Resetting authentication tokens based on an implicit credential in response to an authentication request missing an authentication token

US 10,075,427 B2
Filed: 03/31/2014
Issued: 09/11/2018
Est. Priority Date: 03/31/2014
Status: Active Grant

First Claim

Patent Images

1. An apparatus comprising:

a processor;

a memory that stores code executable by the processor to;

receive an authentication request from a user, the authentication request usable to authenticate the user, wherein the authentication request requires an authentication token to authorize the user'"'"'s access of a computing resource;

determine whether the authentication token is missing from the authentication request;

authenticate the user via the authentication request and the authentication token, in response to determining that the authentication token is not missing from the authentication request;

request an implicit credential in response to determining that the authentication token is missing from the authentication request, the user submitting the authentication request without any authentication token, the implicit credential being a different type of credential than the authentication token;

receive the implicit credential;

identify a time of day and date when the authentication request was received;

identify a network address of a device that transmitted the authentication request, wherein the network address is one of an IP address and a MAC address;

request an implicit credential in response to the user submitting the authentication request without any authentication token, the implicit credential being a different type of credential than the authentication token;

receive the implicit credential;

determine whether the time of day and date when the authentication request was received matches a predetermined time range in response to determining that the authentication token is missing from the authentication request;

determine whether the network address of the device that transmitted the authentication request matches a predefined network address in response to determining that the authentication token is missing from the authentication request;

determine whether the implicit credential matches a predefined credential in response to determining that the authentication token is missing from the authentication request; and

reset the authentication token in response to the time of day and date when the authentication request was received matching the predetermined time range, the network address of the device matching the predefined network address, and the implicit credential matching the predefined credential.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

For resetting authentication tokens based on implicit credentials, a method is disclosed that includes receiving, by use of a processor, an authentication request, the request requiring an authentication token, the request not including the authentication token, verifying an implicit credential, and resetting the authentication token in response to the implicit credential matching a predefined credential.

7 Citations

20 Claims

1. An apparatus comprising:
- a processor;
  
  a memory that stores code executable by the processor to;
  
  receive an authentication request from a user, the authentication request usable to authenticate the user, wherein the authentication request requires an authentication token to authorize the user'"'"'s access of a computing resource;
  
  determine whether the authentication token is missing from the authentication request;
  
  authenticate the user via the authentication request and the authentication token, in response to determining that the authentication token is not missing from the authentication request;
  
  request an implicit credential in response to determining that the authentication token is missing from the authentication request, the user submitting the authentication request without any authentication token, the implicit credential being a different type of credential than the authentication token;
  
  receive the implicit credential;
  
  identify a time of day and date when the authentication request was received;
  
  identify a network address of a device that transmitted the authentication request, wherein the network address is one of an IP address and a MAC address;
  
  request an implicit credential in response to the user submitting the authentication request without any authentication token, the implicit credential being a different type of credential than the authentication token;
  
  receive the implicit credential;
  
  determine whether the time of day and date when the authentication request was received matches a predetermined time range in response to determining that the authentication token is missing from the authentication request;
  
  determine whether the network address of the device that transmitted the authentication request matches a predefined network address in response to determining that the authentication token is missing from the authentication request;
  
  determine whether the implicit credential matches a predefined credential in response to determining that the authentication token is missing from the authentication request; and
  
  reset the authentication token in response to the time of day and date when the authentication request was received matching the predetermined time range, the network address of the device matching the predefined network address, and the implicit credential matching the predefined credential.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The apparatus of claim 1, wherein the authentication token is one of a password and a fingerprint scan, and wherein the implicit credential comprises sensor input selected or combined from the group consisting of a microphone, a biometric scanner, RFID reader and a camera.
  - 3. The apparatus of claim 1, wherein the processor further transmits the authentication request to the authority, wherein determining whether the implicit credential matches the predefined credential comprises the authority verifying the implicit credential.
  - 4. The apparatus of claim 1, wherein the authentication request includes a reset token selected or combined from the group consisting of a name, an identification number, a location, a mascot, and a cryptographic token, wherein the processor further resets the authentication token in response to verifying the reset token.
  - 5. The apparatus of claim 1, wherein the processor further allows temporary access in response to the authentication request.
  - 6. The apparatus of claim 5, wherein temporary access is limited to a threshold value, the threshold value selected from the group consisting of a threshold number of authentication requests and a threshold amount of time.

