TRUSTED GROUP OF A PLURALITY OF DEVICES WITH SINGLE SIGN ON, SECURE AUTHENTICATION

US 20110225426A1
Filed: 03/07/2011
Published: 09/15/2011
Est. Priority Date: 03/10/2010
Status: Active Grant

First Claim

Patent Images

1. A computer program product including computer executable instructions stored onto a computer readable medium which, when executed by a processor of a computer, causes the computer to perform a method for establishing a trusted group, the instructions comprising:

instructions to define the trusted group including two or more devices;

instructions to receive a session initiation protocol (SIP) registration for a first device;

instructions to receive a subscribe message from the first device to subscribe to the trust group;

in response to the SIP registration, instructions to send a notification to the first device, the notification providing information of a second device that is already registered and subscribed to the trusted group;

instructions to pass a SIP invite message from the first device to the second device, the SIP invite message including a self signed certificate fingerprint for the first device;

in response to the SIP invite message, passing a 200 OK message from the second device to the first device, wherein the 200 OK message includes a self signed certificate fingerprint for the second device; and

wherein, in response to the response message, the first device and the second device establish a persistent TLS connection to pass lock or unlock events between the first device and the second device.

View all claims

21 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system creates a trusted group of devices for single sign on. The trusted group is a set of two or more devices which can communicate securely to exchange information about the states of the devices. The two or more devices can arrange or establish the trusted group through the exchange of credentials or authentication information. After the establishment of the trusted group, the two or more devices may communicate through a secure connection established between the members of the trusted group. Each device may then execute normally and may encounter events that change the status of the device. Information about the locking or unlocking of the computer can be exchanged with the other members of the trusted group and the other members may also lock or unlock in concert.

149 Citations

20 Claims

1. A computer program product including computer executable instructions stored onto a computer readable medium which, when executed by a processor of a computer, causes the computer to perform a method for establishing a trusted group, the instructions comprising:
- instructions to define the trusted group including two or more devices;
  
  instructions to receive a session initiation protocol (SIP) registration for a first device;
  
  instructions to receive a subscribe message from the first device to subscribe to the trust group;
  
  in response to the SIP registration, instructions to send a notification to the first device, the notification providing information of a second device that is already registered and subscribed to the trusted group;
  
  instructions to pass a SIP invite message from the first device to the second device, the SIP invite message including a self signed certificate fingerprint for the first device;
  
  in response to the SIP invite message, passing a 200 OK message from the second device to the first device, wherein the 200 OK message includes a self signed certificate fingerprint for the second device; and
  
  wherein, in response to the response message, the first device and the second device establish a persistent TLS connection to pass lock or unlock events between the first device and the second device.
- View Dependent Claims (2, 3, 4, 12)
- - 2. The computer program product as defined in claim 1, further comprising instructions to execute an application for the first device or the second device.
  - 3. The computer program product as defined in claim 2, further comprising instructions to administer a communication from or to the first device or the second device.
  - 4. The computer program product as defined in claim 3, further comprising:
    - instructions to receive, by the first device, an event from the second device of the trusted group over the persistent TLS channel, the event indicating an unlock or lock of the second device; and
      
      based on the event, instructions to unlock or lock the first device of the trusted group.
  - 12. The method as defined in claim 1, further comprising subscribing to the session manage to receive event messages from the two or more devices comprising the trusted group.

5. A method for a secure sign on, comprising:
- establishing, by a first device, a secure communications channel with at least a second device of a trusted group;
  
  receiving, by the first device, an event from the second device of the trusted group over the secure communication channel, the event indicating an unlock of the second device; and
  
  based on the event, unlocking the first device of the trusted group.
- View Dependent Claims (6, 7, 8, 9, 10)
- - 6. The method as defined in claim 5, wherein the trusted group includes two or more IP enabled devices.
  - 7. The method as defined in claim 6, wherein the secure communications channel is a persistent transport layer security (TLS) connection for communicating events between the two or more devices of the trusted group.
  - 8. The method as defined in claim 7, wherein establishing the secure communications channel comprises:
    - sending a session initiation protocol (SIP) registration to a session manager;
      
      in response to the SIP registration, receiving a notification from the session manager, the notification providing information of another device that is part of the trusted group;
      
      sending an SIP invite message to the other device;
      
      in response to the SIP invite message, receiving a direct socket link for the persistent TLS connection; and
      
      in response to the response message, establishing the persistent TLS connection.
  - 9. The method as defined in claim 8, wherein the SIP invite message includes a self signed certificate fingerprint.
  - 10. The method as defined in claim 5, wherein the event includes unlock credentials.

