BINDING TO A USER DEVICE

US 20160277383A1
Filed: 01/22/2016
Published: 09/22/2016
Est. Priority Date: 03/16/2015
Status: Abandoned Application

First Claim

Patent Images

1. A method of providing access to a protected resource, comprising:

obtaining a first authentication factor for a user that is accessing the resource using a computing device;

prompting the user to provide a second authentication factor;

accessing the second authentication factor using a pairing code;

determining if the second authentication factor is bound to the computing device; and

allowing the user to access the protected resource in response to the first and second authentication factors being valid and the second authentication factor being bound to the computing device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Providing access to a protected resource includes obtaining a first authentication factor for a user that is accessing the resource using a computing device, prompting the user to provide a second authentication factor, accessing the second authentication factor using a pairing code, determining if the second authentication factor is bound to the computing device, and allowing the user to access the protected resource in response to the first and second authentication factors being valid and the second authentication factor being bound to the computing device. The user may be prompted to tap a card to provide the second authentication factor. The first authentication factor may be a login id and password combination. The login id and password may be cached in the computing device. The second authentication factor may be a security card. Information on the security card may be encrypted and may be accessible using a pairing code.

Citations

24 Claims

1. A method of providing access to a protected resource, comprising:
- obtaining a first authentication factor for a user that is accessing the resource using a computing device;
  
  prompting the user to provide a second authentication factor;
  
  accessing the second authentication factor using a pairing code;
  
  determining if the second authentication factor is bound to the computing device; and
  
  allowing the user to access the protected resource in response to the first and second authentication factors being valid and the second authentication factor being bound to the computing device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. A method, according to claim 1, wherein the user is prompted to tap a card to provide the second authentication factor.
  - 3. A method, according to claim 1, wherein the first authentication factor is a login id and password combination.
  - 4. A method, according to claim 3, wherein at least one of:
    - the login id, the password, and a corresponding ticket is cached in the computing device.
  - 5. A method, according to claim 1, wherein the second authentication factor is a security card.
  - 6. A method, according to claim 5, wherein information on the security card is encrypted and is accessible using a pairing code.
  - 7. A method, according to claim 6, wherein the information on the security card includes at least one of:
    - a one time password and a serial number for the card.
  - 8. A method, according to claim 7, wherein the information on the security card is protected for integrity and authenticated.
  - 9. A method, according to claim 7, further comprising:
    - binding the security card to the computing device by storing data that includes at least one of;
      
      the serial number for the card and a serial number for the computing device.
  - 10. A method, according to claim 7, further comprising:
    - binding the security card to a user by storing data that includes at least one of;
      
      the serial number for the card and an identifier for the user.
  - 11. A method, according to claim 1, wherein allowing the user to access the protected resource includes generating an ADFS token for the user and wherein the AFDS token allows access to the resource.
  - 12. A method, according to claim 1, wherein the second authentication factor is one of:
    - a cell phone and a security token having wireless communication capability.

13. A non-transitory computer-readable medium containing software that provides access to a protected resource, the software comprising:
- executable code that obtains a first authentication factor for a user that is accessing the resource using a computing device;
  
  executable code that prompts the user to provide a second authentication factor;
  
  executable code that accesses the second authentication factor using a pairing code;
  
  executable code that determines if the second authentication factor is bound to the computing device; and
  
  executable code that allows the user to access the protected resource in response to the first and second authentication factors being valid and the second authentication factor being bound to the computing device.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
- - 14. A non-transitory computer-readable medium, according to claim 13, wherein the user is prompted to tap a card to provide the second authentication factor.
  - 15. A non-transitory computer-readable medium, according to claim 13, wherein the first authentication factor is a login id and password combination.
  - 16. A non-transitory computer-readable medium, according to claim 15, wherein at least one of:
    - the login id, the password, and a corresponding ticket is cached in the computing device.
  - 17. A non-transitory computer-readable medium, according to claim 13, wherein the second authentication factor is a security card.
  - 18. A non-transitory computer-readable medium, according to claim 17, wherein information on the security card is encrypted and is accessible using a pairing code.
  - 19. A non-transitory computer-readable medium, according to claim 18, wherein the information on the security card includes at least one of:
    - a one time password and a serial number for the card.
  - 20. A non-transitory computer-readable medium, according to claim 19, wherein the information on the security card is protected for integrity and authenticated.
  - 21. A non-transitory computer-readable medium, according to claim 19, the software further comprising:
    - executable code that binds the security card to the computing device by storing data that includes at least one of;
      
      the serial number for the card and a serial number for the computing device.
  - 22. A non-transitory computer-readable medium, according to claim 19, the software further comprising:
    - executable code that binds the security card to a user by storing data that includes at least one of;
      
      the serial number for the card and an identifier for the user.
  - 23. A non-transitory computer-readable medium, according to claim 13, wherein allowing the user to access the protected resource includes generating an ADFS token for the user and wherein the AFDS token allows access to the resource.
  - 24. A non-transitory computer-readable medium, according to claim 13, wherein the second authentication factor is one of:
    - a cell phone and a security token having wireless communication capability.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Assa Abloy AB
Original Assignee
Assa Abloy AB
Inventors
Guyomarc'h, Francois-Eric Michel, Holland, James William

Application Number

US15/004,297
Publication Number

US 20160277383A1
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 2463/082   applying multi-factor authe...

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04W 12/06   Authentication

H04W 12/50   Secure pairing of devices

BINDING TO A USER DEVICE

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

BINDING TO A USER DEVICE

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links