WO2009148746A3 - Trusted device-specific authentication - Google Patents

Trusted device-specific authentication Download PDF

Info

Publication number
WO2009148746A3
WO2009148746A3 PCT/US2009/042667 US2009042667W WO2009148746A3 WO 2009148746 A3 WO2009148746 A3 WO 2009148746A3 US 2009042667 W US2009042667 W US 2009042667W WO 2009148746 A3 WO2009148746 A3 WO 2009148746A3
Authority
WO
WIPO (PCT)
Prior art keywords
user
credential verification
authentication
factors
account
Prior art date
Application number
PCT/US2009/042667
Other languages
French (fr)
Other versions
WO2009148746A2 (en
Inventor
Wei-Qiang Guo (Michael)
Yordan Rouskon
Rui Chen
Pui-Yin Winfred Wong
Original Assignee
Microsoft Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Corporation filed Critical Microsoft Corporation
Priority to KR1020107026460A priority Critical patent/KR101534890B1/en
Priority to EP09758909.7A priority patent/EP2283669B1/en
Priority to CN2009801212565A priority patent/CN102047709B/en
Priority to JP2011511684A priority patent/JP5038531B2/en
Publication of WO2009148746A2 publication Critical patent/WO2009148746A2/en
Publication of WO2009148746A3 publication Critical patent/WO2009148746A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash

Abstract

An authentication system combines device credential verification with user credential verification to provide a more robust authentication mechanism that is convenient to the user and effective across enterprise boundaries. In one implementation, user credential verification and device credential verification are combined to provide a convenient two-factor authentication. In this manner, an account authority service or other authentication provider verify both factors and provide a security token in accordance with the security policy of the account network resource the user is intending to access. The level of privilege granted by the target account network resource can vary depending on the number and type of factors verified by the account authority service.
PCT/US2009/042667 2008-06-02 2009-05-04 Trusted device-specific authentication WO2009148746A2 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
KR1020107026460A KR101534890B1 (en) 2008-06-02 2009-05-04 Trusted device-specific authentication
EP09758909.7A EP2283669B1 (en) 2008-06-02 2009-05-04 Trusted device-specific authentication
CN2009801212565A CN102047709B (en) 2008-06-02 2009-05-04 Trusted device-specific authentication
JP2011511684A JP5038531B2 (en) 2008-06-02 2009-05-04 Authentication limited to trusted equipment

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US12/131,142 US7979899B2 (en) 2008-06-02 2008-06-02 Trusted device-specific authentication
US12/131,142 2008-06-02

Publications (2)

Publication Number Publication Date
WO2009148746A2 WO2009148746A2 (en) 2009-12-10
WO2009148746A3 true WO2009148746A3 (en) 2010-04-22

Family

ID=41381542

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2009/042667 WO2009148746A2 (en) 2008-06-02 2009-05-04 Trusted device-specific authentication

Country Status (6)

Country Link
US (2) US7979899B2 (en)
EP (1) EP2283669B1 (en)
JP (1) JP5038531B2 (en)
KR (1) KR101534890B1 (en)
CN (1) CN102047709B (en)
WO (1) WO2009148746A2 (en)

