System and method for user authentication by means of web-enabled personal trusted device
First Claim
Patent Images
1. A token-based user authentication system comprised of:
- Personal Trusted Device (PTD), possessing a unique device identifier (UDID), capable of capturing short digital sequences (tokens) via digital signal processing of optical, audio, or radio-frequency input;
accepting user input needed for user authentication with embedded keyboard, touch sensors, optical sensor, or voice recognition;
transmitting and receiving messages via network connection.Plurality of Token Presentation Devices that allow users to capture tokens, supplied by Authentication Service, with a PTD.Plurality of network-connected Action Servers that act on behalf of users and require the said users to be identified and authenticated.Network-connected Token Management Service that facilitates token-based authentication by;
generating unique tokens upon requests coming from an Authentication Service on behalf of the Action Servers;
receiving messages from PTDs that contain PTDs'"'"' UDIDs and the tokens captured by PTDs from Token Presentation Devices;
establishing links between said tokens and UDIDs of the PTDs that sent the messages with the tokens;
notifying the Authentication Service about the newly established links.Authentication Service that;
communicates with PTDs and authenticates users with plurality of the authentication methods;
maintains a database of the user records, containing a unique user identifier, UDID'"'"'s of the PTDs owned by the user, the user credentials, and the user identifiers for various Action Servers;
provides an interface to the Action Servers that allows association of the user identifier on an Action Server with user record in the database;
provides an interface to the Action Servers that allows initiation of token-based authentication;
notifies an Action Server in the event when token-based authentication previously initiated on behalf of that Action Server has been successfully completed by user via combination of the user credentials and the use of PTD associated with user'"'"'s record.
4 Assignments
0 Petitions
Accused Products
Abstract
A system of token-based user authentication for the purpose of authorizing user access to protected resources, such as web applications, computer systems or computer controlled devices. The system utilizes a personal trusted device (PTD), which is owned and operated by one specific user, to establish secure communication channels that are subsequently used to pass user credentials to authentication service. Association of a PTD with servers controlling access to resources is performed by publishing and capturing unique tokens via sensors embedded in PTD, such as an optical camera.
91 Citations
13 Claims
-
1. A token-based user authentication system comprised of:
-
Personal Trusted Device (PTD), possessing a unique device identifier (UDID), capable of capturing short digital sequences (tokens) via digital signal processing of optical, audio, or radio-frequency input;
accepting user input needed for user authentication with embedded keyboard, touch sensors, optical sensor, or voice recognition;
transmitting and receiving messages via network connection.Plurality of Token Presentation Devices that allow users to capture tokens, supplied by Authentication Service, with a PTD. Plurality of network-connected Action Servers that act on behalf of users and require the said users to be identified and authenticated. Network-connected Token Management Service that facilitates token-based authentication by;
generating unique tokens upon requests coming from an Authentication Service on behalf of the Action Servers;
receiving messages from PTDs that contain PTDs'"'"' UDIDs and the tokens captured by PTDs from Token Presentation Devices;
establishing links between said tokens and UDIDs of the PTDs that sent the messages with the tokens;
notifying the Authentication Service about the newly established links.Authentication Service that;
communicates with PTDs and authenticates users with plurality of the authentication methods;
maintains a database of the user records, containing a unique user identifier, UDID'"'"'s of the PTDs owned by the user, the user credentials, and the user identifiers for various Action Servers;
provides an interface to the Action Servers that allows association of the user identifier on an Action Server with user record in the database;
provides an interface to the Action Servers that allows initiation of token-based authentication;
notifies an Action Server in the event when token-based authentication previously initiated on behalf of that Action Server has been successfully completed by user via combination of the user credentials and the use of PTD associated with user'"'"'s record. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeAdjoy, Inc., TOP, Inc.
-
Original AssigneeEnvlzio Incorporated
-
InventorsKontsevich, Leonid
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current726/9
-
CPC Class CodesG06F 21/34 involving the use of extern...G06F 21/42 using separate channels for...H04L 9/3213 using tickets or tokens, e....H04L 9/3231 Biological data, e.g. finge...H04L 9/3234 involving additional secure...
