Identity authentication using credentials

US 9,787,669 B2
Filed: 03/14/2013
Issued: 10/10/2017
Est. Priority Date: 03/14/2013
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, from a computing device, an authentication request comprising a user name and a corresponding password, wherein;

the user name is in a first format, and comprises;

a value that is based on a time at which the user name was generated; and

a public key for the computing device; and

the password is encrypted, and is generated based on the user name;

extracting the public key from the user name;

decrypting the password, based on the public key, to create a decrypted password;

converting the user name from the first format to a second format;

comparing the decrypted password to the second format user name;

verifying, based on the value, the authentication request; and

in response to determining that the decrypted password corresponds to the second format user name, and in response to the verifying the authentication request, granting the authentication request from the computing device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system may allow for authenticating a computing device. A computing device may send an authentication request over a network to an authentication computing device. The authentication request may include a user name and a password. The user name may include a credential and the password may be a digitally signed version of the user name. The authentication computing device may authenticate the requesting computing device by decrypting the password and comparing the received user name to the decrypted password.

35 Citations

View as Search Results

16 Claims

1. A method comprising:
- receiving, from a computing device, an authentication request comprising a user name and a corresponding password, wherein;
  
  the user name is in a first format, and comprises;
  
  a value that is based on a time at which the user name was generated; and
  
  a public key for the computing device; and
  
  the password is encrypted, and is generated based on the user name;
  
  extracting the public key from the user name;
  
  decrypting the password, based on the public key, to create a decrypted password;
  
  converting the user name from the first format to a second format;
  
  comparing the decrypted password to the second format user name;
  
  verifying, based on the value, the authentication request; and
  
  in response to determining that the decrypted password corresponds to the second format user name, and in response to the verifying the authentication request, granting the authentication request from the computing device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the password comprises a converted version of the user name, wherein the converted version of the user name has been encrypted using a private key for the computing device.
  - 3. The method of claim 1, wherein the user name comprises a digital certificate issued to the computing device from a trusted authority.
  - 4. The method of claim 1, wherein the password comprises a digital signature of the user name.
  - 5. The method of claim 1, wherein the converting the user name to the second format comprises hashing the user name, and wherein the decrypted password comprises a hash of the user name.
  - 6. The method of claim 1, further comprising:
    - verifying the authentication request by;
      
      extracting the value from the user name, wherein the value comprises a time; and
      
      determining, based on comparing the time from the value to a time of a stored time stamp associated with a previous authentication of the computing device, whether to verify the value.
  - 7. The method of claim 6, wherein the verifying the value is performed in response to determining that a difference between the time from the value and the time of the stored time stamp is greater than a threshold.

8. A system comprising:
- a computing device comprising;
  
  a first processor; and
  
  a memory storing instructions that, when executed by the first processor, cause the computing device to;
  
  generate an authentication request comprising a user name and a corresponding password, wherein;
  
  the user name is in a first format, and comprises;
  
  a value that is based on a time at which the user name was generated; and
  
  a public key for the computing device; and
  
  the password is encrypted, and is generated based on the user name;
  
  send the authentication request; and
  
  an authentication device comprising;
  
  a second processor; and
  
  a memory storing instructions that, when executed by the second processor, cause the authentication device to;
  
  receive, from the computing device, the authentication request;
  
  extract the public key from the user name;
  
  decrypt the password, based on the public key, to create a decrypted password;
  
  convert the user name from the first format to a second format;
  
  compare the decrypted password to the second format user name;
  
  verifying, based on the value, the authentication request; and
  
  in response to determining that the decrypted password corresponds to the second format user name, and in response to the verifying the authentication request, grant the authentication request from the computing device.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The system of claim 8, wherein the verifying the authentication request comprises:
    - extracting the value from the user name, wherein the value comprises a time stamp;
      
      comparing the time stamp of the value to a previous time stamp that is associated with the computing device; and
      
      determining that the time stamp of the value is valid in response to determining that the previous time stamp is chronologically earlier in time to the time stamp of the value.
  - 10. The system of claim 9, wherein the determining that the time stamp of the value is valid in response to determining that the previous time stamp is chronologically earlier in time to the time stamp of the value comprises:
    - determining that a duration between the time stamp of the value and the previous time stamp is greater than a threshold.
  - 11. The system of claim 8, wherein the password has been encrypted using a private key for the computing device, and wherein the public key is associated with the private key.
  - 12. The system of claim 8, wherein the user name comprises a digital certificate issued to the computing device from a trusted authority.
  - 13. The system of claim 8, wherein the verifying the authentication request comprises:
    - extracting the value from the user name, wherein the value comprises a random number;
      
      comparing the random number of the value to a previous random number that is associated with the computing device; and
      
      determining that the random number of the value is valid in response to determining that the previous random number is different from the random number of the value.

14. A method comprising:
- receiving, from a computing device, an authentication request comprising a user name and a corresponding password, wherein;
  
  the user name is in a first format, and comprises;
  
  a random number that is based on a time at which the user name was generated; and
  
  a public key for the computing device; and
  
  the password is encrypted, and is generated based on the user name;
  
  extracting the public key from the user name;
  
  decrypting the password, based on the public key, to create a decrypted password;
  
  converting the user name from the first format to a second format;
  
  comparing the decrypted password to the second format user name;
  
  verifying, based on the random number, the authentication request; and
  
  in response to determining that the decrypted password corresponds to the second format user name, and in response to the verifying the authentication request, granting the authentication request from the computing device.
- View Dependent Claims (15, 16)
- - 15. The method of claim 14, further comprising:
    - extracting, from the user name, the random number, wherein the random number is associated with an identification of the computing device; and
      
      verifying the random number.
  - 16. The method of claim 15, wherein the verifying the random number comprises:
    - comparing the extracted random number to a previous random number associated with the computing device; and
      
      authenticating the extracted random number if the previous random number is different from the extracted random number.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Comcast Cable Communications LLC (Comcast Corporation)
Original Assignee
Comcast Cable Communications LLC (Comcast Corporation)
Inventors
Bransom, Kris, Zarcone, Christopher
Primary Examiner(s)
Armouche, Hadi
Assistant Examiner(s)
Khan, Sher A

Application Number

US13/826,777
Publication Number

US 20140281498A1
Time in Patent Office

1,671 Days
Field of Search

726 2, 726 4, 713155, 713156
US Class Current
CPC Class Codes

H04L 2463/061   applying further key deriva...

H04L 63/0823   using certificates cryptogr...

H04L 63/083   using passwords cryptograph...

H04L 9/321   involving a third party or ...

H04L 9/3226   using a predetermined code,...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

H04L 9/3297   involving time stamps, e.g....

Identity authentication using credentials

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

35 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Identity authentication using credentials

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

35 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links