11. The method as defined in claim 11, further comprising:
- executing, by the first device, a second event, wherein the second event comprises locking of the first device;
  
  sending the second event to at least the second device of the trusted group; and
  
  wherein the second device is locked in response to the second event.

13. A trusted group of devices comprising:
- a first communication device comprising;
  
  a memory operable to store a lock/unlock application;
  
  a processor in communication with the memory, the processor operable to execute the lock/unlock application;
  
  a computing device comprising;
  
  a second memory operable to store a second lock/unlock application;
  
  a second processor in communication with the second memory, the second processor operable to execute the second lock/unlock application;
  
  a session manager in communication with the first communication device and the computing device, the session manager operable to;
  
  receive a session initiation protocol (SIP) registration for the first communications device;
  
  receive a subscribe message from the first communication device to subscribe to a trusted group, the trusted group including the first communication device and the computing device;
  
  in response to the SIP registration, instructions to send a notification to the first communication device, the notification providing information of the computing device that is already registered and subscribed to the trusted group;
  
  pass a SIP invite message from the computing device to the first communication device, the SIP invite message including a self signed certificate fingerprint for the computing device;
  
  in response to the SIP invite message, pass a 200 OK message from the first communication device to the computing device, wherein the 200 OK message includes a self signed certificate fingerprint for the first communication device; and
  
  wherein, in response to the response message, the first communication device and the computing device establish a persistent TLS connection to pass lock or unlock events between the first communication device and the computing device.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The trusted group as defined in claim 13, wherein the session manager is executed on a server.
  - 15. The trusted group as defined in claim 13, wherein the session manager is executed on one of the computing device or the first communication device.
  - 16. The trusted group as defined in claim 13, wherein the first communication device is one of a group consisting of a cellular phone, a personal digital assistant, a laptop computer, an IP-enabled desktop telephone, a telephone application executing in a computer system, and a desktop telephone.
  - 17. The trusted group as defined in claim 13, wherein the computing device is one of a group consisting of a personal digital assistant, a laptop computer, a desktop computer, and a server.
  - 18. The trusted group as defined in claim 13, wherein the computing device further operable to:
    - receive an event from the first communication device of the trusted group over the persistent TLS connection, the event indicating an unlock or lock of the first communication device; and
      
      based on the event, unlock or lock the computing device of the trusted group.
  - 19. The trusted group as defined in claim 18, wherein the session manager is further operable to:
    - receive presence information for the computing device or the first communication device;
      
      send the presence information to the computing device or the first communication device; and
      
      wherein the presence information is read by either the computing device or the first communication device to determine if the event should be responded to.
  - 20. The trusted group as defined in claim 19, further comprising a credentials database in communication with the first and second lock/unlock application, the credentials database operable to:
    - store credentials for the computing device and the first communication device; and
      
      provide the stored credentials to the computing device and the first communication device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Arlington Technologies, LLC (Dominion Harbor Enterprises, LLC)
Original Assignee
Avaya Incorporated
Inventors
Kamble, Swapnil, Balasaygun, Mehmet, Sinha, Raj, Agarwal, Amit

Granted Patent

US 8,464,063 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/175
CPC Class Codes

G06F 21/41 where a single sign-on prov...

H04L 63/10 for controlling access to d...

TRUSTED GROUP OF A PLURALITY OF DEVICES WITH SINGLE SIGN ON, SECURE AUTHENTICATION

First Claim

21 Assignments

0 Petitions

Accused Products

Abstract

149 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

TRUSTED GROUP OF A PLURALITY OF DEVICES WITH SINGLE SIGN ON, SECURE AUTHENTICATION

First Claim

21 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

149 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links