TRUSTED GROUP OF A PLURALITY OF DEVICES WITH SINGLE SIGN ON, SECURE AUTHENTICATION
First Claim
1. A computer program product including computer executable instructions stored onto a computer readable medium which, when executed by a processor of a computer, causes the computer to perform a method for establishing a trusted group, the instructions comprising:
- instructions to define the trusted group including two or more devices;
instructions to receive a session initiation protocol (SIP) registration for a first device;
instructions to receive a subscribe message from the first device to subscribe to the trust group;
in response to the SIP registration, instructions to send a notification to the first device, the notification providing information of a second device that is already registered and subscribed to the trusted group;
instructions to pass a SIP invite message from the first device to the second device, the SIP invite message including a self signed certificate fingerprint for the first device;
in response to the SIP invite message, passing a 200 OK message from the second device to the first device, wherein the 200 OK message includes a self signed certificate fingerprint for the second device; and
wherein, in response to the response message, the first device and the second device establish a persistent TLS connection to pass lock or unlock events between the first device and the second device.
21 Assignments
0 Petitions
Accused Products
Abstract
A system creates a trusted group of devices for single sign on. The trusted group is a set of two or more devices which can communicate securely to exchange information about the states of the devices. The two or more devices can arrange or establish the trusted group through the exchange of credentials or authentication information. After the establishment of the trusted group, the two or more devices may communicate through a secure connection established between the members of the trusted group. Each device may then execute normally and may encounter events that change the status of the device. Information about the locking or unlocking of the computer can be exchanged with the other members of the trusted group and the other members may also lock or unlock in concert.
149 Citations
20 Claims
-
1. A computer program product including computer executable instructions stored onto a computer readable medium which, when executed by a processor of a computer, causes the computer to perform a method for establishing a trusted group, the instructions comprising:
-
instructions to define the trusted group including two or more devices; instructions to receive a session initiation protocol (SIP) registration for a first device; instructions to receive a subscribe message from the first device to subscribe to the trust group; in response to the SIP registration, instructions to send a notification to the first device, the notification providing information of a second device that is already registered and subscribed to the trusted group; instructions to pass a SIP invite message from the first device to the second device, the SIP invite message including a self signed certificate fingerprint for the first device; in response to the SIP invite message, passing a 200 OK message from the second device to the first device, wherein the 200 OK message includes a self signed certificate fingerprint for the second device; and wherein, in response to the response message, the first device and the second device establish a persistent TLS connection to pass lock or unlock events between the first device and the second device. - View Dependent Claims (2, 3, 4, 12)
-
-
5. A method for a secure sign on, comprising:
-
establishing, by a first device, a secure communications channel with at least a second device of a trusted group; receiving, by the first device, an event from the second device of the trusted group over the secure communication channel, the event indicating an unlock of the second device; and based on the event, unlocking the first device of the trusted group. - View Dependent Claims (6, 7, 8, 9, 10)
-
-
11. The method as defined in claim 11, further comprising:
-
executing, by the first device, a second event, wherein the second event comprises locking of the first device; sending the second event to at least the second device of the trusted group; and wherein the second device is locked in response to the second event.
-
-
13. A trusted group of devices comprising:
-
a first communication device comprising; a memory operable to store a lock/unlock application; a processor in communication with the memory, the processor operable to execute the lock/unlock application; a computing device comprising; a second memory operable to store a second lock/unlock application; a second processor in communication with the second memory, the second processor operable to execute the second lock/unlock application; a session manager in communication with the first communication device and the computing device, the session manager operable to; receive a session initiation protocol (SIP) registration for the first communications device; receive a subscribe message from the first communication device to subscribe to a trusted group, the trusted group including the first communication device and the computing device; in response to the SIP registration, instructions to send a notification to the first communication device, the notification providing information of the computing device that is already registered and subscribed to the trusted group; pass a SIP invite message from the computing device to the first communication device, the SIP invite message including a self signed certificate fingerprint for the computing device; in response to the SIP invite message, pass a 200 OK message from the first communication device to the computing device, wherein the 200 OK message includes a self signed certificate fingerprint for the first communication device; and wherein, in response to the response message, the first communication device and the computing device establish a persistent TLS connection to pass lock or unlock events between the first communication device and the computing device. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification