Keyfob for use with multiple authentication entities
First Claim
1. In a user computer with which a token generator communicates for accessing a first computer corresponding to a first authentication entity using the token generator for a second authentication entity, a computer-implemented method of authenticating the token generator, the method comprising:
- obtaining a token from the token generator, the token being generated by the token generator in synchronization with the second authentication entity and having a limited duration of validity;
transmitting to the first authentication entity an authentication request including the token and authentication entity identification information identifying the second authentication entity;
responsive to determining that the first authentication entity is not an authentication entity associated with the authentication entity identification information, the authentication request being further transmitted to the second authentication entity associated with the authentication entity identification information; and
responsive to the second authentication entity validating the token generator based on the token, the first authentication entity allowing the user computer access to the first computer.
1 Assignment
0 Petitions
Accused Products
Abstract
A token generator such as a keyfob is used to access the computer of an authentication entity different from the authentication entity that issued the token generator. The token generator stores authentication entity identification information identifying the authentication entity that issued the token generator. The token generator causes a user computer to transmit an authentication request including such authentication entity identification information together with a token generated in synchronization with the authentication entity issuing the token generator, so that the authentication request can be routed to the appropriate authentication entity that issued the keyfob for validation. The authentication request can be sent directly to the authentication entity that issued the token generator. The authentication request can also be sent to the authentication entity that issued the token generator via another authentication entity to which the user computer attempts to access.
51 Citations
12 Claims
-
1. In a user computer with which a token generator communicates for accessing a first computer corresponding to a first authentication entity using the token generator for a second authentication entity, a computer-implemented method of authenticating the token generator, the method comprising:
-
obtaining a token from the token generator, the token being generated by the token generator in synchronization with the second authentication entity and having a limited duration of validity; transmitting to the first authentication entity an authentication request including the token and authentication entity identification information identifying the second authentication entity; responsive to determining that the first authentication entity is not an authentication entity associated with the authentication entity identification information, the authentication request being further transmitted to the second authentication entity associated with the authentication entity identification information; and responsive to the second authentication entity validating the token generator based on the token, the first authentication entity allowing the user computer access to the first computer. - View Dependent Claims (2, 3)
-
-
4. In a first authentication entity, a computer-implemented method of authenticating a token generator for a second authentication entity, the token generator communicating with a user computer for accessing a first computer corresponding to the first authentication entity, the method comprising:
-
receiving from the user computer an authentication request including a token and authentication entity identification information identifying the second authentication entity, the token being generated by the token generator in synchronization with the second authentication entity and having a limited duration of validity; responsive to determining that the first authentication entity is not an authentication entity associated with the authentication entity identification information, transmitting the authentication request to the second authentication entity associated with the authentication entity identification information; and responsive to the token generator being validated by the second authentication entity based on the token, allowing the user computer access to the first computer. - View Dependent Claims (5, 6)
-
-
7. A computer-implemented method of authenticating a token generator communicating with a user computer for accessing a first computer corresponding to a first authentication entity, the method performed in a second authentication entity and comprising:
-
receiving via the first authentication entity an authentication request including a token and authentication entity identification information identifying the second authentication entity, the token being generated by the token generator in synchronization with the second authentication entity and having a limited duration of validity; and validating the token generator based on the token in response to determining that the second authentication entity is an authentication entity associated with the authentication entity identification information, the user computer being allowed access to the first computer responsive to the token generator being validated. - View Dependent Claims (8, 9)
-
-
10. A token generator capable of communicating with a user computer for accessing a first computer corresponding to a first authentication entity using the token generator for a second authentication entity, the token generator comprising:
-
a communication module for communicating with the user computer; a memory module storing authentication entity identification information identifying the second authentication entity and authentication software configured to cause the user computer to; obtain a token from the token generator, the token generated by the token generator in synchronization with the second authentication entity and having a limited duration of validity; and transmit to the first authentication entity an authentication request including the token and the authentication entity identification information, the authentication request being further transmitted to the second authentication entity associated with the authentication entity identification in response to determining that the first authentication entity is not an authentication entity associated with the authentication entity identification information, and the first authentication entity allowing the user computer access to the first computer in response to the second authentication entity validating the token generator based on the token. - View Dependent Claims (11, 12)
-
Specification