公开(公告)号：US09762566B2

公开(公告)日：2017-09-12

申请号：US15419447

申请日：2017-01-30

Applicant: Intel Corporation

Inventor： Micah Sheller ,  Conor Cahill ,  Jason Martin ,  Brandon Baker

IPC: G06F7/04 ,  H04L29/06 ,  G06F15/16

CPC classification number: H04L63/08 ,  G06F21/31 ,  G06F21/57 ,  G06F2221/2101 ,  G06F2221/2113 ,  G06F2221/2137 ,  G06F2221/2151

Abstract: Technologies are provided in embodiments to manage an authentication confirmation score. Embodiments are configured to identify, in absolute session time, a beginning time and an ending time of an interval of an active user session on a client. Embodiments are also configured to determine a first value representing a first subset of a set of prior user sessions, where the prior user sessions of the first subset were active for at least as long as the beginning time. Embodiments can also determine a second value representing a second subset of the set of prior user sessions, where the prior user sessions of the second subset were active for at least as long as the ending time. Embodiments also determine, based on the first and second values, a decay rate for the authentication confidence score of the active user session. In some embodiments, the set is based on context attributes.

公开(公告)号：US09705869B2

公开(公告)日：2017-07-11

申请号：US14129443

申请日：2013-06-27

Applicant: INTEL CORPORATION

Inventor： Ned M. Smith ,  Conor Cahill

IPC: H04L29/06 ,  G06F21/31 ,  G06F21/33 ,  G06F21/40

CPC classification number: H04L63/0807 ,  G06F21/31 ,  G06F21/316 ,  G06F21/335 ,  G06F21/40 ,  G06F2221/2101 ,  G06F2221/2141 ,  H04L63/0823 ,  H04L63/12

Abstract: Technologies for continuously authenticating a user via multiple authentication factors include a computing device for generating a continuous authentication assertion indicating that continuous authentication of a user is being monitored, sending the continuous authentication assertion to a key distribution center server, and requesting and receiving an initial ticket from the key distribution center server. Such technologies may also include requesting a service ticket from the key distribution center server for accessing a service provider server, receiving a service ticket from the key distribution center server including the continuous authentication assertion, requesting access to the service provider server with the service ticket including the continuous authentication assertion, and accessing the service provider server in response to the continuous authentication assertion being verified.

公开(公告)号：US20170142089A1

公开(公告)日：2017-05-18

申请号：US15419447

申请日：2017-01-30

Applicant: Intel Corporation

Inventor： Micah Sheller ,  Conor Cahill ,  Jason Martin ,  Brandon Baker

IPC: H04L29/06

CPC classification number: H04L63/08 ,  G06F21/31 ,  G06F21/57 ,  G06F2221/2101 ,  G06F2221/2113 ,  G06F2221/2137 ,  G06F2221/2151

Abstract: Technologies are provided in embodiments to manage an authentication confirmation score. Embodiments are configured to identify, in absolute session time, a beginning time and an ending time of an interval of an active user session on a client. Embodiments are also configured to determine a first value representing a first subset of a set of prior user sessions, where the prior user sessions of the first subset were active for at least as long as the beginning time. Embodiments can also determine a second value representing a second subset of the set of prior user sessions, where the prior user sessions of the second subset were active for at least as long as the ending time. Embodiments also determine, based on the first and second values, a decay rate for the authentication confidence score of the active user session. In some embodiments, the set is based on context attributes.

公开(公告)号：US20170374055A1

公开(公告)日：2017-12-28

申请号：US15644891

申请日：2017-07-10

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Conor Cahill

IPC: H04L29/06 ,  G06F21/40 ,  G06F21/33 ,  G06F21/31

CPC classification number: H04L63/0807 ,  G06F21/31 ,  G06F21/316 ,  G06F21/335 ,  G06F21/40 ,  G06F2221/2101 ,  G06F2221/2141 ,  H04L63/0823 ,  H04L63/12

Abstract: Technologies for continuously authenticating a user via multiple authentication factors include a computing device for generating a continuous authentication assertion indicating that continuous authentication of a user is being monitored, sending the continuous authentication assertion to a key distribution center server, and requesting and receiving an initial ticket from the key distribution center server. Such technologies may also include requesting a service ticket from the key distribution center server for accessing a service provider server, receiving a service ticket from the key distribution center server including the continuous authentication assertion, requesting access to the service provider server with the service ticket including the continuous authentication assertion, and accessing the service provider server in response to the continuous authentication assertion being verified.

