Access control to secured application features using client trust levels
First Claim
Patent Images
1. A computer-implemented communications security system, comprising:
- a caller client device that computes caller client device trust level information of the caller client device;
a registration server that receives registration sign-in credentials from the caller client device and the caller client device trust level information, and determines registration trust level information based on the registration sign-in credentials and the caller client device trust level information; and
a callee client device that receives from the caller client device, the registration trust level information and the caller client device trust level information, the callee client device managing communicative interaction with the caller client based on the registration trust level information,wherein the callee client device requests access to features of secured applications based on the registration trust level information and the computed caller client device trust level information received from the caller client device, andwherein the caller client device creates a verify message designating an access security state of the caller client device, and recomputes the caller client device trust level information based on a change to the access security state of the caller client device and sends the recomputed caller client device trust level information to the callee client device.
2 Assignments
0 Petitions
Accused Products
Abstract
Architecture that facilitates the conveyance of a trust level when the caller makes a call, the trust level in dependence on the state of the caller system. The callee (call recipient) receives notification of the trust level and can use this information in the communication such as to request verification from the caller and/or initiate other modes of communication. A caller can authenticate the caller identity in different ways to a communication server. Based on that, the server can assign an appropriate server-verified trust level to the caller. Further, an unsecured phone controller can indicate a lower client-side defined trust level. The server verified and client-side trust levels are then sent to the callee, where the callee determines whether to allow caller access to one or more secured features based on the feature values and the trust level imposed by the callee to access those features.
27 Citations
15 Claims
-
1. A computer-implemented communications security system, comprising:
-
a caller client device that computes caller client device trust level information of the caller client device; a registration server that receives registration sign-in credentials from the caller client device and the caller client device trust level information, and determines registration trust level information based on the registration sign-in credentials and the caller client device trust level information; and a callee client device that receives from the caller client device, the registration trust level information and the caller client device trust level information, the callee client device managing communicative interaction with the caller client based on the registration trust level information, wherein the callee client device requests access to features of secured applications based on the registration trust level information and the computed caller client device trust level information received from the caller client device, and wherein the caller client device creates a verify message designating an access security state of the caller client device, and recomputes the caller client device trust level information based on a change to the access security state of the caller client device and sends the recomputed caller client device trust level information to the callee client device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-implemented communications security system, comprising:
-
a caller client device that computes caller client device trust level information of the caller client device; a registration server that receives registration sign-in credentials from the caller client device and the caller client device trust level information, and computes registration trust level information based on the registration sign-in credentials and caller client device trust level information, and a callee client device that receives from the caller client device, the registration trust level information and the caller client device trust level information; wherein the callee client requests access to features of secured applications based on the registration trust level information and the computed caller client device trust level information, and wherein the caller client recomputes the caller client device trust level information based on a change to the access security state, and sends the recomputed caller client device trust level information to the callee. - View Dependent Claims (9, 10, 11)
-
-
12. A computer-implemented communications security method, comprising:
-
creating the caller client trust level information at the caller client; sending sign-in credentials and the caller client trust level information from the caller client to a call communications infrastructure comprising a registration server for registration; registering the caller client with the registration server using the sign-in credentials; creating the registration trust level information based on both the sign in credentials and the caller client trust level information; receiving registration trust level information at the caller client based on the registration; transmitting the registration trust level information and the caller client trust level information to a callee client; controlling interaction from the callee client to the caller client based on the registration trust level information; validating an access security state of the caller client by the caller client and recomputing caller client trust level information of the caller client based on a change to an access security state of the caller client; sending the recomputed caller client trust level information to the callee client; and exposing application features to the caller client via the callee client based on the recomputed caller client trust level information of the caller client. - View Dependent Claims (13, 14, 15)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeMicrosoft Technology Licensing LLC (Microsoft Corporation)
-
Original AssigneeMicrosoft Technology Licensing LLC (Microsoft Corporation)
-
InventorsKoppolu, Lokesh Srinivas, Raghav, Amritansh, Krantz, Anton W.
-
Primary Examiner(s)Zele, Krista
-
Assistant Examiner(s)FABBRI, ANTHONY E
-
Application NumberUS12/483,239Publication NumberTime in Patent Office2,755 DaysField of SearchUS Class Current1/1CPC Class CodesG06F 21/33 using certificatesG06F 21/50 Monitoring users, programs ...H04L 63/08 for authentication of entit...H04L 63/105 Multiple levels of securityH04L 65/1073 Registration or de-registra...H04L 65/1104 Session initiation protocol...
