TECHNIQUES FOR MOBILE DEVICE AUTHENTICATION
First Claim
1. A method implemented in a non-transitory machine-readable storage medium and processed by one or more processors configured to perform the method, comprising:
- initially authenticating a mobile device for a user a first time;
acquiring policy that defines information that the mobile device is to collect for multifactor authentication;
pushing the policy to the mobile device;
receiving from the mobile device the information, which the mobile device collected without interaction from the user based on the policy and at least some of the information external to the mobile device; and
performing authentication a second time using the information.
12 Assignments
0 Petitions
Accused Products
Abstract
A user authenticates a mobile device (MD) to a network-based service (NBS) for initial authentication. Policy is pushed from the NBS to the MD and the MD automatically obtains details about devices and attributes that are near or accessible to the MD in accordance with the policy. The details are pushed as a packet from the MD to the NBS and multifactor authentication is performed based on the details and the policy. If the multifactor authentication is successful, access privileges are set for the MD for accessing the NBS and perhaps for accessing local resources of the MD.
-
Citations
20 Claims
-
1. A method implemented in a non-transitory machine-readable storage medium and processed by one or more processors configured to perform the method, comprising:
-
initially authenticating a mobile device for a user a first time; acquiring policy that defines information that the mobile device is to collect for multifactor authentication; pushing the policy to the mobile device; receiving from the mobile device the information, which the mobile device collected without interaction from the user based on the policy and at least some of the information external to the mobile device; and performing authentication a second time using the information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method implemented in a non-transitory machine-readable storage medium and processed by one or more processors configured to perform the method, comprising:
-
sending a request for initial authentication to a network-based service; receiving a policy that defines information to collect to complete subsequent authentication with the network-based service; using the policy to assemble the information at least some of which is external to a mobile device that the method process on; sending the assembled information to the network-based service; and receiving access rights back from the network-based service that defines network resources and mobile device resources that the mobile device can access and interact with. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A multi-processor implemented system, comprising:
-
a server-authentication service configured and programmed on a non-transitory computer-readable medium and to execute on one or more processors of a server machine; and a mobile device authentication service configured and programmed on a non-transitory computer-readable medium and to execute on one or more of the processors of a mobile device; the server-authentication service is configured to perform a first authentication on the mobile device and push policy to the mobile device authentication service to gather external information that is external to the mobile device, which the mobile device authentication service is configured to assemble and provide back to the server-authentication service, the server-authentication service further configured to perform a second authentication on the mobile device in response to the assembled and provided back information and based thereon set access privileges for the mobile device with respect to accessing network resources and mobile device resources, the access privileges sent to the mobile device authentication service. - View Dependent Claims (19, 20)
-
Specification