Families Citing this family (200)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9002018B2 (en) * 2006-05-09 2015-04-07 Sync Up Technologies Corporation Encryption key exchange system and method
US8327142B2 (en) 2006-09-27 2012-12-04 Secureauth Corporation System and method for facilitating secure online transactions
US8301877B2 (en) 2008-03-10 2012-10-30 Secureauth Corporation System and method for configuring a valid duration period for a digital certificate
KR100897512B1 (en) * 2008-08-07 2009-05-15 주식회사 포비커 Advertising method and system adaptive to data broadcasting
US20100042848A1 (en) * 2008-08-13 2010-02-18 Plantronics, Inc. Personalized I/O Device as Trusted Data Source
US8892868B1 (en) 2008-09-30 2014-11-18 Amazon Technologies, Inc. Hardening tokenization security and key rotation
US9053480B1 (en) 2008-09-30 2015-06-09 Amazon Technologies, Inc. Secure validation using hardware security modules
US10867298B1 (en) 2008-10-31 2020-12-15 Wells Fargo Bank, N.A. Payment vehicle with on and off function
US20100114768A1 (en) 2008-10-31 2010-05-06 Wachovia Corporation Payment vehicle with on and off function
US20100131641A1 (en) * 2008-11-26 2010-05-27 Novell, Inc. System and method for implementing a wireless query and display interface
US20100220634A1 (en) * 2009-02-27 2010-09-02 Douglas Gisby Systems and methods for facilitating conference calls using security tokens
US8290135B2 (en) 2009-02-27 2012-10-16 Research In Motion Limited Systems and methods for facilitating conference calls using security keys
CN101834834A (en) * 2009-03-09 2010-09-15 华为软件技术有限公司 Authentication method, device and system
EP2417542A1 (en) * 2009-04-07 2012-02-15 Omnifone Ltd Enabling digital media content to be downloaded to and used on multiple types of computing device
US9047458B2 (en) 2009-06-19 2015-06-02 Deviceauthority, Inc. Network access protection
US8726407B2 (en) 2009-10-16 2014-05-13 Deviceauthority, Inc. Authentication of computing and communications hardware
US8319606B2 (en) * 2009-10-29 2012-11-27 Corestreet, Ltd. Universal validation module for access control systems
US9769164B2 (en) * 2009-10-29 2017-09-19 Assa Abloy Ab Universal validation module for access control systems
WO2011063014A1 (en) 2009-11-17 2011-05-26 Secureauth Corporation Single sign on with multiple authentication factors
WO2011106716A1 (en) * 2010-02-25 2011-09-01 Secureauth Corporation Security device provisioning
EP2540057A2 (en) * 2010-02-26 2013-01-02 General instrument Corporation Dynamic cryptographic subscriber-device identity binding for subscriber mobility
NL1037813C2 (en) * 2010-03-18 2011-09-20 Stichting Bioxs System and method for checking the authenticity of the identity of a person logging into a computer network.
US8856509B2 (en) * 2010-08-10 2014-10-07 Motorola Mobility Llc System and method for cognizant transport layer security (CTLS)
US9940682B2 (en) * 2010-08-11 2018-04-10 Nike, Inc. Athletic activity user experience and environment
US8453222B1 (en) * 2010-08-20 2013-05-28 Symantec Corporation Possession of synchronized data as authentication factor in online services
US8601602B1 (en) * 2010-08-31 2013-12-03 Google Inc. Enhanced multi-factor authentication
WO2012037056A1 (en) * 2010-09-13 2012-03-22 Thomson Licensing Method and apparatus for an ephemeral trusted device
US8260931B2 (en) * 2010-10-02 2012-09-04 Synopsys, Inc. Secure provisioning of resources in cloud infrastructure
JP5717407B2 (en) 2010-11-15 2015-05-13 キヤノン株式会社 Print relay system, image forming apparatus, system control method, and program
US8868915B2 (en) * 2010-12-06 2014-10-21 Verizon Patent And Licensing Inc. Secure authentication for client application access to protected resources
US20120167194A1 (en) * 2010-12-22 2012-06-28 Reese Kenneth W Client hardware authenticated transactions
AU2011100168B4 (en) 2011-02-09 2011-06-30 Device Authority Ltd Device-bound certificate authentication
WO2013009385A2 (en) * 2011-07-08 2013-01-17 Uniloc Usa Device-bound certificate authentication
US8935766B2 (en) * 2011-01-19 2015-01-13 Qualcomm Incorporated Record creation for resolution of application identifier to connectivity identifier
US9027101B2 (en) * 2011-03-01 2015-05-05 Google Technology Holdings LLC Providing subscriber consent in an operator exchange
US8949951B2 (en) * 2011-03-04 2015-02-03 Red Hat, Inc. Generating modular security delegates for applications
US9112682B2 (en) * 2011-03-15 2015-08-18 Red Hat, Inc. Generating modular security delegates for applications
US9071422B2 (en) * 2011-04-20 2015-06-30 Innodis Co., Ltd. Access authentication method for multiple devices and platforms
AU2011101295B4 (en) 2011-06-13 2012-08-02 Device Authority Ltd Hardware identity in multi-factor authentication layer
US9075979B1 (en) 2011-08-11 2015-07-07 Google Inc. Authentication based on proximity to mobile device
US8752154B2 (en) * 2011-08-11 2014-06-10 Bank Of America Corporation System and method for authenticating a user
US8732814B2 (en) * 2011-08-15 2014-05-20 Bank Of America Corporation Method and apparatus for token-based packet prioritization
