Soft token posture assessment

US 8,683,563 B1
Filed: 03/30/2012
Issued: 03/25/2014
Est. Priority Date: 03/30/2012
Status: Active Grant

First Claim

Patent Images

1. A method of assessing a security status of a device on which a soft token is run, comprising:

collecting device posture information by the device pertaining to at least one of the device'"'"'s software status hardware status or environmental context, the device posture information providing an indication of whether the device has been subjected to malicious activity;

generating token codes by the soft token on the device for enabling a user of the device to authenticate to a server; and

initiating transmission of the collected device posture information from the device to the server,wherein collectin device posture information includes running multiple inquiry procedures on the device, receiving respective responses to the inquiry procedures, and storing the responses to the inquiry procedures for transmission to the server, andwherein initiating transmission of the collected device posture information from the device to the server includes;

assigning different portions of the device posture information to multiple sequences of auxiliary bits;

blending different sequences of auxiliary bits with respective token codes from the soft token on the device to generate respective passcodes; and

displaying the passcodes to the user for manual transfer by the user to a computing machine connected to the server over a network.

View all claims

18 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An improved technique for assessing the security status of a device on which a soft token is run collects device posture information from the device running the soft token and initiates transmission of the device posture information to a server to be used in assessing whether the device has been subjected to malicious activity. The device posture information may relate to the software status, hardware status, and/or environmental context of the device. In some examples, the device posture information is transmitted to the server directly. In other examples, the device posture information is transmitted to the server via auxiliary bits embedded in passcodes displayed to the user, which the user may read and transfer to the server as part of authentication requests. The server may apply the device posture information in a number of areas, including, for example, authentication management, risk assessment, and/or security analytics.

Citations

20 Claims

1. A method of assessing a security status of a device on which a soft token is run, comprising:
- collecting device posture information by the device pertaining to at least one of the device'"'"'s software status hardware status or environmental context, the device posture information providing an indication of whether the device has been subjected to malicious activity;
  
  generating token codes by the soft token on the device for enabling a user of the device to authenticate to a server; and
  
  initiating transmission of the collected device posture information from the device to the server,wherein collectin device posture information includes running multiple inquiry procedures on the device, receiving respective responses to the inquiry procedures, and storing the responses to the inquiry procedures for transmission to the server, andwherein initiating transmission of the collected device posture information from the device to the server includes;
  
  assigning different portions of the device posture information to multiple sequences of auxiliary bits;
  
  blending different sequences of auxiliary bits with respective token codes from the soft token on the device to generate respective passcodes; and
  
  displaying the passcodes to the user for manual transfer by the user to a computing machine connected to the server over a network.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1, further comprising maintaining a schedule of inquiry procedures to be run, wherein the schedule includes inquiry procedures that are run periodically and inquiry procedures that are run in response to particular events.
  - 3. The method of claim 1, further comprising configuring at least one bit of the auxiliary bits of a sequence of auxiliary bits as a silent alarm, the silent alarm indicating whether the device has been subjected to malicious activity.
  - 4. The method of claim 3, further comprising:
    - generating the silent alarm on the device from an initial multi-bit silent alarm seed shared between the soft token and the server; and
      
      alerting the server whether to treat the auxiliary bits of the sequence of auxiliary bits in which the silent alarm is included as trusted or untrusted based on whether the silent alarm is triggered.
  - 5. The method of claim 4, further comprising assessing a level of risk associated with collected device posture information and triggering the silent alarm if the level of risk exceeds a predetermined threshold, wherein triggering the silent alarm includes subjecting the silent alarm to a forward-secure function shared between the soft token and the server.
  - 6. The method of claim 1, further comprising assessing a level of risk associated with the collected device posture information and disabling the soft token when the level of risk exceeds a predetermined threshold.
  - 7. The method of claim 1, wherein the inquiry procedures include at least one of:
    - (i) testing whether the soft token has been upgraded;
      
      (ii) detecting a presence of hardware modules installed on the device and whether any changes have been made in a configuration of any of the hardware modules; and
      
      (iii) checking identifying hardware information on the device, including at least one of a MAC address, serial number, and device fingerprinting module of the device, and comparing the checked hardware information with a record of previously obtained hardware information of the device.
  - 8. The method of claim 3, wherein the inquiry procedures include at least one of:
    - (i) identifying whether the soft token is being run in a debugger; and
      
      (ii) measuring a speed of operation of the soft token and comparing the speed of operation of the soft token with at least one previously measured speed of operation of the soft token to determine whether the speed of operation of the soft token has substantially changed.
  - 9. The method of claim 3, wherein the inquiry procedures include testing whether the device is within Wi-Fi range of a predetermined Wi-Fi beacon, and disabling the soft token on the device if the device is not within range of the predetermined Wi-Fi beacon.
  - 10. The method of claim 3, wherein the inquiry procedures include detecting an electronic topography of wireless devices in a vicinity of the device, and comparing the electronic topography to at least one previously detected electronic topography in the vicinity of the device to indicate whether the device is being used in an environment in which it has previously been used.
  - 11. The method of claim 1, wherein the inquiry procedures include at least one of:
    - (i) monitoring an execution environment of the device to detect whether applications unauthorized by a manufacturer of the device are running; and
      
