Systems and Methods for Credential Management Between Electronic Devices

US 20150096001A1
Filed: 10/14/2013
Published: 04/02/2015
Est. Priority Date: 10/01/2013
Status: Active Grant

First Claim

Patent Images

1. A method on a first electronic device for enabling a user to access a secure website, the method comprising:

using a browser application to detect navigation to a login page of the secure website, the secure website requiring user credentials for access thereto;

detecting a presence of a second electronic device proximal to the first electronic device;

authenticating, by a processor of the first electronic device, the first electronic device to the second electronic device;

sending, to the second electronic device, an identification of the secure website;

receiving, from the second electronic device, user credentials based on the identification of the secure website; and

populating the login page with the user credentials.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments are provided for managing user credentials that enable access to secure websites. According to certain aspects, a browser device connects (230) to a website server that hosts a secure website. The browser device initiates (236) a credential request and enters (238) a discovery routine with a mobile device. After establishing (240) a secure channel with the mobile device, the browser device sends (248) an identification of the secure website to the mobile device, which identifies (250) corresponding user credentials and sends (252) the user credentials to the browser device. The browser device populates (254) a login page with the user credentials and accesses (256) the secure website.

36 Citations

View as Search Results

22 Claims

1. A method on a first electronic device for enabling a user to access a secure website, the method comprising:
- using a browser application to detect navigation to a login page of the secure website, the secure website requiring user credentials for access thereto;
  
  detecting a presence of a second electronic device proximal to the first electronic device;
  
  authenticating, by a processor of the first electronic device, the first electronic device to the second electronic device;
  
  sending, to the second electronic device, an identification of the secure website;
  
  receiving, from the second electronic device, user credentials based on the identification of the secure website; and
  
  populating the login page with the user credentials.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein authenticating the first electronic device to the second electronic device comprises:
    - establishing a secure channel between the first electronic device and the second electronic device; and
      
      performing an application layer authentication between the browser application and a credential manager application on the second electronic device.
  - 3. The method of claim 2, further comprising:
    - authenticating the user to the browser application using browser credentials of the user.
  - 4. The method of claim 3, wherein the second electronic device stores a modified version of the browser credentials, and wherein performing the application layer authentication between the browser application and the credential manager application on the second electronic device comprises:
    - sending initialization data to the second electronic device;
      
      receiving cryptographic data from the second electronic device;
      
      manipulating the browser credentials with the cryptographic data to produce a manipulated value; and
      
      sending the manipulated value to the second electronic device, wherein the credential manager application authenticates the browser application using the manipulated value.
  - 5. The method of claim 2, wherein performing the application layer authentication between the browser application and the credential manager application on the second electronic device comprises:
    - performing the application layer authentication using a cryptographic protocol.
  - 6. The method of claim 1, wherein detecting the presence of the second electronic device comprises:
    - receiving a request to retrieve the user credentials; and
      
      responsive to receiving the request, performing a routine to discover the second electronic device.
  - 7. The method of claim 6, wherein receiving the request to retrieve the user credentials comprises at least one of:
    - detecting a user selection of a credential requirement indicator associated with the login page of the secure website, andreceiving a user command to initiate communication with the second electronic device.
  - 8. The method of claim 1, wherein detecting the presence of the second electronic device comprises:
    - receiving a credential request from a server associated with the secure website; and
      
      responsive to receiving the credential request, performing a routine to discover the second electronic device.
  - 9. The method of claim 1, wherein detecting the presence of the second electronic device proximal to the first electronic device comprises:
    - detecting the presence of the second electronic device via a wireless communication.

