System and methods for ensuring confidentiality of information used during authentication and authorization operations
First Claim
1. A method for providing confidentiality of information of a user of a service, comprising:
- receiving a request to perform an operation control procedure for the service;
identifying the user of the service;
selecting, based on a database of trusted devices, a trusted device associated with the identified user of the service, comprising;
upon detecting two or more trusted devices being associated with the identified user of the service, identifying current malware threats to information security of the detected two or more trusted devices; and
selecting the trusted device to avoid the identified current malware threats based at least on information security software installed on each of the two or more trusted devices and data relating to an operating system of each of the two or more trusted devices;
sending, to the selected trusted device, a request to enter confidential information of the user on the trusted device, wherein the confidential information is used to perform the operation control procedure;
receiving the confidential information from the selected trusted device; and
performing the operation control procedure using the received confidential information.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are systems and methods for ensuring confidentiality of information of a user of a service. One example method includes receiving a request to carry out an operation control procedure for the service; identifying the user of the service; selecting a trusted device associated with the identified user of the service; sending, to the selected trusted device, a request for confidential information of the user, wherein the confidential information is used to carry out the operation control procedure; receiving the confidential information from the selected trusted device; and carrying out the operation control procedure using the received confidential information.
-
Citations
24 Claims
-
1. A method for providing confidentiality of information of a user of a service, comprising:
-
receiving a request to perform an operation control procedure for the service; identifying the user of the service; selecting, based on a database of trusted devices, a trusted device associated with the identified user of the service, comprising;
upon detecting two or more trusted devices being associated with the identified user of the service, identifying current malware threats to information security of the detected two or more trusted devices; and
selecting the trusted device to avoid the identified current malware threats based at least on information security software installed on each of the two or more trusted devices and data relating to an operating system of each of the two or more trusted devices;sending, to the selected trusted device, a request to enter confidential information of the user on the trusted device, wherein the confidential information is used to perform the operation control procedure; receiving the confidential information from the selected trusted device; and performing the operation control procedure using the received confidential information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for providing confidentiality of information of a user of a service, comprising:
-
a processor configured to; receive a request to perform an operation control procedure for the service; identify the user of the service; select, based on a database of trusted devices, a trusted device associated with the identified user of the service, comprising;
upon detecting two or more trusted devices being associated with the identified user of the service, identifying current malware threats to information security of the detected two or more trusted devices; and
selecting the trusted device to avoid the identified current malware threats based at least on information security software installed on each of the two or more trusted devices and data relating to an operating system of each of the two or more trusted devices;send, to the selected trusted device, a request to enter confidential information of the user on the trusted device, wherein the confidential information is used to perform the operation control procedure; receive the confidential information from the selected trusted device; and perform the operation control procedure using the received confidential information. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer program product stored on a non-transitory computer-readable storage medium, the computer program product comprising computer-executable instructions for providing confidentiality of information of a user of a service, including instructions for:
-
receiving a request to perform an operation control procedure for the service; identifying the user of the service; selecting, based on a database of trusted devices, a trusted device associated with the identified user of the service, comprising;
upon detecting two or more trusted devices being associated with the identified user of the service, identifying current malware threats to information security of the detected two or more trusted devices; and
selecting the trusted device to avoid the identified current malware threats based at least on information security software installed on each of the two or more trusted devices and data relating to an operating system of each of the two or more trusted devices;sending, to the selected trusted device, a request to enter confidential information of the user on the trusted device, wherein the confidential information is used to perform the operation control procedure; receiving the confidential information from the selected trusted device; and performing the operation control procedure using the received confidential information. - View Dependent Claims (20, 21, 22, 23, 24)
-
Specification