One-time password validation in a multi-entity environment

US 20070294749A1
Filed: 06/15/2006
Published: 12/20/2007
Est. Priority Date: 06/15/2006
Status: Active Grant

First Claim

Patent Images

1. A validation method comprising:

receiving one of a predetermined number of first credentials;

receiving a second credential;

determining a validity of the received first credential;

determining a validity of the second credential;

determining the received first credential and the second credential, as a pair, valid if;

the received first credential is determined to be valid;

the second credential is determined to be valid; and

it is a first occurrence, as a pair, of the received first credential and the second credential.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A single passcode can be used for validation by a user of several entities in a system without compromising security. The source of the entity providing validation credentials, along with the passcode, is considered when determining validity. A one-time password system validates credentials if a validation credentials, such as a user'"'"'s valid passcode and the source of the credentials, have not been used previously. In a one-time passcode system, a validation processor receives validation credentials from a client processor. If the client processor has not previously sent the validation credentials to the validation processor, and the credentials are valid, the validation processor will validate the credentials. Otherwise, the credentials are invalid. Other client processors can utilize the same passcode and their respective source identifiers, and as long as the other client processors have not previously utilized the credentials, the credentials are declared valid.

48 Citations

View as Search Results

20 Claims

1. A validation method comprising:
- receiving one of a predetermined number of first credentials;
  
  receiving a second credential;
  
  determining a validity of the received first credential;
  
  determining a validity of the second credential;
  
  determining the received first credential and the second credential, as a pair, valid if;
  
  the received first credential is determined to be valid;
  
  the second credential is determined to be valid; and
  
  it is a first occurrence, as a pair, of the received first credential and the second credential.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. A method in accordance with claim 1, wherein:
    - the received first credential comprises a passcode; and
      
      the second credential comprises a source identifier indicative of a source of the first credential and the second credential.
  - 3. A method in accordance with claim 2, wherein:
    - the source comprises a processor; and
      
      the source identifier comprises an identifier of the processor.
  - 4. A method in accordance with claim 3, wherein the source identifier is indicative of at least one of a serial number of the processor and a network assigned value of the processor.
  - 5. A method in accordance with claim 2, wherein the source identifier is indicative of a location of the source.
  - 6. A method in accordance with claim 2, wherein the source identifier is indicative of an IP address of the source.
  - 7. A method in accordance with claim 1, wherein the predetermined number of first credentials comprises a respective predetermined number of passcodes.
  - 8. A method in accordance with claim 1, wherein the received first credential and the second credential are valid for a predetermined amount of time.
  - 9. A method in accordance with claim 1, further comprising:
    - receiving a plurality of the predetermined number of first credentials;
      
      determining each of the received plurality of first credentials and the second credential, as respective pairs, valid if;
      
      each of the received first credentials is determined to be valid;
      
      it is a first occurrence, as respective pairs, of each of the received first credentials and the second credential; and
      
      the plurality of received first credentials is received in a predetermined order.
  - 10. A method in accordance with claim 1, further comprising determining the received first credential and the second credential, as a pair, valid if the pair is received within a predetermined period of time.

11. A validation processor comprising:
- an input/output portion for;
  
  receiving one of a predetermined number of first credentials; and
  
  receiving a second credential;
  
  a processing portion for;
  
  determining a validity of the received first credential;
  
  determining a validity of the second credential;
  
  determining the received first credential and the second credential, as a pair, valid if;
  
  the received first credential is determined to be valid;
  
  the second credential is determined to be valid; and
  
  it is a first occurrence, as a pair, of the received first credential and the second credential.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. A validation processor in accordance with claim 11, wherein:
    - the received first credential comprises a passcode; and
      
      the second credential comprises a source identifier indicative of a source of the first credential and the second credential.
  - 13. A validation processor in accordance with claim 12, wherein:
    - the source comprises a client processor; and
      
      the source identifier comprises an indication of the client processor.
  - 14. A validation processor in accordance with claim 13, wherein the source identifier is indicative of at least one of a serial number of the client processor and a network assigned value of the processor.
  - 15. A validation processor in accordance with claim 12, wherein the source identifier is indicative of a location of the source.
  - 16. A validation processor in accordance with claim 12, wherein the source identifier is indicative of an IP address of the source.
  - 17. A validation processor in accordance with claim 12, wherein the predetermined number of first credentials comprises a respective predetermined number of passcodes.
  - 18. A validation processor in accordance with claim 11, wherein the received first credential and the second credential are valid for a predetermined amount of time.
  - 19. A validation processor in accordance with claim 11:
    - the input/output portion further for;
      
      receiving a plurality of the predetermined number of first credentials; and
      
      the processing portion further for;
      
      determining each of the received plurality of first credentials and the second credential, as respective pairs, valid if;
      
      each of the received first credentials is determined to be valid;
      
      it is a first occurrence, as respective pairs, of each of the received first credentials and the second credential; and
      
      the plurality of received first credentials is received in a predetermined order.
  - 20. A validation processor in accordance with claim 11, wherein the validation processor is implemented as an intermediate processor.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Zhigu Holdings Limited
Original Assignee
Microsoft Corporation
Inventors
Nice, Nir, Shiran, Tomer, Mondri, Ron, Ein-Gil, Boaz

Granted Patent

US 8,959,596 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/5
CPC Class Codes

H04L 63/083   using passwords cryptograph...

H04L 63/0838   using one-time-passwords

H04L 63/0853   using an additional device,...

H04L 9/0863   involving passwords or one-...

H04L 9/3228   One-time or temporary data,...

One-time password validation in a multi-entity environment

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

48 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

One-time password validation in a multi-entity environment

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

48 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links