; upon authenticating a user credential, generate a representation of the user within the deployable computing environment; upon authenticating a device credential, generate a representation of the device within the deployable computing environment; and upon authenticating the user credential and the device credential, generate a representation of the relationship between the device and the user within the deployable computing environment; a ticket generating component configured to perform at least one of; upon authenticating the user credential, issue a user identification ticket to the user; upon authenticating a device credential, issue a device identification ticket to the device; and upon authenticating the user credential and the device credential, issue a device claim ticket representing the relationship of the device and the user to the device; and a ticket authentication component configured to perform at least one of; authenticate at least one ticket received from the user regarding access to the deployable computing environment; authenticate at least one ticket received from the device regarding access to the deployable computing environment; and authenticate at least one ticket received from the device regarding a relationship between the device and the user.
Specification