Device-specific identity
First Claim
Patent Images
1. A method of accessing a user device from a remote device within an account network, the method comprising:
- receiving from an account authority service an indication of one or more shareable devices of a specified user, the user device being one of the shareable devices of the specified user;
receiving from the account authority service a device identifier of the user device, the device identifier being extracted from account information of the specified user;
receiving from the user device a device certificate including the device identifier of the user device; and
confirming that the device certificate is signed by the account authority service;
confirming that the device identifier received from the account authority service matches the device identifier received in the device certificate; and
granting authentication if the device identifier received from the account authority service matches the device identifier received in the device certificate and a user credential is authenticated.
2 Assignments
0 Petitions
Accused Products
Abstract
A device identifier (ID) is used across enterprise boundaries. A user can use the device ID to publish a device for sharing with other remote users. The remote users can discover devices that are shared by other users based on device IDs, connect to a selected device, and then verify that they have connected to the correct device based on its device ID. An account authority service may be used to manage the publication and/or discovery of the shared devices and their device IDs.
33 Citations
20 Claims
-
1. A method of accessing a user device from a remote device within an account network, the method comprising:
-
receiving from an account authority service an indication of one or more shareable devices of a specified user, the user device being one of the shareable devices of the specified user; receiving from the account authority service a device identifier of the user device, the device identifier being extracted from account information of the specified user; receiving from the user device a device certificate including the device identifier of the user device; and confirming that the device certificate is signed by the account authority service; confirming that the device identifier received from the account authority service matches the device identifier received in the device certificate; and granting authentication if the device identifier received from the account authority service matches the device identifier received in the device certificate and a user credential is authenticated. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer-readable storage medium, the computer-readable storage medium not consisting of a propagating signal, the computer-readable storage medium having computer-executable instructions for performing a computer process that accesses a user device from a remote device within an account network, the computer process comprising:
-
receiving from an account authority service an indication of one or more shareable devices of a specified user, the user device being one of the shareable devices of the specified user; identifying to the account authority service a selection of the user device from the indication of the one or more shareable devices; receiving from the account authority service a device identifier of the user device; receiving from the user device a device certificate including the device identifier of the user device; and confirming that the device certificate is signed by the account authority service; confirming that the device identifier received from the account authority service matches the device identifier received in the device certificate; and granting authentication if the device identifier received from the account authority service matches the device identifier received in the device certificate and a user credential is authenticated. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A method of accessing a user device from a remote device within an account network, the method comprising:
-
receiving from an account authority service a device identifier of the user device; receiving from the user device a device certificate signed by the account authority service and including the device identifier of the user device; confirming that the device certificate is signed by the account authority service; determining whether the device identifier received from the account authority service matches the device identifier received in the device certificate; and establishing communications between the user device and the remote device if the device identifier received from the account authority service matches the device identifier received in the device certificate and a user credential is authenticated. - View Dependent Claims (17, 18, 19, 20)
-
Specification