Automated device discovery of pairing-eligible devices for authentication
First Claim
1. A computer-implemented method for discovering pairing-eligible devices for authenticating a user on a computing device, comprising:
- via the computing device of the user, generating and sending an interrogation request to a network resource for identifying one or more pairing-eligible devices connected to the network resource or one or more pairing-eligible device users associated with an event stored on the network resource;
in response to the interrogation request, receiving at least one encrypted token, wherein the at least one encrypted token comprises a unique identifier associated with at least one pairing-eligible device of the one or more pairing-eligible devices connected to the network resource or a unique identifier associated with at least one pairing-eligible device user of the one or more pairing-eligible device users associated with the event stored on the network resource;
identifying one or more pairing-eligible devices associated with the at least one encrypted token by decrypting the at least one encrypted token and querying an authentication directory for a list of pairing eligible devices associated with the at least one pairing-eligible device user, wherein querying the authentication directory for the list of pairing-eligible devices associated with the at least one pairing-eligible device user comprises querying the authentication directory for predetermined device types;
wherein the list of pairing eligible devices comprises at least one pairing eligible device having the predetermined device types;
generating the list of pairing-eligible devices associated with the at least one encrypted token;
displaying a user interface comprising the list of pairing-eligible devices;
receiving a selection of a pairing-eligible device from the list of pairing-eligible devices;
sending a notification to a selected pairing-eligible device, wherein the notification comprises an authentication challenge, receiving an authentication challenge response and making a determination as to whether the authentication challenge response matches an expected response; and
in response to a positive determination as to whether the authentication challenge response matches the expected response, completing authentication for the user and sending a signed token to the computing device enabling the user access to authorized resources.
1 Assignment
0 Petitions
Accused Products
Abstract
Automated device discovery of pairing-eligible devices for authenticating an unidentified user of a computing device is provided. When the user initiates a login on the computing device on which the user'"'"'s identity is not known, an automated pairing-eligible device discovery authentication system interrogates a resource (e.g., subnetwork router, calendaring server) for identifying pairing-eligible devices that may be used as a second factor for authentication. A list of the pairing-eligible devices is presented to the user on the computing device. Upon selection of a pairing-eligible device to use as a second factor to verify the user'"'"'s identity, the user'"'"'s identity is determined, and a notification is sent to the selected pairing-eligible device for enabling the user to verify his/her identity using a second factor. Upon completion of an authentication challenge on the selected pairing-eligible device, authentication of the user is completed, and a signed token is sent to the computing device.
-
Citations
14 Claims
-
1. A computer-implemented method for discovering pairing-eligible devices for authenticating a user on a computing device, comprising:
-
via the computing device of the user, generating and sending an interrogation request to a network resource for identifying one or more pairing-eligible devices connected to the network resource or one or more pairing-eligible device users associated with an event stored on the network resource; in response to the interrogation request, receiving at least one encrypted token, wherein the at least one encrypted token comprises a unique identifier associated with at least one pairing-eligible device of the one or more pairing-eligible devices connected to the network resource or a unique identifier associated with at least one pairing-eligible device user of the one or more pairing-eligible device users associated with the event stored on the network resource; identifying one or more pairing-eligible devices associated with the at least one encrypted token by decrypting the at least one encrypted token and querying an authentication directory for a list of pairing eligible devices associated with the at least one pairing-eligible device user, wherein querying the authentication directory for the list of pairing-eligible devices associated with the at least one pairing-eligible device user comprises querying the authentication directory for predetermined device types;
wherein the list of pairing eligible devices comprises at least one pairing eligible device having the predetermined device types;generating the list of pairing-eligible devices associated with the at least one encrypted token; displaying a user interface comprising the list of pairing-eligible devices; receiving a selection of a pairing-eligible device from the list of pairing-eligible devices; sending a notification to a selected pairing-eligible device, wherein the notification comprises an authentication challenge, receiving an authentication challenge response and making a determination as to whether the authentication challenge response matches an expected response; and in response to a positive determination as to whether the authentication challenge response matches the expected response, completing authentication for the user and sending a signed token to the computing device enabling the user access to authorized resources. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for discovering pairing-eligible devices for authentication, comprising:
-
one or more hardware processors for executing programmed instructions; memory, coupled to the one or more hardware processors, for storing program instruction steps for execution by the one or more hardware processors; an authentication client, implemented by the one or more hardware processors operative to; via a device of a user, generate and send an interrogation request to a network resource for identifying one or more pairing-eligible devices connected to the network resource or one or more pairing-eligible device users associated with an event stored on the network resource; in response to the interrogation request, receive at least one encrypted token, wherein the at least one encrypted token comprises a unique identifier associated with at least one pairing-eligible device of the one or more pairing-eligible devices connected to the network resource or a unique identifier associated with at least one pairing-eligible device user of the one or more pairing-eligible device users associated with the event stored on the network resource; and an authentication service, implemented by the one or more hardware processors operative to; identify the one or more pairing-eligible devices associated with the at least one encrypted token by decrypting the at least one encrypted token and querying an authentication directory for a list of pairing eligible devices associated with the at least one pairing-eligible device user, wherein querying the authentication directory for the list of pairing-eligible devices associated with the at least one pairing-eligible device user comprises querying the authentication directory for predetermined device types;
wherein the list of pairing eligible devices comprises at least one pairing eligible device having the predetermined device types;generate the list of pairing-eligible devices associated with the at least one encrypted token; receive a selection of a pairing-eligible device from the list of pairing-eligible devices; send a notification to a selected pairing-eligible device, wherein the notification comprises an authentication challenge, receiving an authentication challenge response and making a determination as to whether the authentication challenge response matches an expected response; and in response to a positive determination as to whether the authentication challenge response matches the expected response, complete authentication for the user and send a signed token to the computing device enabling the user access to authorized resources. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A device for discovering pairing-eligible devices for authentication, the device comprising one or more hardware processors, the device operative to:
-
via a computing device of a user, generate and send an interrogation request to a network resource for identifying one or more pairing-eligible devices connected to the network resource or one or more pairing-eligible device users associated with an event stored on the network resource; in response to the interrogation request, receive at least one encrypted token, wherein the at least one encrypted token comprises a unique identifier associated with at least one pairing-eligible device of the one or more pairing-eligible devices connected to the network resource or a unique identifier associated with at least one pairing-eligible device user of the one or more pairing-eligible device users associated with the event stored on the network resource; identifying the one or more pairing-eligible devices associated with the at least one encrypted token by decrypting the at least one encrypted token and querying an authentication directory for a list of pairing eligible devices associated with the at least one pairing-eligible device user, wherein querying the authentication directory for the list of pairing-eligible devices associated with the at least one pairing-eligible device user comprises querying the authentication directory for predetermined device types;
wherein the list of pairing eligible devices comprises at least one pairing eligible device having predetermined device types;display a user interface comprising the list of pairing-eligible devices; and receive a selection of a pairing-eligible device from the list of pairing-eligible devices; send a notification to a selected pairing-eligible device, wherein the notification comprises an authentication challenge, receiving an authentication challenge response and making a determination as to whether the authentication challenge response matches an expected response; and in response to a positive determination as to whether the authentication challenge response matches the expected response, complete authentication for the user and send a signed token to the computing device enabling the user access to authorized resources.
-
Specification