Wireless token authentication

US 8,819,445 B2
Filed: 04/09/2012
Issued: 08/26/2014
Est. Priority Date: 04/09/2012
Status: Active Grant

First Claim

Patent Images

1. At least one machine accessible storage medium having instructions stored thereon, the instructions when executed on a machine, cause the machine to:

receive, from a first computing device, first authentication data based on data received by the first computing device from a wireless token device over a wireless connection between the first computing device and the wireless token device and based at least in part on the wireless token device being in proximity to the first computing device, wherein the first authentication data is associated with a first user and is to be used to authenticate the first user to a particular computing session hosted remote from the first computing device;

authenticate the first computing device for use by the first user in the particular computing session based on the received first authentication data;

permit the first computing device to consume resources of the particular computing session based on the first authentication data;

receive, from a second computing device, second authentication data based on data received by the second computing device from the wireless token device over a wireless connection between the second computing device and the wireless token device and based at least in part on the wireless token device being in proximity to the second computing device, wherein the second authentication data is associated with the first user;

authenticate the second computing device for use by the particular user in the particular computing session based on the received second authentication data; and

permit the second computing device to consume resources of the particular computing session based on the second authentication data,wherein the particular computing session is associated with the first user and is to persist during a transition from use of the first computing device to use of the second computing device by the first user.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Authentication data is received, from a first computing device, based on data received by the first computing device from a wireless token device, the authentication data used to authenticate a first user to a particular computing session hosted remote from the first computing device. The first computing device is authenticated to the particular computing session based on the received authentication data. The first computing device is permitted to consume resources of the particular computing session. In some instances, the data received by the first computing device from the wireless token device includes the authentication data.

137 Citations

22 Claims

1. At least one machine accessible storage medium having instructions stored thereon, the instructions when executed on a machine, cause the machine to:
- receive, from a first computing device, first authentication data based on data received by the first computing device from a wireless token device over a wireless connection between the first computing device and the wireless token device and based at least in part on the wireless token device being in proximity to the first computing device, wherein the first authentication data is associated with a first user and is to be used to authenticate the first user to a particular computing session hosted remote from the first computing device;
  
  authenticate the first computing device for use by the first user in the particular computing session based on the received first authentication data;
  
  permit the first computing device to consume resources of the particular computing session based on the first authentication data;
  
  receive, from a second computing device, second authentication data based on data received by the second computing device from the wireless token device over a wireless connection between the second computing device and the wireless token device and based at least in part on the wireless token device being in proximity to the second computing device, wherein the second authentication data is associated with the first user;
  
  authenticate the second computing device for use by the particular user in the particular computing session based on the received second authentication data; and
  
  permit the second computing device to consume resources of the particular computing session based on the second authentication data,wherein the particular computing session is associated with the first user and is to persist during a transition from use of the first computing device to use of the second computing device by the first user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The storage medium of claim 1, wherein the instructions when executed on a machine, further cause the machine to terminate participation of the first computing device in the particular computing session.
  - 3. The storage medium of claim 2, wherein the participation of the first computing device is to be terminated based on a removal of the wireless token device from the first computing device.
  - 4. The storage medium of claim 3, wherein the instructions when executed on a machine, further cause the machine to attempt to re-authenticate the first computing device based on forwarding of additional authentication data received by the first computing device from the wireless token device.
  - 5. The storage medium of claim 3, wherein the termination of the participation of the first computing device is to be based on termination data received from the first computing device identifying that the first computing device is no longer in communication with the wireless token device.
  - 6. The storage medium of claim 1, wherein both the first and second computing devices are to be authenticated to the particular computing session at a first instance.
  - 7. The storage medium of claim 1, wherein the first computing device is of a first type and the second computing device is of a second type different from the first type.
  - 8. The storage medium of claim 7, wherein at least some of the resources of the particular computing session are to be consumed by both the first and second computing devices.
  - 9. The storage medium of claim 8, wherein the first and second computing devices are to each present the at least some of the resources to be consumed by both the first and second computing devices.
  - 10. The storage medium of claim 9, wherein the at least some of the resources to be consumed by both the first and second computing devices are to be rendered on the first computing device differently than on the second computing device.
  - 11. The storage medium of claim 7, wherein the instructions when executed on a machine, further cause the machine to identify a type of each device based on authentication data received from the respective device.
  - 12. The storage medium of claim 1, wherein the authentication data originates from the wireless token device and is to be forwarded by the first computing device to a server device hosting the particular computing session.
  - 13. The storage medium of claim 12, wherein the authentication data is to be encrypted using a public key paired to a private key of the server device.
  - 14. The storage medium of claim 1, wherein the authentication data is hosted on the first computing device and receipt of data from the wireless token authorizes forwarding of the authentication data to a server device hosting the particular computing session.
  - 15. The storage medium of claim 1, wherein the wireless token device is paired to a server device hosting the particular computing session.
  - 16. The storage medium of claim 1, wherein the particular computing session is a digital streaming media presentation.
  - 17. The storage medium of claim 1, wherein the particular computing session is a session with a software application hosted by the server device.
  - 18. The storage medium of claim 1, wherein the particular computing session is hosted by a cloud computing system.
  - 19. The storage medium of claim 1,wherein the instructions when executed on a machine, further cause the machine to identify user profile data associated with the first user;
    - and applying the user profile data within the particular computing session.
  - 20. The storage medium of claim 1, wherein at least one other device associated with a second user other than the first user also consumes resources within the particular computing session.