US8539558B2 (en) * 2011-08-15 2013-09-17 Bank Of America Corporation Method and apparatus for token-based token termination
US8789143B2 (en) 2011-08-15 2014-07-22 Bank Of America Corporation Method and apparatus for token-based conditioning
US8950002B2 (en) 2011-08-15 2015-02-03 Bank Of America Corporation Method and apparatus for token-based access of related resources
US8752143B2 (en) 2011-08-15 2014-06-10 Bank Of America Corporation Method and apparatus for token-based reassignment of privileges
AU2011101297B4 (en) 2011-08-15 2012-06-14 Uniloc Usa, Inc. Remote recognition of an association between remote devices
US8806602B2 (en) 2011-08-15 2014-08-12 Bank Of America Corporation Apparatus and method for performing end-to-end encryption
US9361443B2 (en) 2011-08-15 2016-06-07 Bank Of America Corporation Method and apparatus for token-based combining of authentication methods
US8752124B2 (en) 2011-08-15 2014-06-10 Bank Of America Corporation Apparatus and method for performing real-time authentication using subject token combinations
DE102011110898A1 (en) 2011-08-17 2013-02-21 Advanced Information Processing Systems Sp. z o.o. Method for authentication of e.g. robot, for providing access to services of e.g. information system, involves providing or inhibiting access of user to services of computer system based on authentication result
US8798273B2 (en) 2011-08-19 2014-08-05 International Business Machines Corporation Extending credential type to group Key Management Interoperability Protocol (KMIP) clients
WO2013048439A1 (en) 2011-09-30 2013-04-04 Hewlett-Packard Development Company, L.P. Managing basic input/output system (bios) access
WO2013066016A1 (en) * 2011-11-04 2013-05-10 주식회사 케이티 Method for forming a trust relationship, and embedded uicc therefor
KR101986312B1 (en) 2011-11-04 2019-06-05 주식회사 케이티 Method for Creating Trust Relationship and Embedded UICC
US9438575B2 (en) * 2011-12-22 2016-09-06 Paypal, Inc. Smart phone login using QR code
US8751794B2 (en) * 2011-12-28 2014-06-10 Pitney Bowes Inc. System and method for secure nework login
CN104025503B (en) * 2011-12-28 2017-07-28 英特尔公司 Use the webpage certification of client platform root of trust
US9237146B1 (en) * 2012-01-26 2016-01-12 United Services Automobile Association Quick-logon for computing device
US10282531B1 (en) 2012-01-26 2019-05-07 United Services Automobile Association (Usaa) Quick-logon for computing device
US9367678B2 (en) * 2012-02-29 2016-06-14 Red Hat, Inc. Password authentication
US9697346B2 (en) * 2012-03-06 2017-07-04 Cisco Technology, Inc. Method and apparatus for identifying and associating devices using visual recognition
US20130339740A1 (en) 2012-03-08 2013-12-19 Omer Ben-Shalom Multi-factor certificate authority
US20160337351A1 (en) * 2012-03-16 2016-11-17 Acuity Systems, Inc. Authentication system
CN103368928B (en) * 2012-04-11 2018-04-27 富泰华工业(深圳)有限公司 Account number cipher reset system and method
US20130275282A1 (en) 2012-04-17 2013-10-17 Microsoft Corporation Anonymous billing
WO2013155628A1 (en) 2012-04-17 2013-10-24 Zighra Inc. Fraud detection system, method, and device
US11424930B2 (en) * 2012-05-22 2022-08-23 Barclays Bank Delaware Systems and methods for providing account information
US9317689B2 (en) * 2012-06-15 2016-04-19 Visa International Service Association Method and apparatus for secure application execution
US8984111B2 (en) * 2012-06-15 2015-03-17 Symantec Corporation Techniques for providing dynamic account and device management
US9177129B2 (en) * 2012-06-27 2015-11-03 Intel Corporation Devices, systems, and methods for monitoring and asserting trust level using persistent trust log
US9832189B2 (en) * 2012-06-29 2017-11-28 Apple Inc. Automatic association of authentication credentials with biometrics
US20140013108A1 (en) * 2012-07-06 2014-01-09 Jani Pellikka On-Demand Identity Attribute Verification and Certification For Services
US20140019753A1 (en) * 2012-07-10 2014-01-16 John Houston Lowry Cloud key management
CN103581114A (en) * 2012-07-20 2014-02-12 上海湛泸网络科技有限公司 Authentication method and system
JP5632429B2 (en) * 2012-08-28 2014-11-26 Kddi株式会社 Service authentication method and system for building a closed communication environment in an open communication environment
US9641521B2 (en) * 2012-09-14 2017-05-02 Iovation Llc Systems and methods for network connected authentication
US8539567B1 (en) * 2012-09-22 2013-09-17 Nest Labs, Inc. Multi-tiered authentication methods for facilitating communications amongst smart home devices and cloud-based servers
US9444817B2 (en) 2012-09-27 2016-09-13 Microsoft Technology Licensing, Llc Facilitating claim use by service providers
US9449156B2 (en) 2012-10-01 2016-09-20 Microsoft Technology Licensing, Llc Using trusted devices to augment location-based account protection
US8843741B2 (en) * 2012-10-26 2014-09-23 Cloudpath Networks, Inc. System and method for providing a certificate for network access
CN103023885B (en) * 2012-11-26 2015-09-16 北京奇虎科技有限公司 Secure data processing method and system
US9172699B1 (en) * 2012-11-30 2015-10-27 Microstrategy Incorporated Associating a device with a user account
US9769159B2 (en) * 2012-12-14 2017-09-19 Microsoft Technology Licensing, Llc Cookie optimization
