Secure authentication using mobile device
First Claim
Patent Images
1. A method of secure authentication comprising:
- receiving, by a server, information from a mobile device (i) identifying the mobile device and (ii) obtained by the mobile device from an identifying tag physically associated with a secure device different from the mobile device;
accessing, by the server, a database to identify (i) a user associated with the mobile device, (ii) a secure device associated with the identifying tag, and (iii) the security policy associated with the secure device; and
based at least in part on the mobile-device identifying information and the information obtained from the tag determining if the policy permits access by the identified user to the identified secure device, and if so, causing access to the secure device to be accorded to the user.
7 Assignments
0 Petitions
Accused Products
Abstract
Representative embodiments of secure authentication include receiving, by a server, information from a mobile device identifying (i) the mobile device and (ii) an identifying tag read by the mobile device; accessing, by the server, a database to identify (i) a user associated with the mobile device, (ii) a secure device associated with the identifying tag, and (iii) a security policy associated with the secure device; and if the policy permits access by the identified user to the identified secure device, causing access to the secure device to be accorded to the user.
23 Citations
36 Claims
-
1. A method of secure authentication comprising:
-
receiving, by a server, information from a mobile device (i) identifying the mobile device and (ii) obtained by the mobile device from an identifying tag physically associated with a secure device different from the mobile device; accessing, by the server, a database to identify (i) a user associated with the mobile device, (ii) a secure device associated with the identifying tag, and (iii) the security policy associated with the secure device; and based at least in part on the mobile-device identifying information and the information obtained from the tag determining if the policy permits access by the identified user to the identified secure device, and if so, causing access to the secure device to be accorded to the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A method of secure authentication comprising:
-
receiving, by a server, information from a mobile device (i) identifying the mobile device and (ii) obtained by the mobile device from first and second identifying tags not associated with the mobile device; accessing, by the server, a database to identify (i) a user associated with the mobile device, (ii) first and second secure devices associated, respectively, with the first and second identifying tags, and (iii) a security policy associated with the secure devices; and based at least in part on the mobile-device identifying information and the information obtained from the tag, determining if the policy permits access by the identified user to the identified secure devices, and if so, causing access to the secure devices to be accorded to the user.
-
-
24. A method of secure authentication comprising:
-
causing communications among a server and a plurality of mobile devices; determining, by the server, whether the communications satisfy a policy; and if so, according access to a secure resource different from the mobile devices to at least one individual associated with at least one of the mobile devices based on the policy and the communications. - View Dependent Claims (25, 26)
-
-
27. An authentication system comprising:
-
a server for receiving information from a mobile device identifying (i) the mobile device and (ii) an identifying tag read by the mobile device, the identifying tag being physically associated with a secure device different from the mobile device; and a database comprising records (i) associating users with mobile devices, (ii) associating secure devices with tag identifiers, and (iii) defining a security policy associated with the secure devices, wherein the server comprises a processor for (i) accessing the database upon receipt of the information from the mobile device, (ii) determining based thereon whether a security policy applicable to the user associated with the mobile device is entitled to access the secure device associated with the identifying tag, and if so, (iii) facilitating access to the secure device by the user. - View Dependent Claims (28, 29, 30)
-
-
31. An authentication system comprising:
-
a server for receiving information from a mobile device identifying (i) the mobile device and (ii) an identifying tag read by the mobile device, the identifying tag being physically associated with a secure device different from the mobile device; a secure device configured for local wireless communication with the mobile device; and a database comprising records (i) associating users with mobile devices, (ii) associating the secure device with at least one tag identifier, and (iii) defining a security policy associated with the secure device, wherein the server comprises a processor for (i) accessing the database upon receipt of the information from the mobile device, (ii) determining based on the information whether a security policy applicable to the user associated with the mobile device is entitled to access the secure device associated with the identifying tag, and if so, (iii) facilitating access to the secure device by the user. - View Dependent Claims (32, 33, 34)
-
-
35. A wireless mobile device comprising a processor for:
-
executing a first procedure for reading an identifying tag physically associated with a secure device different from the mobile device; executing a second procedure for transmitting information from the identifying tag and information identifying the wireless mobile device to a server, the information including (i) data identifying the mobile device and (ii) data read from the tag by the mobile device; executing a third procedure for receiving an authentication token from the server; and executing a fourth procedure for according access to the secure device using the token if, based at least in part on the transmitted information, a security policy associated with the secure device permits access thereto by a user of the identified mobile device. - View Dependent Claims (36)
-
Specification