21. A method comprising:
- receiving, from a first computing device, first authentication data forwarded by the first computing device from a wireless token device to a server device hosting a particular computing session, the first authentication data associated with a first user and used to authenticate the first user to the particular computing session, wherein the first authentication data was received by the first computing device from the wireless token device over a wireless communication channel and based at least in part on the wireless token device being in proximity to the first computing device;
  
  authenticating the first computing device for use by the first user in the particular computing session based on the received first authentication data;
  
  permitting the first computing device to consume resources of the particular computing session based on the first authentication data;
  
  receiving, from a second computing device, second authentication data based on data received by the second computing device from the wireless token device over a wireless connection between the second computing device and the wireless token device and based at least in part on the wireless token device being in proximity to the second computing device, wherein the second authentication data is associated with the first user;
  
  authenticating the second computing device for use by the particular user in the particular computing session based on the received second authentication data; and
  
  permitting the second computing device to consume resources of the particular computing session based on the second authentication data,wherein the particular computing session is associated with the first user and persists during a transition from use of the first computing device to use of the second computing device by the first user.

22. A system comprising:
- at least one processor device;
  
  at least one memory element; and
  
  a session manager, adapted when executed by the at least one processor device to;
  
  manage hosting of a particular computing session;
  
  receive, from a first computing device, first authentication data forwarded by the first computing device from a wireless token device, the first authentication data to be used to authenticate a first user to the particular computing session, wherein the first authentication data is associated with a first user and was received by the first computing device from the wireless token device over a wireless communication channel and based at least in part on the wireless token device being in proximity to the first computing device;
  
  authenticate the first computing device for use by the first user in the particular computing session based on the received first authentication data;
  
  permit the first computing device to consume resources of the particular computing session based on the first authentication data;
  
  receive, from a second computing device, second authentication data based on data received by the second computing device from the wireless token device over a wireless connection between the second computing device and the wireless token device and based at least in part on the wireless token device being in proximity to the second computing device, wherein the second authentication data is associated with the first user;
  
  authenticate the second computing device for use by the particular user in the particular computing session based on the received second authentication data; and
  
  permit the second computing device to consume resources of the particular computing session based on the second authentication data,wherein the particular computing session is associated with the first user and is to persist during a transition from use of the first computing device to use of the second computing device by the first user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, Inc. (McAfee, LLC)
Inventors
Schrecker, Sven
Primary Examiner(s)
McNally, Michael S
Assistant Examiner(s)
RAHIM, MONJUR

Application Number

US13/442,802
Publication Number

US 20130268767A1
Time in Patent Office

869 Days
Field of Search

173/185
US Class Current

713/185
CPC Class Codes

G06F 21/31   User authentication

G06F 21/35   communicating wirelessly

G06F 2221/2115   Third party

H04L 63/0853   using an additional device,...

H04W 12/068   using credential vaults, e....

H04W 12/33   using wearable devices, e.g...

Wireless token authentication

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

137 Citations

22 Claims

Specification

Use Cases

Quick Links

Others

Wireless token authentication

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

137 Citations

22 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others