Asymmetric key pair having a kiosk mode
First Claim
1. An article of manufacture for providing different levels of access based upon a same authentication factor, comprising,computer readable storage media:
- and computer programming stored on the storage media, wherein the stored computer programming is configured to be readable by one or more computers and thereby cause the one or more computers to operate so as to;
receive a first message transformed with a first portion of a split private key, the first portion based upon a user password and another factor, different than the user password, with both factors being under the control of the user, and the split private key associated with an asymmetric key pair having a public key and the split private key;
authenticate the user for a first level of network access based upon the received first message being transformed with the first portion;
receive a second message transformed with a second portion of the split private key, the second portion based upon the user password only and not combinable with the first portion to complete the split private key; and
authenticate the user for a second level of network access different that the first level based upon the received second message being transformed with the second portion.
5 Assignments
0 Petitions
Accused Products
Abstract
Techniques for providing different levels of access based upon a same authentication factor are provided. A first message is received that is transformed with a first portion of a split private key, the first portion based upon a user password and another factor, and the split private key associated with an asymmetric key pair having a public key and the split private key. The user is authenticated for a first level of network access based upon the received first message being transformed with the first portion. A second message is received that is transformed with a second portion of the split private key, the second portion based upon the password only and not combinable with the first portion to complete the split private key. The user is authenticated for a second level of network access different that the first level based upon the received second message being transformed with the second portion.
-
Citations
18 Claims
-
1. An article of manufacture for providing different levels of access based upon a same authentication factor, comprising,
computer readable storage media: - and computer programming stored on the storage media, wherein the stored computer programming is configured to be readable by one or more computers and thereby cause the one or more computers to operate so as to;
receive a first message transformed with a first portion of a split private key, the first portion based upon a user password and another factor, different than the user password, with both factors being under the control of the user, and the split private key associated with an asymmetric key pair having a public key and the split private key; authenticate the user for a first level of network access based upon the received first message being transformed with the first portion;
receive a second message transformed with a second portion of the split private key, the second portion based upon the user password only and not combinable with the first portion to complete the split private key; and
authenticate the user for a second level of network access different that the first level based upon the received second message being transformed with the second portion. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- and computer programming stored on the storage media, wherein the stored computer programming is configured to be readable by one or more computers and thereby cause the one or more computers to operate so as to;
-
10. A system for providing different levels of access based upon a same authentication factor, comprising:
- a communications interface configured to receive i) a first message transformed with a first portion of a split private key, the first portion based upon a user password and another factor, different than the user password, with both factors being under the control of the user, and the split private key associated with an asymmetric key pair having a public key and the split private key, and ii) a second message transformed with a second portion of the split private key, the second portion based upon the user password only and not combinable with the first portion to complete the split private key; and
a processor configured to i) authenticate the user for a first level of network access based upon the received first message being transformed with the first portion, and ii) authenticate the user for a second level of network access different that the first level based upon the received second message being transformed with the second portion. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- a communications interface configured to receive i) a first message transformed with a first portion of a split private key, the first portion based upon a user password and another factor, different than the user password, with both factors being under the control of the user, and the split private key associated with an asymmetric key pair having a public key and the split private key, and ii) a second message transformed with a second portion of the split private key, the second portion based upon the user password only and not combinable with the first portion to complete the split private key; and
Specification