System and Method for Device Authentication with Built-In Tolerance

US 20110093920A1
Filed: 10/13/2010
Published: 04/21/2011
Est. Priority Date: 10/19/2009
Status: Active Grant

First Claim

Patent Images

1. A method for building tolerance into authentication of a device, comprising:

receiving and storing first digital fingerprint of the device during a first boot of an authenticating software on the device, the first digital fingerprint being based on a first set of device components;

receiving a second digital fingerprint from the device at a subsequent time;

comparing the second digital fingerprint with a plurality of stored digital fingerprints of known devices;

in response to the comparison indicating a mismatch between the second digital fingerprint and the plurality of stored digital fingerprints, generating a request code comprising instructions for the device to generate a third digital fingerprint using the first set of device components;

sending the request code to the remote device;

receiving the third digital fingerprint from the remote device in response to the request code; and

authenticating the device based on a comparison of the first and third digital fingerprints.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for building tolerance into authentication of a computing device includes a means for executing, from a computer-readable medium, computer-implementable steps of: (a) receiving and storing a first digital fingerprint of the device during a first boot of an authenticating software on the device, the first digital fingerprint based on a first set of device components, (b) receiving a second digital fingerprint from the device at a subsequent time, (c) comparing the second digital fingerprint with a plurality of stored digital fingerprints of known devices, (d) in response to the comparison indicating a mismatch between the second digital fingerprint and the plurality of stored digital fingerprints, generating a request code comprising instructions for the device to generate a third digital fingerprint using the first set of device components, (e) sending the request code to the remote device, (f) receiving the third digital fingerprint from the remote device in response to the request code, and (g) authenticating the device based on a comparison of the first and third digital fingerprints.

145 Citations

View as Search Results

20 Claims

1. A method for building tolerance into authentication of a device, comprising:
- receiving and storing first digital fingerprint of the device during a first boot of an authenticating software on the device, the first digital fingerprint being based on a first set of device components;
  
  receiving a second digital fingerprint from the device at a subsequent time;
  
  comparing the second digital fingerprint with a plurality of stored digital fingerprints of known devices;
  
  in response to the comparison indicating a mismatch between the second digital fingerprint and the plurality of stored digital fingerprints, generating a request code comprising instructions for the device to generate a third digital fingerprint using the first set of device components;
  
  sending the request code to the remote device;
  
  receiving the third digital fingerprint from the remote device in response to the request code; and
  
  authenticating the device based on a comparison of the first and third digital fingerprints.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the first set comprises components from at least one of a typical-upgrade list and a non-typical-upgrade list.
  - 3. The method of claim 2, wherein the typical-upgrade list comprises one or more components selected from the group consisting of graphic card, random access memory, sound card, network adaptor, hard drive, CD/DVD drive, and Ethernet controller.
  - 4. The method of claim 2, wherein the non-typical-upgrade list comprises one or more components selected from the group consisting of motherboard, USB host controller, central microprocessor, PCI Bus, and System CMOS Clock.
  - 5. The method of claim 1, wherein the device is validly authenticated when the comparison of the first and third digital fingerprints yields an accuracy of at least 75%.
  - 6. The method of claim 1, further comprising:
    - generating a control metric by encoding one or more differences between the first and second digital fingerprints;
      
      generating a second metric by encoding one or more differences between the first and third digital fingerprints; and
      
      wherein authenticating the device is further based on a comparison between the control metric and the second metric.
  - 7. The method of claim 6, wherein each metric comprises data identifying, for each of the one or more differences compared, a fingerprint portion and an associated component portion, the associated component portion identifying a device component that caused a difference to occur during comparison of the fingerprint portion, and wherein the device is validly authenticated when the comparison between metrics determines that an acceptable percentage of the associated components of the control metric and the associated components of the second metric match.
  - 8. The method of claim 7, wherein the acceptable percentage is 100%.