10. A method in a first electronic device of providing user credentials for access to a secure website, the method comprising:
- detecting a presence of a second electronic device proximal to the first electronic device;
  
  authenticating, by a processor of the first electronic device, the first electronic device to the second electronic device;
  
  receiving, from the second electronic device, an identification of the secure website;
  
  identifying, by a credential manager application of the first electronic device, the user credentials based on the identification of the website; and
  
  sending the user credentials to the second electronic device, wherein the second electronic device uses the user credentials with a browser application to access the secure website.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The method of claim 10, further comprisingauthenticating a user to the credential manager application of the first electronic device.
  - 12. The method of claim 10, wherein authenticating the first electronic device to the second electronic device comprises:
    - establishing a secure channel between the first electronic device and the second electronic device; and
      
      performing an application layer authentication between the credential manager application and the browser application on the second electronic device.
  - 13. The method of claim 12, wherein the credential manager application is configured to access a modified version of browser credentials associated with the browser application, and wherein performing the application layer authentication between the credential manager application and the browser application comprises:
    - receiving initialization data from the second electronic device;
      
      sending cryptographic data to the second electronic device;
      
      receiving, from the second electronic device, the browser credentials that were manipulated with the cryptographic data by the second electronic device; and
      
      comparing the browser credentials that were manipulated with the cryptographic data to the modified version of the browser credentials.
  - 14. The method of claim 12, wherein performing the application layer authentication between the credential manager application and the browser application comprises:
    - performing the application layer authentication using a cryptographic protocol.
  - 15. The method of claim 10, wherein the authenticating, by the processor of the first electronic device, the first electronic device to the second electronic device comprises:
    - authenticating a user of the browser application to the first electronic device.
  - 16. The method of claim 10, wherein detecting the presence of the second electronic device comprises:
    - receiving a discovery signal from the second electronic device; and
      
      sending a response signal to the second electronic device.
  - 17. The method of claim 10, wherein detecting the presence of the second electronic device proximal to the first electronic device comprises:
    - detecting the presence of the second electronic device via a wireless communication.

18. An electronic device for enabling a user to access a secure website, comprising:
- a memory storing a browser application configured to detect navigation to a login page of the secure website, the secure website requiring user credentials for access thereto;
  
  a communication module configured to connect to an additional electronic device; and
  
  a processor configured to interface with the memory and the communication module, and to perform operations comprising;
  
  detecting a presence of the additional electronic device proximal to the first electronic device,authenticating the electronic device to the additional electronic device,causing the communication module to send, to the additional electronic device, an identification of the secure website,receiving, from the additional electronic device via the communication module, user credentials based on the identification of the secure website, and populating the login page with the user credentials.
- View Dependent Claims (19, 20, 21, 22)
- - 19. The electronic device of claim 18, wherein the processor authenticates the electronic device to the additional electronic device by:
    - establishing a secure channel between the electronic device and the additional electronic device, andperforming an application layer authentication between the browser application and a credential manager application on the additional electronic device.
  - 20. The electronic device of claim 18, wherein the processor is further configured to perform operations comprising:
    - authenticating the user to the browser application using browser credentials of the user.
  - 21. The electronic device of claim 18, wherein the processor detects the presence of the additional electronic device by:
    - receiving a request to retrieve the user credentials, andresponsive to receiving the request, performing a routine to discover the additional electronic device.
  - 22. The electronic device of claim 18, wherein the processor detects the presence of the additional electronic device by:
    - detecting the presence of the additional electronic device via a wireless communication.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google Technology Holdings LLC (Alphabet Inc.)
Original Assignee
Motorola Mobility LLC (Lenovo Group Ltd.)
Inventors
Morikuni, James J., Hansen, Joseph M., Shu, Darren B.

Granted Patent

US 9,363,251 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/7
CPC Class Codes

G06F 21/35   communicating wirelessly

G06F 2221/2111   Location-sensitive, e.g. ge...

H04L 63/0428   wherein the data content is...

H04L 63/06   for supporting key manageme...

H04L 63/08   for authentication of entit...

H04L 63/0853   using an additional device,...

H04L 63/123   received data contents, e.g...

H04L 67/02   based on web technology, e....

H04W 12/068   using credential vaults, e....

Systems and Methods for Credential Management Between Electronic Devices

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

36 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and Methods for Credential Management Between Electronic Devices

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

36 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links