US10033719B1 (en) * 2012-12-20 2018-07-24 Amazon Technologies, Inc. Mobile work platform for remote data centers
EP2936369B1 (en) * 2012-12-21 2020-04-15 Advanced Biometric Controls, LLC Verification of password using a keyboard with a secure password entry mode
US9130920B2 (en) 2013-01-07 2015-09-08 Zettaset, Inc. Monitoring of authorization-exceeding activity in distributed networks
US9622075B2 (en) 2013-01-31 2017-04-11 Dell Products L.P. System and method for adaptive multifactor authentication
US8935768B1 (en) * 2013-02-21 2015-01-13 Ca, Inc. Controlling client access to email responsive to email class levels
JP5596194B2 (en) * 2013-02-28 2014-09-24 シャープ株式会社 Authentication device, authentication device control method, communication device, authentication system, control program, and recording medium
US20140259135A1 (en) * 2013-03-08 2014-09-11 Signature Systems Llc Method and system for simplified user registration on a website
US10110578B1 (en) * 2013-03-12 2018-10-23 Amazon Technologies, Inc. Source-inclusive credential verification
US9143496B2 (en) 2013-03-13 2015-09-22 Uniloc Luxembourg S.A. Device authentication using device environment information
US9286466B2 (en) 2013-03-15 2016-03-15 Uniloc Luxembourg S.A. Registration and authentication of computing devices using a digital skeleton key
GB2512613A (en) * 2013-04-03 2014-10-08 Cloudzync Ltd Secure communications system
US10063662B2 (en) * 2013-04-19 2018-08-28 Twitter, Inc. Method and system for establishing a trust association
CN104125565A (en) * 2013-04-23 2014-10-29 中兴通讯股份有限公司 Method for realizing terminal authentication based on OMA DM, terminal and server
ES2875963T3 (en) * 2013-07-05 2021-11-11 Sgx As Method and system related to user authentication to access data networks
RU2583710C2 (en) 2013-07-23 2016-05-10 Закрытое акционерное общество "Лаборатория Касперского" System and method for providing privacy of information used during authentication and authorisation operations using trusted device
US10069868B2 (en) * 2014-03-28 2018-09-04 Intel Corporation Systems and methods to facilitate multi-factor authentication policy enforcement using one or more policy handlers
US9588342B2 (en) 2014-04-11 2017-03-07 Bank Of America Corporation Customer recognition through use of an optical head-mounted display in a wearable computing device
US9424575B2 (en) * 2014-04-11 2016-08-23 Bank Of America Corporation User authentication by operating system-level token
US10121142B2 (en) 2014-04-11 2018-11-06 Bank Of America Corporation User authentication by token and comparison to visitation pattern
US9514463B2 (en) 2014-04-11 2016-12-06 Bank Of America Corporation Determination of customer presence based on communication of a mobile communication device digital signature
US20170309552A1 (en) * 2014-05-07 2017-10-26 Uber Technologies, Inc. System and method for verifying users for a network service using existing users
US10212136B1 (en) 2014-07-07 2019-02-19 Microstrategy Incorporated Workstation log-in
US9471759B2 (en) 2014-07-10 2016-10-18 Bank Of America Corporation Enabling device functionality based on indoor positioning system detection of physical customer presence
US9659316B2 (en) 2014-07-10 2017-05-23 Bank Of America Corporation Providing navigation functionality in a retail location using local positioning technology
US9691092B2 (en) 2014-07-10 2017-06-27 Bank Of America Corporation Predicting and responding to customer needs using local positioning technology
US10332050B2 (en) 2014-07-10 2019-06-25 Bank Of America Corporation Identifying personnel-staffing adjustments based on indoor positioning system detection of physical customer presence
US9432804B2 (en) 2014-07-10 2016-08-30 Bank Of America Corporation Processing of pre-staged transactions
US9734643B2 (en) 2014-07-10 2017-08-15 Bank Of America Corporation Accessing secure areas based on identification via personal device
US10108952B2 (en) 2014-07-10 2018-10-23 Bank Of America Corporation Customer identification
US9699599B2 (en) 2014-07-10 2017-07-04 Bank Of America Corporation Tracking associate locations
US10074130B2 (en) 2014-07-10 2018-09-11 Bank Of America Corporation Generating customer alerts based on indoor positioning system detection of physical customer presence
US10028081B2 (en) 2014-07-10 2018-07-17 Bank Of America Corporation User authentication
US10278069B2 (en) * 2014-08-07 2019-04-30 Mobile Iron, Inc. Device identification in service authorization
US10419419B2 (en) * 2014-09-24 2019-09-17 Intel Corporation Technologies for sensor action verification
US9338071B2 (en) 2014-10-08 2016-05-10 Google Inc. Locale profile for a fabric network
CN104320163B (en) * 2014-10-10 2017-01-25 安徽华米信息科技有限公司 Communication method and device
CN105592014B (en) * 2014-10-24 2019-02-15 阿里巴巴集团控股有限公司 A kind of trusted terminal verification method, device
US10069814B2 (en) * 2014-10-28 2018-09-04 Ca, Inc. Single sign on across multiple devices using a unique machine identification
US20160162900A1 (en) * 2014-12-09 2016-06-09 Zighra Inc. Fraud detection system, method, and device
US10409989B2 (en) 2014-12-26 2019-09-10 Mcafee, Llc Trusted updates
