-
公开(公告)号:US11677755B1
公开(公告)日:2023-06-13
申请号:US17739884
申请日:2022-05-09
CPC分类号: H04L63/126 , G06F21/57 , H04L63/08 , G06F2221/2115
摘要: The system and method disclosed performs entity authentication through identification proofing. A relying party such as a corporation or other type of entity having a secure website, computer network and secure facility working a risk engine can determine the authenticity, validation and verification during registration of a user entity. The identification proofing is integrated with a risk engine. The risk engine is capable of using bio-behavior based information which may be continuously monitored.
-
公开(公告)号:US10567385B2
公开(公告)日:2020-02-18
申请号:US15934640
申请日:2018-03-23
摘要: The provisioning of a security token object to a user is disclosed. The security token object is used for accessing a computing resource through a client device, such as a mobile device. A security token object provisioning request may be received from the mobile device. In response, an authentication request may be transmitted. The user is authenticated against a user identity based upon a set of received identity credentials provided by the user. The extraction of a unique token identifier from the security token object is initiated, and completed without intervention from the user. The unique token identifier received from the client device is associated with the user identity in a data store. By providing the security token object, the user can gain access to the computing resource.
-
公开(公告)号:US20180167222A1
公开(公告)日:2018-06-14
申请号:US15882066
申请日:2018-01-29
CPC分类号: H04L9/3268 , H04L9/14 , H04L9/30 , H04L9/3252 , H04L9/3263 , H04L9/3271 , H04L9/3297 , H04L63/06 , H04L63/0823 , H04L2209/56 , H04L2209/805
摘要: Methods for managing digital certificates, including issuance, validation, and revocation are disclosed. Various embodiments involve querying a directory service with entries that correspond to a particular client identity and have attributes including certificate issuance limits and certificate validity time values. The validity time values are adjustable to revoke selectively the certificates based upon time intervals set forth in validity identifiers included therein.
-
公开(公告)号:US20180091499A1
公开(公告)日:2018-03-29
申请号:US15676689
申请日:2017-08-14
CPC分类号: H04L63/0823 , G06F21/33 , G06F21/41 , H04L9/321 , H04L9/3228 , H04L9/3265 , H04L9/3268 , H04L63/0846
摘要: A CAC/PIV certificate associated with a HSPD-12 identity is used to generate a derived credential for storage on a device, such as a mobile device, that lacks a CAC/PIV card reader. The derived credential (which is distinct from the original CAC/PIV certificate) may then be used to grant the device access to secure resources that may otherwise require a CAC/PIV certificate. Embodiments of the present disclosure also relate to systems and methods for authenticating or validating a derived credential stored on a mobile device.
-
公开(公告)号:US09660974B2
公开(公告)日:2017-05-23
申请号:US14621821
申请日:2015-02-13
CPC分类号: H04L63/0815 , G06F21/64 , H04L63/0807 , H04L63/0838 , H04L63/0876 , H04L67/02 , H04L67/10 , H04L67/125 , H04L67/2814 , H04L2463/082
摘要: A device fingerprinting system provides an additional factor of authentication. A user device may be redirected, along with user ID parameters, to authentication system. The user device may be sent instructions to execute that collect and send back device characteristic information to the authentication system. The authentication can create a unique fingerprint of the device, and determine if the fingerprint has been seen before. If seen before, the authentication system may send back an authentication token indicating the additional factor of authentication was a success. If the fingerprint has not been seen previously, the authentication system may conduct a one-time password authentication as the additional factor. If successful, the fingerprint may be stored in association with the user device for future authentication as an additional factor.
-
公开(公告)号:US09369457B2
公开(公告)日:2016-06-14
申请号:US14316657
申请日:2014-06-26
CPC分类号: H04L63/0815 , G06F17/30876 , G06F21/31 , G06F21/41 , H04L63/08 , H04L63/0823 , H04L63/083 , H04L63/0853 , H04L63/168 , H04L2463/082 , H04W12/06
摘要: Features are disclosed for authentication of mobile device applications using a native, independent browser using a single-sign-on system. An authentication module within the mobile application can direct the mobile device's native browser to a URL to initiate authentication with an authentication appliance. The mobile browser can receive and store a browser-accessible token to indicate previous authentication performed by the user. The mobile application can receive from the application appliance and store a client application ID token that may be presented to network services for access. A second mobile device application may direct the same browser to the authentication appliance. The authentication appliance may inspect the persistent browser-accessible token and issue a second client application ID identity to the second application without collecting additional authentication information, or collecting additional authentication information that is different from the first authentication information.
摘要翻译: 公开了使用使用单点登录系统的本机独立浏览器对移动设备应用进行认证的功能。 移动应用程序内的身份验证模块可以将移动设备的本机浏览器引导到URL,以启动身份验证设备的身份验证。 移动浏览器可以接收和存储浏览器可访问令牌,以指示用户执行的先前身份验证。 移动应用程序可以从应用程序设备接收并存储可以呈现给网络服务以进行访问的客户端应用程序ID令牌。 第二移动设备应用可以将相同的浏览器引导到认证设备。 验证设备可以检查永久性浏览器可访问令牌,并向第二应用发出第二客户端应用ID身份,而不收集附加认证信息,或者收集与第一认证信息不同的附加认证信息。
-
公开(公告)号:US08812838B2
公开(公告)日:2014-08-19
申请号:US13919337
申请日:2013-06-17
CPC分类号: H04L63/0823 , H04L9/3263 , H04L9/3268 , H04L63/12 , H04L63/123 , H04L2209/56 , H04L2209/80
摘要: A valid duration period for a digital certificate is established by a process that includes assigning numeric values to certificate term. The numeric value assigned to each certificate term is representative of the valid duration period. The method continues by identifying one certificate term, which may include requesting a user to select a certificate term. The method may include transmitting the requested certificate term to a server. The certificate term requested is sent via a certificate request. The server is configured to convert the numeric value associated with the requested certificate term into a duration counter value. The method may also include a certificate server receiving from the server, the certificate request including the duration counter value. The method may conclude with transmitting the signed certificate request to a client device capable of generating the digital certificate with the requested certificate term.
