Local and remote verification

US 9,280,645 B1
Filed: 11/14/2013
Issued: 03/08/2016
Est. Priority Date: 11/15/2012
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

registering a given user with a verification platform, the verification platform comprising at least one verification platform server and a verification platform application programming interface (API) adapted for communication with a verification agent implemented on a given processing device of the given user;

sending, from the verification agent to the verification platform via the verification platform API, a specification of verification rules to be used by the verification platform in authenticating a verification request from the given user, the verification rules specifying two or more different types of verification, a verification mode for each of the two or more different types of verification and a sequence for performing the two or more different types of verification;

synchronizing, with the verification platform server, verification credentials associated with the given user for each of the two or more different types of verification;

receiving a verification request in the verification agent running on the given processing device; and

authenticating the verification request utilizing the specified verification rules and the synchronized verification credentials;

wherein authenticating the verification request comprises;

determining whether the verification agent is able to invoke the verification platform API;

in the event that the verification agent is able to invoke the verification platform API, performing remote verification of the verification request via the verification platform; and

in the event that the verification agent is unable to invoke the verification platform API;

starting an internal timer;

performing local verification of the verification request at the given processing device; and

granting the verification request responsive to a successful local verification within a given time period specified by the internal timer.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method includes receiving a verification request in a verification agent running on a given device and determining whether the verification agent is able to invoke a verification platform application programming interface (API). The method also includes, in the event that the verification agent is able to invoke the verification platform API, performing remote verification of the verification request via the verification platform. The method further includes, in the event that the verification agent is unable to invoke the verification platform API, starting an internal timer and performing local verification of the verification request at the given device. The method further includes granting the verification request responsive to one of a successful remote verification and a successful local verification within a given time period specified by the internal timer, otherwise denying the verification request.

77 Citations

View as Search Results

20 Claims

1. A method comprising:
- registering a given user with a verification platform, the verification platform comprising at least one verification platform server and a verification platform application programming interface (API) adapted for communication with a verification agent implemented on a given processing device of the given user;
  
  sending, from the verification agent to the verification platform via the verification platform API, a specification of verification rules to be used by the verification platform in authenticating a verification request from the given user, the verification rules specifying two or more different types of verification, a verification mode for each of the two or more different types of verification and a sequence for performing the two or more different types of verification;
  
  synchronizing, with the verification platform server, verification credentials associated with the given user for each of the two or more different types of verification;
  
  receiving a verification request in the verification agent running on the given processing device; and
  
  authenticating the verification request utilizing the specified verification rules and the synchronized verification credentials;
  
  wherein authenticating the verification request comprises;
  
  determining whether the verification agent is able to invoke the verification platform API;
  
  in the event that the verification agent is able to invoke the verification platform API, performing remote verification of the verification request via the verification platform; and
  
  in the event that the verification agent is unable to invoke the verification platform API;
  
  starting an internal timer;
  
  performing local verification of the verification request at the given processing device; and
  
  granting the verification request responsive to a successful local verification within a given time period specified by the internal timer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 13, 14, 15, 16)
- - 2. The method of claim 1 further comprising determining whether the verification agent is able to invoke the verification platform API after expiration of the given time period specified by the internal timer in the event that local verification within the given time period is unsuccessful.
  - 3. The method of claim 1 wherein performing local verification of the verification request comprises determining whether the given processing device is capable of performing local verification.
  - 4. The method of claim 3 wherein determining whether the given processing device is capable of performing local verification comprisesdetermining whether the given device comprises hardware capable of performing the two or more different types of verification in the specified verification rules.
  - 5. The method of claim 1 wherein the verification request is generated in conjunction with an attempted launch of a designated application on the given processing device and wherein user access to the designated application on the given processing device is controlled responsive to the granting or denying of the verification request.
  - 6. The method of claim 1 wherein the two or more different types of verification comprise two or more of voice verification, face verification, location verification, motion verification and third party verification.
  - 7. The method of claim 1 wherein the sequence for performing the two or more different types of verification comprises two or more security levels in which each security level requires satisfaction of at least one of the two or more different types of verification.
  - 8. The method of claim 7 wherein a given one of the security levels is configured so as to require satisfaction of only one of at least two different types of verification associated with the given security level.
  - 13. The method of claim 1 wherein the verification mode for each of the two or more different types of verification comprises one of local verification of submitted verification credentials at the verification agent and remote verification of submitted verification credentials at the verification platform.
  - 14. The method of claim 1 wherein synchronizing the verification credentials comprises:
    - sending a request to invoke a verification platform server session from the verification agent via the verification platform API;
      
      receiving, at the verification agent, verification credentials associated with the given user for each of the two or more different verification methods; and
      
      encrypting and storing the verification credentials on the given processing device.
  - 15. The method of claim 14 wherein sending the request to invoke the verification platform server session comprises sending requests for distinct first and second verification platform server sessions for synchronizing verification credentials associated with first and second different ones of the two or more different types of verification.
  - 16. The method of claim 1 wherein receiving the verification request from the given user comprises:
    - receiving a request to invoke a verification platform sever session via the verification platform API from the verification agent; and
      
      utilizing the verification platform server session to determine the verification rules for authenticating the verification request from the given user.