US10439815B1 (en) * 2014-12-30 2019-10-08 Morphotrust Usa, Llc User data validation for digital identifications
US9652035B2 (en) * 2015-02-23 2017-05-16 International Business Machines Corporation Interfacing via heads-up display using eye contact
US11429975B1 (en) 2015-03-27 2022-08-30 Wells Fargo Bank, N.A. Token management system
US10701067B1 (en) 2015-04-24 2020-06-30 Microstrategy Incorporated Credential management using wearable devices
US10298563B2 (en) 2015-04-29 2019-05-21 Hewlett Packard Enterprise Development Lp Multi-factor authorization for IEEE 802.1x-enabled networks
CN106302308B (en) * 2015-05-12 2019-12-24 阿里巴巴集团控股有限公司 Trust login method and device
US10187357B2 (en) * 2015-07-05 2019-01-22 M2MD Technologies, Inc. Method and system for internetwork communication with machine devices
CN106341233A (en) * 2015-07-08 2017-01-18 阿里巴巴集团控股有限公司 Authentication method for client to log into server, device, system and electronic device
WO2017020195A1 (en) 2015-07-31 2017-02-09 Telefonaktiebolaget Lm Ericsson (Publ) Methods and devices of registering, verifying identity of, and invalidating non-sim mobile terminals accessing a wireless communication network
US11170364B1 (en) 2015-07-31 2021-11-09 Wells Fargo Bank, N.A. Connected payment card systems and methods
US10171439B2 (en) * 2015-09-24 2019-01-01 International Business Machines Corporation Owner based device authentication and authorization for network access
US9825938B2 (en) 2015-10-13 2017-11-21 Cloudpath Networks, Inc. System and method for managing certificate based secure network access with a certificate having a buffer period prior to expiration
US9967244B2 (en) 2015-10-14 2018-05-08 Microsoft Technology Licensing, Llc Multi-factor user authentication framework using asymmetric key
US20170109741A1 (en) * 2015-10-16 2017-04-20 Bank Of America Corporation Tokenization of Financial Account Information for Use in Transactions
US9942223B2 (en) * 2015-11-25 2018-04-10 Microsoft Technology Licensing, Llc. Automated device discovery of pairing-eligible devices for authentication
US10333915B2 (en) * 2015-12-11 2019-06-25 Oath Inc. Customization of user account authentication
CN106878970B (en) * 2015-12-14 2020-05-05 阿里巴巴集团控股有限公司 Method and device for identifying service request for changing mobile phone number
KR101739098B1 (en) * 2015-12-28 2017-05-24 주식회사 피노텍 Certification system and method using electronic signature in plural terminals
US10231128B1 (en) 2016-02-08 2019-03-12 Microstrategy Incorporated Proximity-based device access
US10855664B1 (en) 2016-02-08 2020-12-01 Microstrategy Incorporated Proximity-based logical access
KR102483836B1 (en) * 2016-02-19 2023-01-03 삼성전자주식회사 Electronic apparatus and operating method thereof
US10305885B2 (en) * 2016-03-03 2019-05-28 Blackberry Limited Accessing enterprise resources using provisioned certificates
US20170300673A1 (en) * 2016-04-19 2017-10-19 Brillio LLC Information apparatus and method for authorizing user of augment reality apparatus
EP3244360A1 (en) * 2016-05-12 2017-11-15 Skidata Ag Method for registration of equipment, in particular for access control devices or payment or vending machines in a server of a system comprising several such devices
CN106411837A (en) * 2016-05-30 2017-02-15 深圳市永兴元科技有限公司 Privilege management method and apparatus
US11615402B1 (en) 2016-07-01 2023-03-28 Wells Fargo Bank, N.A. Access control tower
US11386223B1 (en) 2016-07-01 2022-07-12 Wells Fargo Bank, N.A. Access control tower
US11935020B1 (en) 2016-07-01 2024-03-19 Wells Fargo Bank, N.A. Control tower for prospective transactions
US11886611B1 (en) 2016-07-01 2024-01-30 Wells Fargo Bank, N.A. Control tower for virtual rewards currency
US10992679B1 (en) 2016-07-01 2021-04-27 Wells Fargo Bank, N.A. Access control tower
WO2018045475A1 (en) * 2016-09-12 2018-03-15 Nanoport Technology Inc. Secure indirect access provisioning of off-line unpowered devices by centralized authority
WO2018083604A1 (en) * 2016-11-01 2018-05-11 Entersekt International Limited Verifying an association between a communication device and a user
CN107223328A (en) * 2017-04-12 2017-09-29 福建联迪商用设备有限公司 A kind of method and system of Root authority management and control
US10657242B1 (en) 2017-04-17 2020-05-19 Microstrategy Incorporated Proximity-based access
US11140157B1 (en) 2017-04-17 2021-10-05 Microstrategy Incorporated Proximity-based access
US10771458B1 (en) 2017-04-17 2020-09-08 MicoStrategy Incorporated Proximity-based user authentication
US11556936B1 (en) 2017-04-25 2023-01-17 Wells Fargo Bank, N.A. System and method for card control
WO2018207174A1 (en) * 2017-05-07 2018-11-15 Shay Rapaport Method and system for sharing a network enabled entity
US10089801B1 (en) 2017-05-15 2018-10-02 Amazon Technologies, Inc. Universal access control device
CN109039987A (en) * 2017-06-08 2018-12-18 北京京东尚科信息技术有限公司 A kind of user account login method, device, electronic equipment and storage medium
US10574662B2 (en) 2017-06-20 2020-02-25 Bank Of America Corporation System for authentication of a user based on multi-factor passively acquired data
