Multi-factor user authentication framework using asymmetric key
First Claim
1. A computing device comprising:
- one or more processors; and
one or more computer-readable storage devices having stored thereon multiple instructions that, responsive to execution by the one or more processors, cause the one or more processors to;
receive, from an authentication system, proof of knowledge of a private key of a public/private key pair, the proof of knowledge of the private key comprising a statement digitally signed using the private key, the digitally signed statement indicating both that the authentication system has knowledge of the private key and that a gesture of a user detected by a gesture system has been verified by the authentication system, the gesture indicating that the user is present at the computing device; and
provide an authentication result of the user based at least on the proof of knowledge of the private key, to a requester of the authentication result.
1 Assignment
0 Petitions
Accused Products
Abstract
A multi-factor user authentication framework using asymmetric key includes a host device, a user agent, a gesture system, and an authentication system. The multiple factors include a user credential as well as a user gesture that indicates that the user is present. The user interacts with the user agent via the host device in order to obtain access to something for which user authentication is needed. The authentication system maintains the user credentials, which are provided to authenticate the user in response to the authentication system determining that the user is present (which can be determined in different manners, such as using a personal identification number (PIN), biometric information regarding the user, geographic location of the gesture system, etc.). The user agent, gesture system, and authentication system can be implemented on the same device (e.g., the host device), or alternatively implemented across one or more different devices.
25 Citations
20 Claims
-
1. A computing device comprising:
-
one or more processors; and one or more computer-readable storage devices having stored thereon multiple instructions that, responsive to execution by the one or more processors, cause the one or more processors to; receive, from an authentication system, proof of knowledge of a private key of a public/private key pair, the proof of knowledge of the private key comprising a statement digitally signed using the private key, the digitally signed statement indicating both that the authentication system has knowledge of the private key and that a gesture of a user detected by a gesture system has been verified by the authentication system, the gesture indicating that the user is present at the computing device; and provide an authentication result of the user based at least on the proof of knowledge of the private key, to a requester of the authentication result. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method in a computing device, the method comprising:
-
receiving, from an authentication system, proof of knowledge of a private key of a public/private key pair, the proof of knowledge of the private key comprising a statement digitally signed using the private key, the digitally signed statement indicating both that the authentication system has knowledge of the private key and that a gesture of a user detected by a gesture system has been verified by the authentication system, the gesture indicating that the user is present at the computing device; and providing an authentication result of the user based at least on the proof of knowledge of the private key, to a requester of the authentication result. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
-
19. A method implemented in an authentication system, the method comprising:
-
receiving a gesture detected by a gesture system, the gesture indicating that a user is present at a host device; verifying the gesture; generating, in response to the gesture being verified, proof of knowledge of a private key of a public/private key pair, the proof of knowledge of the private key comprising a statement digitally signed using the private key, the digitally signed statement indicating both that the authentication system has knowledge of the private key and that the gesture has been verified by the authentication system; and communicating the proof of knowledge to a user agent of the host device. - View Dependent Claims (20)
-
Specification