9. A method for building tolerance into authentication of a device, comprising steps of:
- receiving a digital fingerprint from the device, the digital fingerprint having a plurality of fingerprint portions, each fingerprint portion being associated with a component of the device;
  
  comparing the received digital fingerprint with stored digital fingerprints of known devices;
  
  flagging each fingerprint portion that creates an error during the comparing step;
  
  categorizing the associated component of each flagged fingerprint portion as a typical-upgrade component or a non-typical-upgrade component; and
  
  authenticating the received digital fingerprint when, for any single comparison between fingerprints, a ratio of non-typical-upgrade components to typical upgrade components exceeds a predetermined acceptance value.
- View Dependent Claims (10, 11, 12)
- - 10. The method of claim 9, wherein the typical-upgrade components are selected from the group consisting of graphics card, random access memory, sound card, network adaptor, hard drive, CD/DVD drive, and Ethernet controller.
  - 11. The method of claim 9, wherein the non-typical-upgrade components are selected from the group consisting of motherboard, USB host controller, central microprocessor, PCI Bus, and System CMOS Clock.
  - 12. The method of claim 9, wherein the predetermined acceptance value is less than 1.

13. A computer readable medium having stored thereon computer executable instructions that, when executed by a server, cause the server to perform a method comprising steps of:
- receiving a digital fingerprint from a client device having a plurality of fingerprint portions, each fingerprint portion being associated with a component of the client device;
  
  comparing the received digital fingerprint to each of many stored digital fingerprints;
  
  flagging each fingerprint portion creating a mismatch error during the comparing step;
  
  categorizing the associated component of each fingerprint portion as a typical-upgrade component or a non-typical-upgrade component; and
  
  authenticating the received digital fingerprint when, for any single comparison between fingerprints, a ratio of non-typical-upgrade components to typical upgrade components exceeds a predetermined acceptance value.
- View Dependent Claims (14, 15, 16)
- - 14. The computer readable medium of claim 13, wherein the typical-upgrade components are selected from the group consisting of graphics card, random access memory, sound card, network adaptor, hard drive, CD/DVD drive, and Ethernet controller.
  - 15. The computer readable medium of claim 13, wherein the non-typical-upgrade components are selected from the group consisting of motherboard, USB host controller, central microprocessor, PCI Bus, and System CMOS Clock.
  - 16. The computer readable medium of claim 13, wherein the predetermined acceptance value is less than 1.

17. An apparatus for authenticating a remote device, the apparatus comprising:
- means for receiving and storing a first digital fingerprint of the device during a first boot of an authenticating software on the device, the first digital fingerprint being based on a first set of device components;
  
  means for receiving a second digital fingerprint from the device at a subsequent time;
  
  means for comparing the second digital fingerprint with a plurality of stored digital fingerprints of known devices;
  
  means for generating a request code in response to a comparison indicating a mismatch between the second digital fingerprint and the plurality of stored digital fingerprints, the request code comprising instructions for the device to generate a third digital fingerprint using the first set of device components;
  
  means for sending the request code to the remote device;
  
  means for receiving the third digital fingerprint from the remote device in response to the request code; and
  
  means for authenticating the device based on a comparison of the first and third digital fingerprints.
- View Dependent Claims (18, 19, 20)
- - 18. The apparatus of claim 17, further comprising receiving a component list from the device during the first boot, wherein the first set of device components indicated by the request code comprises at least one component from the list.
  - 19. The apparatus of claim 17, wherein the list comprises components from a typical-upgrade list and a non-typical-upgrade list.
  - 20. The apparatus of claim 19, wherein the typical-upgrade list comprises components selected from the group consisting of graphic card, random access memory, sound card, network adaptor, hard drive, CD/DVD drive, and Ethernet controller, and wherein the non-typical-upgrade list comprises components selected from the group consisting of motherboard, USB host controller, central microprocessor, PCI Bus, and System CMOS Clock.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Atreus Labs LLC
Original Assignee
Uniloc Luxembourg S.à r.l. (f/k/a Uniloc Luxembourg S.A.) (Uniloc Corporation Pty. Limited)
Inventors
Etchegoyen, Craig S.

Granted Patent

US 8,316,421 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/3
CPC Class Codes

G06F 21/121 Restricting unauthorised ex...

H04L 63/0876 based on the identity of th...

System and Method for Device Authentication with Built-In Tolerance

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

145 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System and Method for Device Authentication with Built-In Tolerance

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

145 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links