Common authentication service for network connected applications, devices, users, and web services

US 20070186103A1
Filed: 01/23/2006
Published: 08/09/2007
Est. Priority Date: 01/23/2006
Status: Active Grant

First Claim

Patent Images

1. An authentication library including means for managing interaction with the library comprising strong network authentication and self service interaction points and further means for effecting a correlation between the use and creation of library entries having predetermined correlation indicia for effecting strong authentication of users and participants within the network.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

System architecture for network connected applications, devices, users, and web services providing security effected by means for managing interaction with an authentication library that effects a correlation between the use and creation of library entries having predetermined correlation indicia for effecting strong authentication of users and participants within the network. A common authentication service (CAS) based upon an XML or web services protocol is described.

75 Citations

View as Search Results

17 Claims

1. An authentication library including means for managing interaction with the library comprising strong network authentication and self service interaction points and further means for effecting a correlation between the use and creation of library entries having predetermined correlation indicia for effecting strong authentication of users and participants within the network.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. An authentication library of claim 1 wherein one or more authentication library entries are used to effect multi factor authentication at in band and out of band systems.
  - 3. An authentication library of claim 2 wherein access to the authentication library is accomplished by means of a common authentication service (CAS) based upon an XML or web services protocol.
  - 4. An authentication library of claim 2 wherein new entries into the authentication library are created by users via self service interfaces where the user is the only one that has knowledge of the authentication library entry(s).
  - 5. An authentication library of claim 2 including a strength value (SV) protocol that is created and managed as an element of the authentication library management means wherein the SV provides a unique factor in determining the most suitable library entries for use in determining the authentication of one or more of a particular user, device, application, terminal, or other networked connection.
  - 6. An authentication library of claim 3 wherein the use of CAS effects transitive security and transitive security is effected among a group of two or more entities connected on a network by means of an authentication library.
  - 7. An authentication library of claim 2 wherein the selection and use of entries from an authentication library are accomplished by means of an algorithm where there is no general observable correlation between multiple authentication attempts from the same device, user, or networked interface whereby a random authentication process at the interface defeats keyboard loggers and in-channel security attacks.
  - 8. An authentication library of claim 2 wherein multifactor authentication is effected by a multifactor authentication protocol applied at more than one user, device, application, or interface in a network of multiple users, devices and applications.
  - 9. An authentication library of claim 2 wherein multifactor authentication is accomplished independent of the application, device or network interface a user is authenticating to in a networked community by using two or more entries in the authentication library.
  - 10. An authentication library of claim 2 wherein a one time password is generated for use as an authentication vehicle at other systems, interfaces, and devices in a networked application.
  - 11. An authentication library of claim 10 including means for creating a network link for one time password validation comprising one or more of a web service, XML service, radius server, LDAP server, meta directory, OLDAP, or SAML server providing a means for multifactor authentication.

12. System architecture for providing strong authentication comprising an authentication library, CAS, and a process model determining authentication library creation and use wherein creation and use factors provide a method for strong authentication.
- View Dependent Claims (13, 15, 16, 17)
- - 13. System architecture of claim 12 including means for effecting multi-factor authentication for authentication to any system in a networked community by leveraging a CAS for use at multiple systems.
  - 15. System architecture of claim 12 including means for initializing a new user, node on SSN, or node on a service oriented network to effect strong authentication for a user/self enrollment model.
  - 16. System architecture of claim 12 wherein entries into the authentication library are restricted by use to a mix of participants on a networked community wherein the management and use of entries in the library are linked to roles and participants definitions on the network wherein fine grained control and audit reporting is provided.
  - 17. System architecture of claim 12 including means for using a CAS dynamically in combination with an authentication library to react to security threats in real time whereby strong authentication in a multi user, multi device, multi application networked environment is provided in the absence of any human interaction except for that of the authenticating party.

14. A CAS wherein 1) a web service or XML service is interconnected to or between one or more of a device, user, application to provide an authentication process permitting access to one or more entries in an authentication library for strong authentication and 2) an application specific authentication is a precondition to access to the application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Randall Orkis, William M. Randle
Original Assignee
Randall Orkis, William M. Randle
Inventors
Randle, William, Orkis, Randall

Granted Patent

US 7,546,276 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/168
CPC Class Codes

G06F 21/31   User authentication

G06F 21/34   involving the use of extern...

G06F 21/35   communicating wirelessly

G06F 2221/2101   Auditing as a secondary aspect

G06Q 20/367   involving electronic purses...

H04L 2463/102   applying security measure f...

H04L 63/08   for authentication of entit...

Common authentication service for network connected applications, devices, users, and web services

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

75 Citations

17 Claims

Specification

Use Cases

Quick Links

Others

Common authentication service for network connected applications, devices, users, and web services

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

75 Citations

17 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others