US10360733B2 (en) 2017-06-20 2019-07-23 Bank Of America Corporation System controlled augmented resource facility
US11062388B1 (en) * 2017-07-06 2021-07-13 Wells Fargo Bank, N.A Data control tower
WO2019017883A1 (en) * 2017-07-17 2019-01-24 Hewlett-Packard Development Company, L.P Authentication of entitlement certificates
US10541977B2 (en) * 2017-07-25 2020-01-21 Pacesetter, Inc. Utilizing signed credentials for secure communication with an implantable medical device
US10491595B2 (en) * 2017-07-31 2019-11-26 Airwatch, Llc Systems and methods for controlling email access
US10491596B2 (en) 2017-07-31 2019-11-26 Vmware, Inc. Systems and methods for controlling email access
US10673831B2 (en) * 2017-08-11 2020-06-02 Mastercard International Incorporated Systems and methods for automating security controls between computer networks
US10498538B2 (en) * 2017-09-25 2019-12-03 Amazon Technologies, Inc. Time-bound secure access
US11368451B2 (en) * 2017-10-19 2022-06-21 Google Llc Two-factor authentication systems and methods
US11188887B1 (en) 2017-11-20 2021-11-30 Wells Fargo Bank, N.A. Systems and methods for payment information access management
US20190278903A1 (en) * 2018-03-06 2019-09-12 GM Global Technology Operations LLC Vehicle control module security credential replacement
US10917790B2 (en) * 2018-06-01 2021-02-09 Apple Inc. Server trust evaluation based authentication
US11251956B2 (en) * 2018-07-02 2022-02-15 Avaya Inc. Federated blockchain identity model and secure personally identifiable information data transmission model for RCS
US11695783B2 (en) * 2018-08-13 2023-07-04 Ares Technologies, Inc. Systems, devices, and methods for determining a confidence level associated with a device using heuristics of trust
US11824882B2 (en) * 2018-08-13 2023-11-21 Ares Technologies, Inc. Systems, devices, and methods for determining a confidence level associated with a device using heuristics of trust
US10733473B2 (en) 2018-09-20 2020-08-04 Uber Technologies Inc. Object verification for a network-based service
US10999299B2 (en) 2018-10-09 2021-05-04 Uber Technologies, Inc. Location-spoofing detection system for a network service
CN109492376B (en) * 2018-11-07 2021-11-12 浙江齐治科技股份有限公司 Device access authority control method and device and bastion machine
US11489833B2 (en) * 2019-01-31 2022-11-01 Slack Technologies, Llc Methods, systems, and apparatuses for improved multi-factor authentication in a multi-app communication system
CN113508379B (en) * 2019-03-04 2024-02-20 日立数据管理有限公司 Systems, methods, and media for multi-way trust formation in a distributed system
US11431694B2 (en) * 2019-07-10 2022-08-30 Advanced New Technologies Co., Ltd. Secure account modification
US11700121B2 (en) * 2019-09-13 2023-07-11 Amazon Technologies, Inc. Secure authorization for sensitive information
US20210141888A1 (en) * 2019-11-12 2021-05-13 Richard Philip Hires Apparatus, System and Method for Authenticating a User
US11640453B2 (en) 2019-12-30 2023-05-02 Motorola Mobility Llc User authentication facilitated by an additional device
US11284264B2 (en) * 2019-12-30 2022-03-22 Motorola Mobility Llc Shareable device use based on user identifiable information
US11019191B1 (en) 2019-12-30 2021-05-25 Motorola Mobility Llc Claim a shareable device for personalized interactive session
US11140239B2 (en) 2019-12-30 2021-10-05 Motorola Mobility Llc End a shareable device interactive session based on user intent
US11770374B1 (en) 2019-12-31 2023-09-26 Cigna Intellectual Property, Inc. Computer user credentialing and verification system
US10992606B1 (en) 2020-09-04 2021-04-27 Wells Fargo Bank, N.A. Synchronous interfacing with unaffiliated networked systems to alter functionality of sets of electronic assets
US11546443B2 (en) * 2020-09-11 2023-01-03 Microsoft Technology Licensing, Llc Connected focus time experience that spans multiple devices
US11575692B2 (en) 2020-12-04 2023-02-07 Microsoft Technology Licensing, Llc Identity spray attack detection with adaptive classification
US20220209952A1 (en) * 2020-12-29 2022-06-30 Visa International Service Association Method and system for token transfer
US20220217136A1 (en) * 2021-01-04 2022-07-07 Bank Of America Corporation Identity verification through multisystem cooperation
US11546338B1 (en) 2021-01-05 2023-01-03 Wells Fargo Bank, N.A. Digital account controls portal and protocols for federated and non-federated systems and devices
CN113269560A (en) * 2021-05-14 2021-08-17 河北幸福消费金融股份有限公司 Identity authentication method, method for enhancing transaction security, and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6510236B1 (en) * 1998-12-11 2003-01-21 International Business Machines Corporation Authentication framework for managing authentication requests from multiple authentication devices
JP2005323070A (en) * 2004-05-07 2005-11-17 Nippon Telegr & Teleph Corp <Ntt> Authentication method for home information appliance by portable telephone
US20060070125A1 (en) * 2001-02-14 2006-03-30 Pritchard James B Two-factor computer password client device, system, and method
US7373515B2 (en) * 2001-10-09 2008-05-13 Wireless Key Identification Systems, Inc. Multi-factor authentication system

