Conditional integration of a satellite device into an authentication process involving a primary device

US 8,850,609 B1
Filed: 09/24/2012
Issued: 09/30/2014
Est. Priority Date: 09/24/2012
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

determining risks of simultaneous theft of a primary device and respective ones of a plurality of satellite devices associated with the primary device; and

identifying at least one of the satellite devices as an appropriate authentication factor for use in an authentication process involving the primary device based at least in part on a comparison of a specified threshold and the determined risk of simultaneous theft of the primary device and the identified at least one satellite device;

wherein determining the risks of simultaneous theft of the primary device and respective one of the plurality of satellite devices associated with the primary device is based at least in part on risk assessments relating to use of the plurality of satellite devices as respective authentication factors in the authentication process involving the primary device; and

wherein said determining and identifying are performed by at least one processing device comprising a processor coupled to a memory.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A processing device comprising a processor coupled to a memory is configured to determine a risk of simultaneous theft of a primary device and at least one satellite device associated with the primary device, and to identify said at least one satellite device as an appropriate authentication factor for use in an authentication process involving the primary device, based at least in part on the determined risk. The identified satellite device may serve as an additional or alternative authentication factor relative to one or more other authentication factors. The processing device may comprise the primary device itself, or another separate device, such as an authentication server that also participates in the authentication process. Information associated with the identified satellite device is utilized in the authentication process to authenticate a user of the primary device.

8 Citations

View as Search Results

26 Claims

1. A method comprising:
- determining risks of simultaneous theft of a primary device and respective ones of a plurality of satellite devices associated with the primary device; and
  
  identifying at least one of the satellite devices as an appropriate authentication factor for use in an authentication process involving the primary device based at least in part on a comparison of a specified threshold and the determined risk of simultaneous theft of the primary device and the identified at least one satellite device;
  
  wherein determining the risks of simultaneous theft of the primary device and respective one of the plurality of satellite devices associated with the primary device is based at least in part on risk assessments relating to use of the plurality of satellite devices as respective authentication factors in the authentication process involving the primary device; and
  
  wherein said determining and identifying are performed by at least one processing device comprising a processor coupled to a memory.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1 wherein said at least one processing device that performs said determining and identifying comprises the primary device.
  - 3. The method of claim 1 wherein said at least one processing device that performs said determining and identifying comprises a server configured to communicate with the primary device.
  - 4. The method of claim 1 further comprising utilizing information associated with the identified at least one satellite device in the authentication process to authenticate a user of the primary device.
  - 5. The method of claim 4 wherein utilizing information associated with the identified at least one satellite device comprises utilizing at least one of a credential released by the satellite device, an output of a cryptographic function performed by the satellite device, and presence information of the satellite device.
  - 6. The method of claim 1 wherein the identified at least one satellite device is configured for wireless communication with the primary device.
  - 7. The method of claim 1 wherein determining the risks of simultaneous theft of the primary device and respective one of the plurality of satellite devices associated with the primary device comprises determining the risks based on analysis that takes place within a first time interval [T, T+A] and wherein the determined risks are treated as valid over a second time interval [T+A, T+A+B], where T, A and B denote specified time parameters.
  - 8. The method of claim 1 wherein determining the risks of simultaneous theft of the primary device and respective ones of the plurality of satellite devices associated with the primary device comprises determining risk scores indicative of a likelihood of simultaneous theft of the primary device and respective ones of the plurality of satellite devices.
  - 9. The method of claim 1 further comprising causing the identified at least one satellite device to release at least one credential.
  - 10. The method of claim 1 wherein determining the risks of simultaneous theft of the primary device and respective one of the plurality of satellite devices associated with the primary device comprises classifying the satellite devices.
  - 11. The method of claim 10 wherein classifying the satellite devices comprises classifying the satellite devices based on at least one of product type and model.
  - 12. The method of claim 1 wherein determining the risks of simultaneous theft of the primary device and respective one of the plurality of satellite devices associated with the primary device comprises characterizing operational history of the satellite devices.
  - 13. A computer program product comprising a non-transitory processor-readable storage medium having embodied therein one or more software programs, wherein the one or more software programs when executed cause said at least one processing device to perform the method of claim 1.
  - 14. The method of claim 1 wherein determining the respective risks of simultaneous theft is based at least in part on one or more of:
    - respective functions associated with the primary device and the plurality of satellite devices;
      
      respective records of signal transmissions from the plurality of satellite devices to the primary device; and
      
      respective applications or services with which the plurality of satellite devices communicate.

