Client-based authentication
First Claim
Patent Images
1. An apparatus, comprising:
- a secure storage area in a storage device coupled to a client node; and
one or more processing devices configured;
to invoke N multiple authentication mechanisms to encrypt N split-keys using credentials associated with corresponding ones of the N authentication mechanisms, to transform the split-keys into N encrypted split-keys,to store each of the encrypted split-keys, with an associated local user identity and an identity of one of the corresponding ones of the N authentication mechanisms in the secure storage area; and
to decrypt an encrypted system password associated with a system user identity using a security key reconstructed from the split-keys to replicate successful login to the client node and to enable access to a client application.
8 Assignments
0 Petitions
Accused Products
Abstract
Apparatus, systems, and methods may operate to invoke multiple authentication mechanisms, by a client node, to encrypt N split-keys using credentials associated with corresponding ones of the authentication mechanisms. Further activity may include transforming the split-keys to provide N encrypted split-keys, and storing each of the encrypted split-keys with an associated local user identity and an identity of corresponding ones of the authentication mechanisms. Additional apparatus, systems, and methods are disclosed.
-
Citations
18 Claims
-
1. An apparatus, comprising:
-
a secure storage area in a storage device coupled to a client node; and one or more processing devices configured; to invoke N multiple authentication mechanisms to encrypt N split-keys using credentials associated with corresponding ones of the N authentication mechanisms, to transform the split-keys into N encrypted split-keys, to store each of the encrypted split-keys, with an associated local user identity and an identity of one of the corresponding ones of the N authentication mechanisms in the secure storage area; and to decrypt an encrypted system password associated with a system user identity using a security key reconstructed from the split-keys to replicate successful login to the client node and to enable access to a client application. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A processor-implemented method to execute on one or more processors that perform the method, comprising:
-
invoking N multiple authentication mechanisms, by a client node, to encrypt N split-keys using credentials associated with corresponding ones of the N authentication mechanisms, transforming the split-keys to provide N encrypted split-keys; and storing each of the encrypted split-keys with an associated local user identity and an identity of one of the corresponding ones of the N authentication mechanisms; and decrypting an encrypted system password associated with a system user identity using a security key reconstructed from the split-keys to replicate successful login to the client node and to enable access to a client application. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A processor-implemented method to execute on one or more processors that perform the method, comprising:
-
splitting, by a client node, a security key to provide N split-keys corresponding to N authentication mechanisms executable on the client node, and discarding the security key; invoking the authentication mechanisms, by the client node, to encrypt the N split-keys using credentials associated with the N authentication mechanisms, transforming the split-keys to provide N encrypted split-keys; and responsive to receiving an indication that a network login has been attempted at the client node and that an authentication server node is not accessible by the client node, decrypting, at the client node, the split-keys with the credentials associated with corresponding ones of the authentication mechanisms so that the security key can be reconstructed as a reconstructed key at the client node to replicate the network login. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
Specification