Family Cites Families (39)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH10260939A (en) * 1997-03-19 1998-09-29 Fujitsu Ltd Client machine authentication method of computer network, client machine, host machine and computer system
US8060389B2 (en) * 2000-06-07 2011-11-15 Apple Inc. System and method for anonymous location based services
US7181507B1 (en) * 2000-07-18 2007-02-20 Harrow Products Llc Internet based access point management system
US20020112186A1 (en) * 2001-02-15 2002-08-15 Tobias Ford Authentication and authorization for access to remote production devices
US7225256B2 (en) * 2001-11-30 2007-05-29 Oracle International Corporation Impersonation in an access system
US20030233580A1 (en) * 2002-05-29 2003-12-18 Keeler James D. Authorization and authentication of user access to a distributed network communication system with roaming features
US7322043B2 (en) * 2002-06-20 2008-01-22 Hewlett-Packard Development Company, L.P. Allowing an electronic device accessing a service to be authenticated
US7606560B2 (en) 2002-08-08 2009-10-20 Fujitsu Limited Authentication services using mobile device
US7574731B2 (en) * 2002-10-08 2009-08-11 Koolspan, Inc. Self-managed network access using localized access management
US7546276B2 (en) 2006-01-23 2009-06-09 Randle William M Common authentication service for network connected applications, devices, users, and web services
US7703128B2 (en) * 2003-02-13 2010-04-20 Microsoft Corporation Digital identity management
JP2004258847A (en) * 2003-02-25 2004-09-16 Tech Res & Dev Inst Of Japan Def Agency Terminal monitoring and control device, terminal monitoring and control method and terminal monitoring and control program
EP1503352A1 (en) * 2003-07-31 2005-02-02 Matsushita Electric Industrial Co., Ltd. Portable device, IC module, IC card, and method for using services
CN100437551C (en) 2003-10-28 2008-11-26 联想(新加坡)私人有限公司 Method and apparatus of automatically accessing by using multiple user's equipments
CA2551113C (en) * 2003-12-23 2011-11-01 Wachovia Corporation Authentication system for networked computer applications
US7272728B2 (en) * 2004-06-14 2007-09-18 Iovation, Inc. Network security and fraud detection system and method
US7900253B2 (en) * 2005-03-08 2011-03-01 Xceedid Corporation Systems and methods for authorization credential emulation
GB2424726A (en) * 2005-03-31 2006-10-04 Hewlett Packard Development Co Management of computer based assets
US7706778B2 (en) * 2005-04-05 2010-04-27 Assa Abloy Ab System and method for remotely assigning and revoking access credentials using a near field communication equipped mobile phone
US7350074B2 (en) * 2005-04-20 2008-03-25 Microsoft Corporation Peer-to-peer authentication and authorization
US8028329B2 (en) * 2005-06-13 2011-09-27 Iamsecureonline, Inc. Proxy authentication network
JP2007004605A (en) 2005-06-24 2007-01-11 Brother Ind Ltd Communication system, client, server, and program
US7748031B2 (en) * 2005-07-08 2010-06-29 Sandisk Corporation Mass storage device with automated credentials loading
EP1972091A1 (en) 2005-08-03 2008-09-24 Intercomputer Corporation System and method for user identification and authentication
WO2007015253A2 (en) * 2005-08-03 2007-02-08 Aladdin Knowledge Systems Ltd. Two-factor authentication employing a user's ip address
US20070107050A1 (en) 2005-11-07 2007-05-10 Jexp, Inc. Simple two-factor authentication
US20070136472A1 (en) * 2005-12-12 2007-06-14 Ip3 Networks Systems and methods for requesting protocol in a network using natural language messaging
US20070136471A1 (en) * 2005-12-12 2007-06-14 Ip3 Networks Systems and methods for negotiating and enforcing access to network resources
EP1997066A4 (en) 2006-02-06 2011-05-25 Yt Acquisition Corp Method and system for providing online authentication utilizing biometric data
US20070220594A1 (en) 2006-03-04 2007-09-20 Tulsyan Surendra K Software based Dynamic Key Generator for Multifactor Authentication
US7552467B2 (en) * 2006-04-24 2009-06-23 Jeffrey Dean Lindsay Security systems for protecting an asset
US8458775B2 (en) * 2006-08-11 2013-06-04 Microsoft Corporation Multiuser web service sign-in client side components
US7983249B2 (en) * 2007-01-23 2011-07-19 Oracle America, Inc. Enterprise web service data to mobile device synchronization
US8856890B2 (en) * 2007-02-09 2014-10-07 Alcatel Lucent System and method of network access security policy management by user and device
US20090143104A1 (en) * 2007-09-21 2009-06-04 Michael Loh Wireless smart card and integrated personal area network, near field communication and contactless payment system
US8966594B2 (en) * 2008-02-04 2015-02-24 Red Hat, Inc. Proxy authentication
US20090228962A1 (en) * 2008-03-06 2009-09-10 Sharp Laboratories Of America, Inc. Access control and access tracking for remote front panel
US9705878B2 (en) * 2008-04-04 2017-07-11 International Business Machines Corporation Handling expired passwords
US8583781B2 (en) * 2009-01-28 2013-11-12 Headwater Partners I Llc Simplified service network architecture