7. A method comprising:
- receiving, by use of a processor and at an authenticating device, an authentication request from a user, the authentication request usable to authenticate the user, wherein the authentication request requires an authentication token to authorize the user'"'"'s access of a computing resource;
  
  determining, by the authenticating device, whether the authentication token is missing from the authentication request;
  
  authenticating the user via the authentication request and the authentication token, in response to determining that the authentication token is not missing from the authentication request;
  
  requesting an implicit credential in response to determining that the authentication token is missing from the authentication request, the user submitting the authentication request without any authentication token, the implicit credential being a different type of credential than the authentication token;
  
  identifying a time of day and date when the authentication request was received and a network address of a device that transmitted the authentication request, wherein the network address is one of an IP address and a MAC address;
  
  requesting an implicit credential in response to the user submitting the authentication request without any authentication token, the implicit credential being a different type of credential than the authentication token;
  
  determining, by the authenticating device, whether the time of day and date when the authentication request was received matches a predetermined time range in response to determining that the authentication token is missing from the authentication request;
  
  determining, by the authenticating device, whether the network address of the device that transmitted the authentication request matches a predefined network address in response to determining that the authentication token is missing from the authentication request;
  
  determining, by the authenticating device, whether the implicit credential matches a predefined credential in response to determining that the authentication token is missing from the authentication request; and
  
  resetting, by the authenticating device, the authentication token in response to the time of day and date when the authentication request was received matching the predetermined time range, the network address of the device matching the predefined network address, and the implicit credential matching the predefined credential.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
- - 8. The method of claim 7, wherein the authentication token is one of a password and a fingerprint scan, and wherein the implicit credential comprises sensor input selected or combined from the group consisting of a microphone, a biometric scanner, RFID reader and a camera.
  - 9. The method of claim 7, further comprising transmitting the authentication request to the authority, wherein determining whether the implicit credential matches the predefined credential comprises receiving a response from the authority.
  - 10. The method of claim 7, further comprising allowing temporary access in response to the authentication request.
  - 11. The method of claim 10, wherein the temporary access is limited to a threshold value, the threshold value selected from the group consisting of a threshold number of authentication requests and a threshold amount of time.
  - 12. The method of claim 7, wherein the authentication request includes a reset token selected or combined from the group consisting of a name, an identification number, a location, a mascot, and a cryptographic token, the method further comprising:
    - resetting the authentication token in response to verifying the reset token.
  - 13. The method of claim 7, wherein before receiving the authentication request, the method further includes learning the implicit credential.
  - 14. The method of claim 7, the method further includes learning the predetermined time range and the predefined network address from a prior authentication request having a valid authentication token.

15. A program product comprising a non-transitory computer readable storage medium that stores code executable by a processor to perform:
- receiving an authentication request from a user, the authentication request usable to authenticate the user, wherein the authentication request requires an authentication token to authorize the user'"'"'s access of a computing resource;
  
  determining whether the authentication token is missing from the authentication request;
  
  authenticating the user via the authentication request and the authentication token, in response to determining that the authentication token is not missing from the authentication request;
  
  requesting an implicit credential in response to determining that the authentication token is missing from the authentication request, the implicit credential being a different type of credential than the authentication token;
  
  identifying a time of day and date when the authentication request was received and a network address of a device that transmitted the authentication request, wherein the network address is one of an IP address and a MAC address;
  
  requesting an implicit credential in response to determining that the authentication token is missing from the authentication request, the implicit credential being a different type of credential than the authentication token;
  
  determining whether the time of day and date when the authentication request was received matches a predetermined time range in response to determining that the authentication request is missing the authentication token;
  
  determining whether the network address of the device that transmitted the authentication request matches a predefined network address in response to determining that the authentication request is missing the authentication token;
  
  determining whether the implicit credential matches a predefined credential in response to determining that the authentication request is missing the authentication token; and
  
  resetting the authentication token in response to the time of day and date when the authentication request was received matching the predetermined time range, the network address of the device matching the predefined network address, and the implicit credential matching the predefined credential.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The program product of claim 15, wherein the authentication token is one of a password and a fingerprint scan, and wherein the implicit credential comprises sensor input selected or combined from the group consisting of a microphone, a biometric scanner, RFID reader and a camera.
  - 17. The program product of claim 15, wherein the authentication request includes a reset token selected or combined from the group consisting of an identifying name, an identification number, a location, and a cryptographic token, wherein the code further resets the authentication token in response to verifying the reset token.
  - 18. The program product of claim 15, the code further allows temporary access in response to the authentication request.
  - 19. The program product of claim 18, wherein the temporary access is limited to a threshold value, the threshold value selected from the group consisting of a threshold number of authentication requests and a threshold amount of time.
  - 20. The program product of claim 15, wherein the code further transmits the authentication request to the authority, wherein determining whether the implicit credential matches the predefined credential comprises the authority verifying the implicit credential.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lenovo PC International Limited (Lenovo Group Ltd.)
Original Assignee
Lenovo Singapore Pte Limited (Lenovo Group Ltd.)
Inventors
Bowser, Robert A., Cheston, Richard Wayne, Locker, Howard, Wibran, Goran Hans, Springfield, Randall Scott
Primary Examiner(s)
Patel, Ashok
Assistant Examiner(s)
Farooqui, Quazi

Application Number

US14/230,921
Publication Number

US 20150281218A1
Time in Patent Office

1,625 Days
Field of Search

726 1- 107, 726 18, 713155, 713161, 713170
US Class Current
CPC Class Codes

H04L 63/0823   using certificates cryptogr...

H04L 63/0846   using time-dependent-passwo...

H04L 63/0861   using biometrical features,...

Resetting authentication tokens based on an implicit credential in response to an authentication request missing an authentication token

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

7 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Resetting authentication tokens based on an implicit credential in response to an authentication request missing an authentication token

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

7 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others