      (ii) testing whether the device has been jailbroken.
  - 12. The method of claim 1, wherein the inquiry procedures include at least one of:
    - (i) comparing a last time that a storage location in which the soft token is stored on the device was accessed with a last time that soft token was run;
      
      (ii) checking a hash of the soft token code and comparing the hash with at least one previous hash of the soft token code to determine whether the hash of the soft token code has changed; and
      
      (iii) testing whether more than one copy of a soft token is installed on the device.
  - 13. The method of claim 1, wherein the inquiry procedures include at least one of:
    - (i) testing whether a software component on the device fails signature checks or in-memory signature checks; and
      
      (ii) testing whether a new partner plug-in has been installed on the device.
  - 14. The method of claim 1, wherein the inquiry procedures include testing whether a change in device time has taken place.
  - 15. The method of claim 1, wherein the inquiry procedures include at least one of:
    - (i) checking a last time a hardware peripheral of the device was accessed; and
      
      (ii) checking for how long the hardware peripheral was accessed the last time the hardware peripheral was accessed.
  - 16. The method of claim 1, wherein the device is configured as a virtual machine, and wherein the inquiry procedures include testing whether the soft token has been copied or moved to a different device.
  - 17. The method of claim 1, further comprising obfuscating a set of the collected device posture information by rendering the set of collected device posture information in a form of a fuzzy commitment.

18. A device including a soft token for generating token codes for authenticating a user to a server, the device comprising:
- a set of processors; and
  
  memory, coupled to the set of processors, the memory constructed and arranged to store instructions executable by the set of processors,wherein the set of processors executing instructions from the memory forms a specialized circuit constructed and arranged to;
  
  collect device posture information by the device pertaining to at least one of the device'"'"'s software status, hardware status, or environmental context, the device posture information providing an indication of whether the device has been subjected to malicious activity;
  
  generate token codes by the soft token on the device for enabling the user of the device to authenticate to the server; and
  
  initiate transmission of the collected device posture information from the device to the server,wherein when constructed and arranged to initiate transmission of the collected device posture information from the device to the server, the specialized circuit is further constructed and arranged to;
  
  assign different portions of the device posture information to multiple sequences of auxiliary bits;
  
  blend different sequences of auxiliary bits with respective token codes from the soft token on the device to generate respective passcodes; and
  
  display the passcodes to the user for manual transfer by the user to a computing machine connected to the server over a network.

19. A non-transitory computer readable medium including instructions which, when executed by a set of processors of a device, cause the set of processors to perform a method of assessing a security status of a device on which a soft token is run, the method comprising:
- collecting device posture information by the device pertaining to at least one of the device'"'"'s software status, hardware status, or environmental context, the device posture information providing an indication of whether the device has been subjected to malicious activity;
  
  generating token codes by the soft token on the device for enabling a user of the device to authenticate to a server;
  
  generating a set of passcodes that include a combination of token codes generated by the soft token on the device and device posture information collected by the device andinitiating transmission of the collected device posture information from the device to the server,wherein initiating transmission of the collected device posture information from the device to the server includes;
  
  assigning different portions of the device posture information to multiple sequences of auxiliary bits;
  
  blending different sequences of auxiliary bits with respective token codes from the soft token on the device to generate respective passcodes; and
  
  displaying the passcodes to the user for manual transfer by the user to a computing machine connected to the server over a network.
- View Dependent Claims (20)
- - 20. The non-transitory computer readable medium of claim 19, wherein the method further comprises:
    - generating the silent alarm on the device from an initial multi-bit silent alarm seed shared between the soft token and the server; and
      
      alerting the server whether to treat the auxiliary bits of the sequence of auxiliary bits in which the silent alarm is included as trusted or untrusted based on whether the silent alarm is triggered.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
RSA Security LLC (Symphony Technology Group LLC)
Original Assignee
EMC Corporation (Dell Technologies Inc.)
Inventors
van Dijk, Marten, Bowers, Kevin D., Curry, Samuel, Duane, William M., Juels, Ari, O'Malley, Michael J., Triandopoulos, Nikolaos, Zolfonoon, Riaz, Doyle, Sean P.
Primary Examiner(s)
Hoffman, Brandon
Assistant Examiner(s)
Brown, Anthony

Application Number

US13/435,616
Time in Patent Office

725 Days
Field of Search

726/6, 726 22- 26
US Class Current

726/6
CPC Class Codes

G06F 21/43   wireless channels

G06F 21/554   involving event detection a...

G06F 21/56   Computer malware detection ...

H04L 63/1433   Vulnerability analysis

H04L 9/00   Cryptographic mechanisms or...

H04W 12/06   Authentication

H04W 12/128   Anti-malware arrangements, ...

Soft token posture assessment

First Claim

18 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Soft token posture assessment

First Claim

18 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links