15. A method comprising:
- determining a risk of simultaneous theft of a primary device and at least one satellite device associated with the primary device; and
  
  identifying said at least one satellite device as an appropriate authentication factor for use in an authentication process involving the primary device, based at least in part on the determined risk;
  
  wherein determining the risk of simultaneous theft of the primary device and at least one satellite device associated with the primary device comprises determining a risk score indicative of a likelihood of simultaneous theft of the primary device and said at least one satellite device;
  
  wherein determining the risk score comprises determining a plurality of separate risk scores for respective ones of a plurality of the satellite devices; and
  
  wherein said determining and identifying are performed by at least one processing device comprising a processor coupled to a memory.
- View Dependent Claims (16, 17, 18)
- - 16. The method of claim 15 wherein identifying said at least one satellite device as an appropriate authentication factor comprises identifying any of the plurality of satellite devices having respective risk scores that exceed respective specified thresholds as appropriate authentication factors for use in the authentication process.
  - 17. The method of claim 15 wherein determining the risk score comprises determining a composite risk score for the plurality of satellite devices using the respective separate risk scores.
  - 18. The method of claim 17 wherein identifying said at least one satellite device as an appropriate authentication factor comprises identifying all of the plurality of satellite devices as appropriate authentication factors for use in the authentication process if the composite risk score exceeds a specified threshold.

19. An apparatus comprising:
- a server configured to communicate with at least one primary device;
  
  wherein the server comprises a processor coupled to a memory and is configured to determine risks of simultaneous theft of the primary device and respective ones of a plurality of satellite devices of the primary device, and to identify at least one of the satellite devices as an appropriate authentication factor for use in an authentication process involving the primary device based at least in part on a comparison of a specified threshold and the determined risk of simultaneous theft of the primary device and the identified at least one satellite device;
  
  wherein determining the risks of simultaneous theft of the primary device and respective one of the plurality of satellite devices associated with the primary device is based at least in part on risk assessments relating to use of the plurality of satellite devices as respective authentication factors in the authentication process involving the primary device.

20. An apparatus comprising:
- a primary device configured to communicate with plurality of satellite devices;
  
  wherein the primary device comprises a processor coupled to a memory and is configured to determine risks of simultaneous theft of the primary device and respective ones of the plurality of satellite devices, and to identify at least one of the satellite devices as an appropriate authentication factor for use in an authentication process involving the primary device based at least in part on a comparison of a specified threshold and the determined risk of simultaneous theft of the primary device and the identified at least one satellite device;
  
  wherein determining the risks of simultaneous theft of the primary device and respective one of the plurality of satellite devices associated with the primary device is based at least in part on risk assessments relating to use of the plurality of satellite devices as respective authentication factors in the authentication process involving the primary device.
- View Dependent Claims (21, 22, 23, 24, 25, 26)
- - 21. The apparatus of claim 20 wherein the primary device is configured to utilize information associated with the identified at least one satellite device in the authentication process to authenticate a user of the primary device.
  - 22. The apparatus of claim 21 wherein the information associated with the identified at least one satellite device comprises at least one of a credential released by the satellite device, an output of a cryptographic function performed by the satellite device, and presence information of the satellite device.
  - 23. The apparatus of claim 20 wherein the primary device is configured for wireless communication with the plurality of satellite devices.
  - 24. The apparatus of claim 23 wherein the primary device is configured to determine a plurality of separate risk scores for respective ones of the plurality of satellite devices.
  - 25. The apparatus of claim 20 wherein the primary device comprises a mobile telephone and the identified at least one satellite device comprises a device configured for wireless communication with the mobile telephone using a near-field communication protocol.
  - 26. The apparatus of claim 20 wherein the primary device comprises a portable computer and the identified at least one satellite device comprises a device configured for wireless communication with the portable computer using a near-field communication protocol.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Emc IP Holding Company LLC (Dell Technologies Inc.)
Original Assignee
EMC Corporation (Dell Technologies Inc.)
Inventors
Juels, Ari
Primary Examiner(s)
Parthasarathy, Pramila

Application Number

US13/625,480
Time in Patent Office

736 Days
Field of Search

None
US Class Current

726/34
CPC Class Codes

G06F 21/34 involving the use of extern...

Conditional integration of a satellite device into an authentication process involving a primary device

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

8 Citations

26 Claims

Specification

Use Cases

Quick Links

Others

Conditional integration of a satellite device into an authentication process involving a primary device

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

8 Citations

26 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others