Trusted group of a plurality of devices with single sign on, secure authentication
First Claim
1. A non-transient computer program product including computer executable instructions stored onto a computer readable medium which, when executed by a processor of a computer, causes the computer to perform a method for establishing a trusted group, the instructions comprising:
- instructions to define the trusted group including two or more devices;
instructions to receive a session initiation protocol (SIP) registration for a first device;
instructions to receive a subscribe message from the first device to subscribe to the trusted group;
in response to the SIP registration, instructions to send a notification to the first device, the notification providing information of a second device that is already registered and subscribed to the trusted group;
instructions to pass a SIP invite message from the first device to the second device, the SIP invite message including a self signed certificate fingerprint for the first device;
in response to the SIP invite message, passing a 200 OK message from the second device to the first device, wherein the 200 OK message includes a self signed certificate fingerprint for the second device; and
wherein, in response to the 200 OK message, the first device and the second device establish a persistent transport layer security (TLS) connection to pass lock or unlock events between the first device and the second device.
21 Assignments
0 Petitions
Accused Products
Abstract
A system creates a trusted group of devices for single sign on. The trusted group is a set of two or more devices which can communicate securely to exchange information about the states of the devices. The two or more devices can arrange or establish the trusted group through the exchange of credentials or authentication information. After the establishment of the trusted group, the two or more devices may communicate through a secure connection established between the members of the trusted group. Each device may then execute normally and may encounter events that change the status of the device. Information about the locking or unlocking of the computer can be exchanged with the other members of the trusted group and the other members may also lock or unlock in concert.
103 Citations
20 Claims
-
1. A non-transient computer program product including computer executable instructions stored onto a computer readable medium which, when executed by a processor of a computer, causes the computer to perform a method for establishing a trusted group, the instructions comprising:
-
instructions to define the trusted group including two or more devices; instructions to receive a session initiation protocol (SIP) registration for a first device; instructions to receive a subscribe message from the first device to subscribe to the trusted group; in response to the SIP registration, instructions to send a notification to the first device, the notification providing information of a second device that is already registered and subscribed to the trusted group; instructions to pass a SIP invite message from the first device to the second device, the SIP invite message including a self signed certificate fingerprint for the first device; in response to the SIP invite message, passing a 200 OK message from the second device to the first device, wherein the 200 OK message includes a self signed certificate fingerprint for the second device; and wherein, in response to the 200 OK message, the first device and the second device establish a persistent transport layer security (TLS) connection to pass lock or unlock events between the first device and the second device. - View Dependent Claims (2, 3, 4, 6, 7, 8)
-
-
5. A trusted group of devices comprising:
-
a first communication device comprising; a memory that stores a lock/unlock application; a processor in communication with the memory, the processor that executes the lock/unlock application; a computing device comprising; a second memory that stores a second lock/unlock application; a second processor in communication with the second memory, the second processor that executes the second lock/unlock application; a session manager in communication with the first communication device and the computing device, the session manager that; receives a session initiation protocol (SIP) registration for the first communications device; receives a subscribe message from the first communication device to subscribe to a trusted group, the trusted group including the first communication device and the computing device; in response to the SIP registration, sends a notification to the first communication device, the notification providing information of the computing device that is already registered and subscribed to the trusted group; passes a SIP invite message from the computing device to the first communication device, the SIP invite message including a self signed certificate fingerprint for the computing device; in response to the SIP invite message, passes a 200 OK message from the first communication device to the computing device, wherein the 200 OK message includes a self signed certificate fingerprint for the first communication device; and wherein, in response to the 200 OK message, the first communication device and the computing device establish a persistent transport layer security (TLS) connection to pass lock or unlock events between the first communication device and the computing device. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
-
9. A method for a secure sign on, comprising:
-
establishing, by a first device, a secure communications channel with at least a second device of a trusted group, wherein the secure communications channel is a persistent transport layer security (TLS) connection for communicating events between two or more IP enabled devices of the trusted group and wherein establishing the secure communications channel comprises; sending a session initiation protocol (SIP) registration to a session manager; in response to the SIP registration, receiving a notification from the session manager, the notification providing information of another device that is part of the trusted group; sending a SIP invite message to the other device; in response to the SIP invite message, receiving a direct socket link for the persistent TLS connection; and in response to the receiving the direct socket link for the persistent TLS connection, establishing the persistent TLS connection; receiving, by the first device, an event from the at least one second device of the trusted group over the secure communication channel, the event indicating an unlock of the at least one second device; and based on the event, unlocking the first device of the trusted group. - View Dependent Claims (10, 11, 12, 13)
-
Specification