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6510236B1 (en) * 1998-12-11 2003-01-21 International Business Machines Corporation Authentication framework for managing authentication requests from multiple authentication devices
US20060070125A1 (en) * 2001-02-14 2006-03-30 Pritchard James B Two-factor computer password client device, system, and method
US7373515B2 (en) * 2001-10-09 2008-05-13 Wireless Key Identification Systems, Inc. Multi-factor authentication system
JP2005323070A (en) * 2004-05-07 2005-11-17 Nippon Telegr & Teleph Corp <Ntt> Authentication method for home information appliance by portable telephone

Also Published As

Publication number Publication date
US20110247055A1 (en) 2011-10-06
WO2009148746A2 (en) 2009-12-10
EP2283669A4 (en) 2014-09-24
CN102047709B (en) 2013-10-30
US8800003B2 (en) 2014-08-05
EP2283669B1 (en) 2020-03-04
US20090300744A1 (en) 2009-12-03
JP5038531B2 (en) 2012-10-03
CN102047709A (en) 2011-05-04
KR101534890B1 (en) 2015-07-07
EP2283669A2 (en) 2011-02-16
US7979899B2 (en) 2011-07-12
JP2011522327A (en) 2011-07-28
KR20110020783A (en) 2011-03-03

Similar Documents

Publication Publication Date Title
WO2009148746A3 (en) Trusted device-specific authentication
WO2013151851A3 (en) Secure authentication in a multi-party system
WO2015023341A3 (en) Secure authorization systems and methods
WO2006118829A3 (en) Preventing fraudulent internet account access
TW200638723A (en) Peer-to-peer authentication and authorization
Lim et al. Security issues and future challenges of cloud service authentication
WO2010085393A3 (en) Passive security enforcement
WO2013106688A3 (en) Authenticating cloud computing enabling secure services
WO2005083610A8 (en) Token authentication system and method
MX2009008450A (en) Authorizing secure resources.
WO2009151730A3 (en) Authentication for distributed secure content management system
NO20080532L (en) Distributed simple log-on service
WO2004027588A3 (en) Certificate based authorized domains
WO2010060704A3 (en) Method and system for token-based authentication
WO2006017757A3 (en) Enhanced security using service provider authentication
WO2010048097A3 (en) User authentication management
WO2007143312A8 (en) Proactive credential distribution
MX2011012671A (en) Trusted integrity manager (tim).
WO2007092080A3 (en) Authenticating mobile network provider equipment
MX345061B (en) Method, one or more computer-readable non-transitory storage media and a device, in particular relating to computing resources and/or mobile-device-based trust computing.
WO2008024135A3 (en) Method to verify the integrity of components on a trusted platform using integrity database services
KR20060063348A (en) Method for controlling internet access using authentication assertion
WO2011142971A3 (en) One time passwords with ipsec and ike version 1 authentication
Oh et al. The security limitations of sso in openid
KR101679771B1 (en) Method, device, and system for identity authentication

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200980121256.5

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09758909

Country of ref document: EP

Kind code of ref document: A2

WWE Wipo information: entry into national phase

Ref document number: 2009758909

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2011511684

Country of ref document: JP

Ref document number: 7426/CHENP/2010

Country of ref document: IN

ENP Entry into the national phase

Ref document number: 20107026460

Country of ref document: KR

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE