Device-Specific Authentication Credentials

US 20140304808A1
Filed: 04/05/2013
Published: 10/09/2014
Est. Priority Date: 04/05/2013
Status: Abandoned Application

First Claim

Patent Images

1. A method performed by one or more data processing apparatuses, the method comprising:

generating device-specific credentials, wherein the device-specific credentials are configured to be used more than one time by an associated device;

associating the device-specific credentials with a device;

associating a particular user of the device with user-specific credentials different than the device-specific credentials;

after generating the device-specific credentials, associating the device-specific credentials with the device, and associating the particular user with the user-specific credentials, authenticating, by a data processing apparatus connected to a first network, the device based on the device-specific credentials, wherein the authentication occurs within the first network;

after authenticating the device;

permitting the device to access a second network different than the first network; and

authenticating, by a data processing apparatus connected to the second network, the particular user of the device based on the user-specific credentials.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems for providing device-specific authentication are described. One example method includes generating device-specific credentials, associating the device-specific credentials with a device, authenticating the device based on the device-specific credentials, and after authenticating the device, authenticating a user of the device based on user-specific credentials associated with the user and different than the device-specific credentials.

31 Citations

View as Search Results

30 Claims

1. A method performed by one or more data processing apparatuses, the method comprising:
- generating device-specific credentials, wherein the device-specific credentials are configured to be used more than one time by an associated device;
  
  associating the device-specific credentials with a device;
  
  associating a particular user of the device with user-specific credentials different than the device-specific credentials;
  
  after generating the device-specific credentials, associating the device-specific credentials with the device, and associating the particular user with the user-specific credentials, authenticating, by a data processing apparatus connected to a first network, the device based on the device-specific credentials, wherein the authentication occurs within the first network;
  
  after authenticating the device;
  
  permitting the device to access a second network different than the first network; and
  
  authenticating, by a data processing apparatus connected to the second network, the particular user of the device based on the user-specific credentials.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the device-specific credentials include a device-specific username and password.
  - 3. The method of claim 2, wherein generating the device-specific credentials includes generating a random username and password.
  - 4. The method of claim 1, wherein authenticating the device occurs via an insecure method, and authenticating the user occurs via a secure method.
  - 5. The method of claim 4, wherein the insecure method includes HyperText Transfer Protocol Basic Authentication (Basic Auth), and the secure method includes HyperText Transfer Protocol Secure (HTTPS).
  - 6. The method of claim 1, wherein the device-specific credentials are generated and associated with the device based on a profile associated with the device.
  - 7. The method of claim 1, wherein authenticating the device based on the device-specific credentials occurs without user interaction.
  - 8. The method of claim 1, further comprising:
    - tracking a usage pattern of the device based on the user-specific credentials of the user of the device.
  - 9. The method of claim 8, further comprising:
    - logging the user out of the device in response to the usage pattern indicating that the user has used the device for a time greater than a maximum usage time associated with the device.

10. A method performed by one or more data processing apparatuses, the method comprising:
- authenticating, by a data processing apparatus connected to a first network, a first device based on a first set of device-specific credentials, wherein the authentication occurs within the first network;
  
  after authenticating the first device, permitting the first device to access a second network different than the first network;
  
  authenticating, by a data processing apparatus connected to the second network, a user based on user-specific credentials associated with the user and different than the first set of device-specific credentials, wherein the authentication occurs while the user is using the first device and occurs within the second network, wherein the user-specific credentials include a username and password;
  
  applying a first policy associated with the first device to the user while the user is using the first device;
  
  authenticating, by the data processing apparatus connected to the first network, a second device based on a second set of device-specific credentials, wherein the authentication occurs within the first network;
  
  after authenticating the second device, permitting the second device to access the second network;
  
  authenticating, by the data processing apparatus connected to the second network, the user based on the user-specific credentials, the user-specific credentials being different than the second set of device-specific credentials, wherein the authentication occurs while the user is using the second device and occurs within the second network; and
  
  applying a second policy associated with the second device to the user while the user is using the second device, the second policy being different than the first policy.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. The method of claim 10, wherein the first device-specific credentials and the second device-specific credentials include device-specific usernames and passwords.
  - 12. The method of claim 10, wherein authenticating the first and second devices occurs via an insecure method, and authenticating the user occurs via a secure method.
  - 13. The method of claim 12, wherein the insecure method includes HyperText Transfer Protocol Basic Authentication (Basic Auth), and the secure method includes HyperText Transfer Protocol Secure (HTTPS).
  - 14. The method of claim 10, wherein authenticating the first and second devices occurs via a secure method.
  - 15. The method of claim 10, further comprising:
    - tracking a usage pattern of the first device based on the user-specific credentials of the user of the device.
  - 16. The method of claim 15, further comprising:
    - logging the user out of the first device in response to the usage pattern indicating that the user has used the first device for a time greater than a maximum usage time associated with the first device.

