Method and apparatus for using cryptographic mechanisms to provide access to a portable device using integrated authentication using another portable device
First Claim
1. A method for providing authentication of a user to a first peripheral device connected to a host computer using an authentication of the user on an independently connected second peripheral device also connected to the host computer, allowing the user access to both devices through a single authentication, comprising:
- operating the host computer to detect that the user is attempting use of the first peripheral device;
operating the second peripheral device to cause the user to authenticate to the second peripheral device;
operating the host computer to cause the second peripheral device which is independently connected to the host computer to execute a security function that utilizes a unique characteristic of the second peripheral device to produce a result that uniquely links the first peripheral device to the second peripheral device and that ensures that the first peripheral device cannot be accessed without authentication via the second peripheral device, and the result of which may be used by the host computer to compute an authentication phrase that may be validated by the first peripheral device as a credential allowing access to the first peripheral device conditioned upon the presence of and successful authentication to the second peripheral device;
operating the host computer to calculate the authentication phrase based on the result of the security function returned from the second peripheral device;
transmitting the authentication phrase from the host computer to the first peripheral device;
operating the first peripheral device to allow the user access to private assets stored on the first peripheral device only upon positive determination by the first peripheral device that the user has been authenticated based on verification of the authentication phrase as corresponding to an accepted authentication phrase.
3 Assignments
0 Petitions
Accused Products
Abstract
A method and system for providing authentication of a user to a first peripheral device connected to a host computer using an authentication of the user on a second peripheral device, thereby allowing the user access to both devices through a single authentication. A security function on the second peripheral device is used to create an authorization phrase. Subsequent accesses to the first peripheral device requires the second peripheral device to re-create the same authorization phrase thereby demonstrating that the same second peripheral device is being used to access the first peripheral device and that a user was successfully authenticated to the second peripheral device. Other systems and methods are disclosed.
-
Citations
15 Claims
-
1. A method for providing authentication of a user to a first peripheral device connected to a host computer using an authentication of the user on an independently connected second peripheral device also connected to the host computer, allowing the user access to both devices through a single authentication, comprising:
-
operating the host computer to detect that the user is attempting use of the first peripheral device; operating the second peripheral device to cause the user to authenticate to the second peripheral device; operating the host computer to cause the second peripheral device which is independently connected to the host computer to execute a security function that utilizes a unique characteristic of the second peripheral device to produce a result that uniquely links the first peripheral device to the second peripheral device and that ensures that the first peripheral device cannot be accessed without authentication via the second peripheral device, and the result of which may be used by the host computer to compute an authentication phrase that may be validated by the first peripheral device as a credential allowing access to the first peripheral device conditioned upon the presence of and successful authentication to the second peripheral device; operating the host computer to calculate the authentication phrase based on the result of the security function returned from the second peripheral device; transmitting the authentication phrase from the host computer to the first peripheral device; operating the first peripheral device to allow the user access to private assets stored on the first peripheral device only upon positive determination by the first peripheral device that the user has been authenticated based on verification of the authentication phrase as corresponding to an accepted authentication phrase. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for providing authentication of a user to a first peripheral device connected to a host computer using an authentication of the user on a second peripheral device also connected to the host computer, allowing the user access to both devices through a single authentication, comprising:
upon an attempt to establish a connection to the first peripheral device through the host computer, operating the host computer; to request the user to commence an authentication process for the second peripheral device; to attempt to authenticate the user to the second peripheral device; upon successful authentication to the second peripheral device, to request the second peripheral device to execute a security function designated by the host computer and that utilizes a unique characteristic of the second peripheral device to produce a result that uniquely links the first peripheral device to the second peripheral device and that ensures that the first peripheral device cannot be accessed without authentication via the second peripheral device thereby producing a security result that may be converted by the host computer to an authentication phrase useful as a credential allowing access to the first peripheral device conditioned upon the presence of and successful authentication to the second peripheral device; to receive the security result from second peripheral device; to convert the security result to an authentication phrase candidate for the first peripheral device; to attempt authentication to the first peripheral device using the authentication phrase candidate for the first peripheral device; and to receive an authentication result from the first peripheral device indicating success or failure of the authentication attempt. - View Dependent Claims (11)
-
12. A computer having a processor and connectors allowing connection to at least two peripheral devices, the computer processor being programmed to allow authentication to a first peripheral device be accomplished using authentication on a second peripheral device, the computer being programmed with instructions directing the computer to:
-
to request the user to commence an authentication process for the second peripheral device; to attempt to authenticate the user to the second peripheral device; upon successful authentication to the second peripheral device, to request the second peripheral device to execute a security function designated by the host computer and that utilizes a unique characteristic of the second peripheral device to produce a result that uniquely links the second peripheral device to the first peripheral device thereby producing a security result; to receive the security result from the second peripheral device; to convert the security result to an authentication phrase candidate for the first peripheral device; to attempt authentication to the first peripheral device using the authentication phrase candidate for the first peripheral device; and to receive an authentication result from the first peripheral device indicating success or failure of the authentication attempt.
-
-
13. A method for providing authentication of a user to a first peripheral device connected to a host computer using an authentication of the user on a second peripheral device also connected to the host computer, allowing the user access to both devices through a single authentication, comprising:
-
uniquely linking the first peripheral device and to the second peripheral device through an authentication phrase created by the second peripheral device wherein the authentication phrase reflects a unique characteristic of the second peripheral device and that ensures that the first peripheral device cannot be accessed without authentication via the second peripheral device and using the authentication phrase to create an encrypted virtual drive data file on the first peripheral device; operating the second peripheral device to cause the user to authenticate to the second peripheral device; upon attempting to use the encrypted virtual drive on the first peripheral device, obtaining a candidate authentication phrase from the second peripheral device; and attempting to mount the encrypted virtual drive data file using the candidate authentication phrase wherein only the correct authentication phrase would successfully decrypt the encrypted virtual drive. - View Dependent Claims (14, 15)
-
Specification