QUORUM-BASED SECURE AUTHENTICATION

US 20130291056A1
Filed: 04/10/2013
Published: 10/31/2013
Est. Priority Date: 04/10/2012
Status: Active Grant

First Claim

Patent Images

1. A method of secure authentication to a resource in accordance with a predefined, electronically stored quorum-based authentication policy, the method comprising the steps of:

causing electronic interaction among a plurality of devices each associated with a user thereof, the devices constituting a quorum in accordance with the policy;

computationally determining whether the interaction satisfies the policy; and

if so, electronically according access to the resource to at least one individual associated with at least one of the interacting devices.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Representative embodiments of secure authentication to a resource in accordance with a predefined, electronically stored quorum-based authentication policy include causing electronic interaction among multiple devices that constitute a quorum in accordance with the policy, computationally determining whether the interaction satisfies the policy, and if so, electronically according access to the resource to one or more individuals associated with the interacting device(s).

62 Citations

View as Search Results

16 Claims

1. A method of secure authentication to a resource in accordance with a predefined, electronically stored quorum-based authentication policy, the method comprising the steps of:
- causing electronic interaction among a plurality of devices each associated with a user thereof, the devices constituting a quorum in accordance with the policy;
  
  computationally determining whether the interaction satisfies the policy; and
  
  if so, electronically according access to the resource to at least one individual associated with at least one of the interacting devices.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the interaction comprises NFC interaction and the devices comprise NFC nodes.
  - 3. The method of claim 2, wherein the policy specifies an order of interaction.
  - 4. The method of claim 3, wherein the computationally determining step is performed by an authentication server and comprises causing communication between the authentication server and at least one of the NFC nodes, the communication including an indicium of the interaction among the plurality of NFC nodes including the order thereof.
  - 5. The method of claim 4, wherein the indicium is an encryption key.
  - 6. The method of claim 1, wherein the policy does not require an order of interaction.
  - 7. The method of claim 1, wherein the step of according access is accomplished by an authentication server and comprises wirelessly communicating, from the authentication server, an authorization directly to a device capable of facilitating access to the resource.
  - 8. The method of claim 1, further comprising identifying the resource using information transmitted from the at least one of the interacting devices.
  - 9. The method of claim 1, wherein the interaction is performed pairwise.

10. An authentication server comprising:
- a database for storing a quorum-based authentication policy for access to a secured resource, identifiers associated with users entitled to access the secured resource, and identifiers associated with a plurality of mobile devices that are themselves associated with the users;
  
  a communication module for receiving, from at least one of the mobile devices, an indicium indicating at least one interaction among the plurality of mobile devices; and
  
  a processor configured to determine whether (i) the plurality of mobile devices constitutes a quorum in accordance with the stored policy and (ii) whether the interaction satisfies the policy, and if so, to cause at least one individual associated with at least one of the mobile devices to be accorded access to the secured resource.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The authentication server of claim 10, wherein the communication module is configured to wirelessly communicate an authorization directly to a device capable of facilitating access to the secured resource.
  - 12. The authentication server of claim 10, wherein the communication module is configured to wirelessly communicate with the mobile devices via cell phone communications.
  - 13. The authentication server of claim 12, wherein the communication module is configured to transmit the stored policy to at least one of the mobile devices, thereby causing the at least one interaction among the plurality of mobile devices.
  - 14. The authentication server of claim 10, wherein the policy specifies an order of interaction, the processor being configured to determine whether interactions among the plurality of mobile devices satisfy the order.
  - 15. The authentication server of claim 10, wherein the indicium is an encryption key, the processor being configured to decrypt the encryption key.

16. A wireless mobile device comprising a processor for:
- executing a first procedure for communicating with at least one other wireless mobile device;
  
  executing a second procedure for creating an indicium indicative of the communication;
  
  executing a third procedure for reading an identifying tag associated with a device capable of facilitating access to a resource; and
  
  executing a fourth procedure for transmitting the indicium, information from the identifying tag and information identifying the wireless mobile device to a server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Imprivata Incorporated
Original Assignee
Imprivata Incorporated
Inventors
Gaudet, Edward J., Ting, David M. T.

Granted Patent

US 9,572,029 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

G06F 21/35   communicating wirelessly

G06F 21/40   by quorum, i.e. whereby two...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0853   using an additional device,...

H04L 63/10   for controlling access to d...

H04W 12/04   Key management, e.g. using ...

H04W 12/06   Authentication

H04W 12/63   Location-dependent; Proximi...

H04W 4/80   Services using short range ...

QUORUM-BASED SECURE AUTHENTICATION

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

62 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

QUORUM-BASED SECURE AUTHENTICATION

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

62 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links