17. A system comprising:
- a hardware processor configured to execute computer program instructions; and
  
  a non-transitory computer storage medium encoded with computer program instructions that, when executed by the processor, cause the system to perform operations comprising;
  
  generating device-specific credentials;
  
  associating the device-specific credentials with a device;
  
  authenticating, by a data processing apparatus connected to a first network, the device based on the device-specific credentials, wherein the authentication occurs within the first network;
  
  after authenticating the device;
  
  permitting the device to access a first portion of a second network different than the first network;
  
  authenticating, by a data processing apparatus connected to the first portion of the second network, the particular user of the device based on the user-specific credentials; and
  
  in response to authenticating the particular user, permitting the device to access a second portion of the second network different than the first portion.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25)
- - 18. The system of claim 17, wherein the device-specific credentials include a device-specific username and password.
  - 19. The system of claim 18, wherein generating the device-specific credentials includes generating a random username and password.
  - 20. The system of claim 17, wherein authenticating the device occurs via an insecure method, and authenticating the user occurs via a secure method.
  - 21. The system of claim 20, wherein the insecure method includes HyperText Transfer Protocol Basic Authentication (Basic Auth), and the secure method includes HyperText Transfer Protocol Secure (HTTPS).
  - 22. The system of claim 17, wherein the device-specific credentials are generated and associated with the device based on a profile associated with the device.
  - 23. The system of claim 17, wherein authenticating the device based on the device-specific credentials occurs without user interaction.
  - 24. The system of claim 17, the operations further comprising:
    - tracking a usage pattern of the device based on the user-specific credentials of the user of the device.
  - 25. The system of claim 24, the operations further comprising:
    - logging the user out of the device in response to the usage pattern indicating that the user has used the device for a time greater than a maximum usage time associated with the device.

26. A system comprising:
- a hardware processor configured to execute computer program instructions; and
  
  a non-transitory computer storage medium encoded with computer program instructions that, when executed by the processor, cause the system to perform operations comprising;
  
  authenticating a first device based on a first set of device-specific credentials, wherein the authentication occurs within a first network;
  
  after authenticating the first device, permitting the first device to access a second network different than the first network;
  
  authenticating a user based on user-specific credentials associated with the user and different than the first set of device-specific credentials, wherein the authentication occurs while the user is using the first device and occurs within the second network, wherein the user-specific credentials include a username and password;
  
  applying a first policy associated with the first device to the user while the user is using the first device;
  
  authenticating a second device based on a second set of device-specific credentials, wherein the authentication occurs within the first network;
  
  after authenticating the second device, permitting the second device to access the second network;
  
  authenticating the user based on the user-specific credentials, the user-specific credentials being different than the second set of device-specific credentials, wherein the authentication occurs while the user is using the second device and occurs within the second network; and
  
  applying a second policy associated with the second device to the user while the user is using the second device, the second policy being different than the first policy.
- View Dependent Claims (27, 28, 29, 30)
- - 27. The system of claim 26, wherein the first device-specific credentials and the second device-specific credentials include device-specific usernames and passwords.
  - 28. The system of claim 26, wherein authenticating the first and second devices occurs via an insecure method, and authenticating the user occurs via a secure method.
  - 29. The system of claim 28, wherein the insecure method includes HyperText Transfer Protocol Basic Authentication (Basic Auth), and the secure method includes HyperText Transfer Protocol Secure (HTTPS).
  - 30. The system of claim 26, wherein authenticating the first and second devices occurs via a secure method.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
iBoss
Original Assignee
Phantom Technologies Incorporated
Inventors
Martini, Paul Michael

Application Number

US13/857,714
Publication Number

US 20140304808A1
Time in Patent Office

Days
Field of Search
US Class Current

726/19
CPC Class Codes

G06F 21/44 Program or device authentic...

Device-Specific Authentication Credentials

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

31 Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Device-Specific Authentication Credentials

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

31 Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links