公开(公告)号：US20160308858A1

公开(公告)日：2016-10-20

申请号：US14687737

申请日：2015-04-15

Applicant: Citrix Systems, Inc.

Inventor： Ola Nordstrom ,  Georgy Momchilov ,  Timothy Gaylor

IPC: H04L29/06 ,  H04L9/32 ,  G06F21/31

CPC classification number: H04L63/0846 ,  G06F21/31 ,  H04L9/3228 ,  H04L63/068 ,  H04L63/083

Abstract: Methods and systems for authenticating a client device using entropy provided by a server and/or a device paired with the client device are described herein. The system may generate static entropy and time-limited entropy based on data from the server and/or the paired device. The static and time-limited entropy may be used to authenticate the client device (application or a user of the client device) in addition to authentication credentials or entropy such as a PIN or password provided by the user. The time-limited entropy may have an expiration time. If the time-limited entropy is expired, the system may request the user to perform a hard authentication with the server, such as by providing a username, password, and/or optionally a two-factor authentication code, among other information.

Abstract translation: 这里描述了使用由服务器和/或与客户端设备配对的设备提供的熵来认证客户端设备的方法和系统。 该系统可以基于来自服务器和/或配对设备的数据产生静态熵和时间限制熵。 静态和时间有限的熵可以用于认证客户端设备（客户端设备的应用程序或用户）以及诸如由用户提供的PIN或密码的认证证书或熵。 时间有限的熵可能有一个到期时间。 如果时间有限的熵过期，则系统可以请求用户与服务器执行硬认证，例如通过提供用户名，密码和/或可选的双因素认证码等信息。