Deauthentication in multi-device user environments
First Claim
1. A method comprising:
- establishing secure communications with at least a subset of a plurality of user devices associated with a particular user;
generating an exclusive authentication token for utilization by each of the plurality of user devices to unlock secure functionality associated with that device;
providing the exclusive authentication token to only a subset of the plurality of user devices at a given time; and
forcing deauthentication of any of the plurality of user devices that do not currently have possession of the exclusive authentication token;
wherein the establishing, generating, providing and forcing are performed by a deauthentication server implemented by at least one processing device comprising a processor coupled to a memory;
wherein the deauthentication server in conjunction with forcing deauthentication of any of the plurality of user devices that do not currently have possession of the exclusive authentication token causes each such user device to perform a lock operation that limits subsequent access to that user device by unauthenticated users; and
wherein providing the exclusive authentication token to only a subset of the plurality of user devices at a given time comprises;
retrieving the exclusive authentication token from one of the user devices; and
providing the exclusive authentication token to another of the user devices.
10 Assignments
0 Petitions
Accused Products
Abstract
A processing device comprises a processor coupled to a memory and is configured to establish secure communications with a plurality of user devices associated with a particular user, to generate an exclusive authentication token for utilization by each of the plurality of user devices in unlocking of secure functionality associated with that device, to provide the exclusive authentication token to only a subset of the plurality of user devices at a given time, and to force deauthentication of any of the plurality of user devices that do not currently have possession of the exclusive authentication token. These operations in some embodiments are performed by a deauthentication server implemented by the processing device. The processing device implementing the deauthentication server may comprise, for example, a remote server accessible to the plurality of user devices over a network, a smart watch or other wearable device of the user, or a user device.
-
Citations
20 Claims
-
1. A method comprising:
-
establishing secure communications with at least a subset of a plurality of user devices associated with a particular user; generating an exclusive authentication token for utilization by each of the plurality of user devices to unlock secure functionality associated with that device; providing the exclusive authentication token to only a subset of the plurality of user devices at a given time; and forcing deauthentication of any of the plurality of user devices that do not currently have possession of the exclusive authentication token; wherein the establishing, generating, providing and forcing are performed by a deauthentication server implemented by at least one processing device comprising a processor coupled to a memory; wherein the deauthentication server in conjunction with forcing deauthentication of any of the plurality of user devices that do not currently have possession of the exclusive authentication token causes each such user device to perform a lock operation that limits subsequent access to that user device by unauthenticated users; and wherein providing the exclusive authentication token to only a subset of the plurality of user devices at a given time comprises; retrieving the exclusive authentication token from one of the user devices; and providing the exclusive authentication token to another of the user devices. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method comprising:
-
establishing secure communications with at least a subset of a plurality of user devices associated with a particular user; generating an exclusive authentication token for utilization by each of the plurality of user devices to unlock secure functionality associated with that device; providing the exclusive authentication token to only a subset of the plurality of user devices at a given time; and forcing deauthentication of any of the plurality of user devices that do not currently have possession of the exclusive authentication token; wherein one of the user devices comprises an automobile and wherein a request for the exclusive authentication token is initiated by the automobile in conjunction with starting of its engine; wherein the forced deauthentication of one or more of the user devices other than the automobile is controlled by retrieving the exclusive authentication token from one of said one or more of the user devices other than the automobile and providing the exclusive authentication token to the automobile; and wherein the establishing, generating, providing and forcing are performed by at least one processing device comprising a processor coupled to a memory.
-
-
11. A method comprising:
-
establishing secure communications with at least a subset of a plurality of user devices associated with a particular user; generating an exclusive authentication token for utilization by each of the plurality of user devices to unlock secure functionality associated with that device; providing the exclusive authentication token to only a subset of the plurality of user devices at a given time; and forcing deauthentication of any of the plurality of user devices that do not currently have possession of the exclusive authentication token; wherein the establishing, generating, providing and forcing are performed by at least one processing device comprising a processor coupled to a memory; wherein said establishing, generating, providing and forcing are performed at least in part by a deauthentication server implemented by said at least one processing device; wherein the forced deauthentication of one or more of the user devices is controlled by retrieving the exclusive authentication token from one of the user devices and providing the exclusive authentication token to another of the user devices; wherein the processing device implementing the deauthentication server comprises a wearable device of the user; and wherein the wearable device comprises a smart watch.
-
-
12. A non-transitory processor-readable storage medium having stored therein program code of one or more software programs, wherein the program code when executed by at least one processing device causes a deauthentication server implemented by said at least one processing device:
-
to establish secure communications with at least a subset of a plurality of user devices associated with a particular user; to generate an exclusive authentication token for utilization by each of the plurality of user devices in unlocking secure functionality associated with that device; to provide the exclusive authentication token to only a subset of the plurality of user devices at a given time; and to force deauthentication of any of the plurality of user devices that do not currently have possession of the exclusive authentication token; wherein the deauthentication server in conjunction with forcing deauthentication of any of the plurality of user devices that do not currently have possession of the exclusive authentication token causes each such user device to perform a lock operation that limits subsequent access to that user device by unauthenticated users; and wherein the deauthentication server in providing the exclusive authentication token to only a subset of the plurality of user devices at a given time is configured; to retrieve the exclusive authentication token from one of the user devices; and to provide the exclusive authentication token to another of the user devices. - View Dependent Claims (13, 14, 15)
-
-
16. An apparatus comprising:
-
at least one processing device comprising a processor coupled to a memory; said at least one processing device being configured; to establish secure communications with at least a subset of a plurality of user devices associated with a particular user; to generate an exclusive authentication token for utilization by each of the plurality of user devices in unlocking secure functionality associated with that device; to provide the exclusive authentication token to only a subset of the plurality of user devices at a given time; and to force deauthentication of any of the plurality of user devices that do not currently have possession of the exclusive authentication token; wherein said establish, generate, provide and force operations are performed by a deauthentication server implemented by said at least one processing device; wherein the deauthentication server in conjunction with forcing deauthentication of any of the plurality of user devices that do not currently have possession of the exclusive authentication token causes each such user device to perform a lock operation that limits subsequent access to that user device by unauthenticated users; and wherein the deauthentication server in providing the exclusive authentication token to only a subset of the plurality of user devices at a given time is configured; to retrieve the exclusive authentication token from one of the user devices; and to provide the exclusive authentication token to another of the user devices. - View Dependent Claims (17, 18, 19, 20)
-
Specification