摘要翻译: 通过包括将数值分配给证书期限的过程建立数字证书的有效持续时间。 分配给每个证书条款的数值代表有效的持续时间。 该方法继续通过识别一个证书项,其可以包括请求用户选择证书项。 该方法可以包括将所请求的证书项发送到服务器。 所要求的证书字段通过证书请求发送。 服务器被配置为将与请求的证书项相关联的数值转换为持续时间计数器值。 该方法还可以包括从服务器接收的证书服务器,证书请求包括持续时间计数器值。 该方法可以将签名的证书请求发送到能够用所请求的证书项生成数字证书的客户端设备。
-
公开(公告)号:US08700901B2
公开(公告)日:2014-04-15
申请号:US13692841
申请日:2012-12-03
发明人: Craig Lund , Garret F. Grajek , Stephen Moore , Mark V. Lambiase
CPC分类号: H04L9/3273 , H04L9/0643 , H04L9/3239 , H04L9/3263 , H04L63/0823 , H04L63/0869 , H04L63/166
摘要: A method and system for mutually authenticating an identity and a server is provided in accordance with an aspect of the present invention. The method commences with transmitting a token from the server. Thereafter, the method continues with establishing a secure data transfer link. A server certificate is transmitted during the establishment of the secure data transfer link. The method continues with transmitting a response packet to the server, which is validated thereby upon receipt. The system includes an authentication module that initiates the secure data transfer link and transmits the response packet, and a server authentication module that transmits the token and validates the response packet.
摘要翻译: 根据本发明的一个方面提供一种用于相互认证身份和服务器的方法和系统。 该方法从服务器发送令牌开始。 此后,该方法继续建立安全数据传输链路。 在建立安全数据传输链路期间发送服务器证书。 该方法继续向服务器发送响应分组,由此在接收到该响应分组时被验证。 该系统包括启动安全数据传输链路并发送响应分组的认证模块,以及发送令牌并验证响应分组的服务器认证模块。
-
公开(公告)号:US20130067219A1
公开(公告)日:2013-03-14
申请号:US13663304
申请日:2012-10-29
发明人: Garret Grajek , Stephen Moore , Mark Lambiase , Craig Lund
IPC分类号: G06F21/00
CPC分类号: H04L63/0823 , H04L9/3263 , H04L9/3268 , H04L63/12 , H04L63/123 , H04L2209/56 , H04L2209/80
摘要: A valid duration period for a digital certificate is established by a process that includes assigning numeric values to certificate term. The numeric value assigned to each certificate term is representative of the valid duration period. The method continues by identifying one certificate term, which may include requesting a user to select a certificate term. The method may include transmitting the requested certificate term to a server. The certificate term requested is sent via a certificate request. The server is configured to convert the numeric value associated with the requested certificate term into a duration counter value. The method may also include a certificate server receiving from the server, the certificate request including the duration counter value. The method may conclude with transmitting the signed certificate request to a client device capable of generating the digital certificate with the requested certificate term
摘要翻译: 通过包括将数值分配给证书期限的过程建立数字证书的有效持续时间。 分配给每个证书条款的数值代表有效的持续时间。 该方法继续通过识别一个证书项,其可以包括请求用户选择证书项。 该方法可以包括将所请求的证书项发送到服务器。 所要求的证书字段通过证书请求发送。 服务器被配置为将与请求的证书项相关联的数值转换为持续时间计数器值。 该方法还可以包括从服务器接收的证书服务器,证书请求包括持续时间计数器值。 该方法可以将签名的证书请求发送到能够用所请求的证书项生成数字证书的客户端设备
-
10.发明授权公开(公告)号:US12086808B1
公开(公告)日:2024-09-10
申请号:US17952864
申请日:2022-09-26
IPC分类号: G06Q20/40 , G06Q20/42 , H04L9/40 , H04L67/306 , H04L67/50
CPC分类号: G06Q20/4016 , G06Q20/425 , H04L63/0869 , H04L63/0892 , H04L63/18 , H04L67/306 , H04L67/535 , H04L63/0861
摘要: Aspects of the disclosure provide techniques for using behavior based information for providing and restricting access to a secure website, or computer network and its assets to a user. Components of the system may include the following. Client remote computing device, network and browser unique attribute data collection and fingerprinting. Method for capturing user habits and fingerprinting with ability to detect abnormalities through AIML using mobile and wearable device applications. System for detection of normality of user behavior based on habits, and cyber transactions, device access and determining a confidence score associated with each transaction. Method for calculating individual transaction risk based on contextual factors such as user behavior, device, browser and the network traffic and request for authentication by account owner when risk greater than allowed threshold. Method and system to identify user device, browser, and behavior unique attributes, storing and later matching to infer change upon consequent transactions and measuring transaction risk through a search and match against classified set of static and dynamic attributes using a user, browser traffic, device search and match engine.
-
-
-
-
-
-
-
-
-
搜索结果
63 条记录 (耗时 0.025 秒)