9. A non-transitory processor-readable storage medium having embodied therein one or more software programs, wherein the one or more software programs when executed by at least one processing device cause the at least one processing device to implement a verification agent configured:
- to register a given user with a verification platform, the verification platform comprising at least one verification platform server and a verification platform application programming interface (API) adapted for communication with the verification agent;
  
  to send, to the verification platform via the verification platform API, a specification of verification rules to be used by the verification platform in authenticating a verification request from the given user, the verification rules specifying two or more different types of verification, a verification mode for each of the two or more different types of verification and a sequence for performing the two or more different types of verification;
  
  to synchronize verification credentials associated with the given user for each of the two or more different types of verification with the verification platform server;
  
  to receive a verification request; and
  
  to authenticate the verification request utilizing the specified verification rules and the synchronized verification credentials;
  
  wherein the verification agent is configured to authenticate the verification request by;
  
  determining whether the verification agent is able to invoke the verification platform API;
  
  in the event that the verification agent is able to invoke the verification platform API, performing remote verification of the verification request via the verification platform; and
  
  in the event that the verification agent is unable to invoke the verification platform API;
  
  starting an internal timer;
  
  performing local verification of the verification request at the processing device; and
  
  granting the verification request responsive to a successful local verification within a given time period specified by the internal timer.

10. An apparatus comprising:
- a processing device having a processor coupled to a memory;
  
  the processing device being configured to implement a verification agent configured;
  
  to register a given user with a verification platform, the verification platform comprising at least one verification platform server and a verification platform application programming interface (API) adapted for communication with the verification agent;
  
  to send, to the verification platform via the verification platform API, a specification of verification rules to be used by the verification platform in authenticating a verification request from the given user, the verification rules specifying two or more different types of verification, a verification mode for each of the two or more different types of verification and a sequence for performing the two or more different types of verification;
  
  to synchronize verification credentials associated with the given user for each of the two or more different types of verification with the verification platform server;
  
  to receive a verification request; and
  
  to authenticate the verification request utilizing the specified verification rules and the synchronized verification credentials;
  
  wherein the verification agent is configured to authenticate the verification request by;
  
  determining whether the verification agent is able to invoke the verification platform API;
  
  in the event that the verification agent is able to invoke the verification platform API, performing remote verification of the verification request via the verification platform; and
  
  in the event that the verification agent is unable to invoke the verification platform API;
  
  starting an internal timer;
  
  performing local verification of the verification request at the processing device; and
  
  granting the verification request responsive to a successful local verification within a given time period specified by the internal timer.
- View Dependent Claims (11)
- - 11. The apparatus of claim 10 wherein the verification agent is further configured to determine whether the verification agent is able to invoke the verification platform API after expiration of the given time period specified by the internal timer in the event that local verification within the given time period is unsuccessful.

12. An apparatus comprising:
- a verification platform comprising;
  
  at least one processing device having a processor coupled to a memory; and
  
  a verification platform application programming interface (API) adapted for communication with a verification agent implemented on a given processing device associated with a given user;
  
  wherein the verification platform is configured;
  
  to register the given user with the verification platform;
  
  to receive, via the verification platform API, a specification of verification rules to be used by the verification platform in authenticating a verification request from the given user, the verification rules specifying two or more different types of verification, a verification mode for each of the two or more different types of verification and a sequence for performing the two or more different types of verification;
  
  to synchronize verification credentials associated with the given user for each of the two or more different types of verification at the verification platform server;
  
  to receive, via the verification platform API, a verification request from the given user; and
  
  to authenticate the verification request utilizing the specified verification rules and the synchronized verification credentials;
  
  wherein authenticating the verification request comprises;
  
  performing remote verification with the verification agent responsive to the verification agent successfully invoking the verification platform API; and
  
  synchronizing the verification credentials with the verification agent for local verification on the given processing device in the event that the verification agent is unable to invoke the verification platform API; and
  
  wherein the verification request is granted at the given processing device responsive to a successful local verification within a given time period specified by an internal timer of the given processing device.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The apparatus of claim 12 wherein the verification platform is configured to synchronize the verification credentials by:
    - receiving a request to invoke a verification platform server session from the verification agent via the verification platform API;
      
      gathering verification credentials associated with the given user for each of the two or more different verification methods; and
      
      forwarding the verification credentials to the verification agent for encryption and storage on the given processing device.
  - 18. The apparatus of claim 12 wherein the verification platform is configured to receive the verification request from the given user by:
    - receiving a request to invoke a verification platform sever session from the verification agent via the verification platform API; and
      
      utilizing the verification platform server session to determine the verification rules for authenticating the verification request from the given user.
  - 19. The apparatus of claim 12 wherein the verification platform is configured to perform remote verification with the verification agent by:
    - retrieving the verification rules for the given user;
      
      returning the verification rules to the verification agent via the verification platform API;
      
      receiving submitted verification credentials from the given processing device via the verification platform API;
      
      utilizing the verification platform server session to determine validity of the submitted verification credentials; and
      
      sending verification results from the verification platform server to the verification agent via an event notification generated by the verification platform API.
  - 20. The apparatus of claim 12 wherein the specification of verification rules comprises at least one of:
    - adding or removing the given user from one or more groups of users, each group of users having a set of verification rules associated therewith; and
      
      modifying the verification rules associated with at least one of the groups of users to which the given user belongs.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Emc IP Holding Company LLC (Dell Technologies Inc.)
Original Assignee
EMC Corporation (Dell Technologies Inc.)
Inventors
Alikhani, Kayvan
Primary Examiner(s)
Sholeman, Abu

Application Number

US14/080,327
Time in Patent Office

845 Days
Field of Search

726/16, 726/1, 726/22, 726/23, 726/24
US Class Current

1/1
CPC Class Codes

G06F 21/31 User authentication

Local and remote verification

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

77 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Local and remote verification

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

77 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others