公开(公告)号：US20160173490A1

公开(公告)日：2016-06-16

申请号：US15052134

申请日：2016-02-24

Applicant: Intel Corporation

Inventor： Vinay Phegade ,  Conor Cahill ,  Sanjay Bakshi

IPC: H04L29/06

CPC classification number: H04L63/0823 ,  G06F3/0481 ,  G06F21/33 ,  G06F21/42 ,  G06F21/84 ,  G06Q20/382 ,  G06Q20/401 ,  H04L63/08 ,  H04L63/083 ,  H04L63/126 ,  H04L67/14

Abstract: In one embodiment a controller comprises logic configured to define, for display on a region of a display device coupled to the controller, a dialog box, lock the dialog box such that input/output operations conducted in the dialog box are visible to the secure controller and are not visible to an untrusted execution complex communicatively coupled to the secure controller, receive one or more authentication credentials based on a user input to the dialog box, and use the one or more authentication credentials to establish a secure communication session with a remote service. Other embodiments may be described.

Abstract translation: 在一个实施例中，控制器包括被配置为定义用于在耦合到控制器的显示设备的区域上显示对话框的逻辑，锁定对话框，使得在对话框中执行的输入/输出操作对于安全控制器是可见的 并且对通信地耦合到安全控制器的不受信任的执行复合体是不可见的，基于对对话框的用户输入来接收一个或多个认证证书，并且使用一个或多个认证凭证与远程服务建立安全通信会话 。 可以描述其他实施例。

公开(公告)号：US10091184B2

公开(公告)日：2018-10-02

申请号：US15644891

申请日：2017-07-10

Applicant: Intel Corporation

Inventor： Ned M. Smith ,  Conor Cahill

IPC: H04L29/06 ,  G06F21/31 ,  G06F21/40 ,  G06F21/33

Abstract: Technologies for continuously authenticating a user via multiple authentication factors include a computing device for generating a continuous authentication assertion indicating that continuous authentication of a user is being monitored, sending the continuous authentication assertion to a key distribution center server, and requesting and receiving an initial ticket from the key distribution center server. Such technologies may also include requesting a service ticket from the key distribution center server for accessing a service provider server, receiving a service ticket from the key distribution center server including the continuous authentication assertion, requesting access to the service provider server with the service ticket including the continuous authentication assertion, and accessing the service provider server in response to the continuous authentication assertion being verified.

公开(公告)号：US09923886B2

公开(公告)日：2018-03-20

申请号：US15052134

申请日：2016-02-24

Applicant: Intel Corporation

Inventor： Vinay Phegade ,  Conor Cahill ,  Sanjay Bakshi

IPC: H04L29/06 ,  G06Q20/38 ,  G06Q20/40 ,  G06F21/42 ,  G06F3/0481 ,  G06F21/84 ,  G06F21/33 ,  H04L29/08

CPC classification number: H04L63/0823 ,  G06F3/0481 ,  G06F21/33 ,  G06F21/42 ,  G06F21/84 ,  G06Q20/382 ,  G06Q20/401 ,  H04L63/08 ,  H04L63/083 ,  H04L63/126 ,  H04L67/14

Abstract: In one embodiment a controller comprises logic configured to define, for display on a region of a display device coupled to the controller, a dialog box, lock the dialog box such that input/output operations conducted in the dialog box are visible to the secure controller and are not visible to an untrusted execution complex communicatively coupled to the secure controller, receive one or more authentication credentials based on a user input to the dialog box, and use the one or more authentication credentials to establish a secure communication session with a remote service. Other embodiments may be described.

公开(公告)号：US09590966B2

公开(公告)日：2017-03-07

申请号：US13840572

申请日：2013-03-15

Applicant: Intel Corporation

Inventor： Micah Sheller ,  Conor Cahill ,  Jason Martin ,  Brandon Baker

IPC: G06F7/04 ,  H04L29/06 ,  G06F21/31 ,  G06F21/57

CPC classification number: H04L63/08 ,  G06F21/31 ,  G06F21/57 ,  G06F2221/2101 ,  G06F2221/2113 ,  G06F2221/2137 ,  G06F2221/2151

Abstract: Technologies are provided in embodiments to manage an authentication confirmation score. Embodiments are configured to identify, in absolute session time, a beginning time and an ending time of an interval of an active user session on a client. Embodiments are also configured to determine a first value representing a first subset of a set of prior user sessions, where the prior user sessions of the first subset were active for at least as long as the beginning time. Embodiments can also determine a second value representing a second subset of the set of prior user sessions, where the prior user sessions of the second subset were active for at least as long as the ending time. Embodiments also determine, based on the first and second values, a decay rate for the authentication confidence score of the active user session. In some embodiments, the set is based on context attributes.

Abstract translation: 在实施例中提供技术来管理认证确认分数。 实施例被配置为在绝对会话时间中识别客户端上的活动用户会话的间隔的开始时间和结束时间。 实施例还被配置为确定表示一组先前用户会话的第一子集的第一值，其中第一子集的先前用户会话活动至少等于开始时间。 实施例还可以确定表示先前用户会话集合的第二子集的第二值，其中第二子集的先前用户会话活动至少等于结束时间。 实施例还基于第一和第二值确定活动用户会话的认证置信度得分的衰减率。 在一些实施例中，该集合基于上下文属性。

公开(公告)号：US09450931B2

公开(公告)日：2016-09-20

申请号：US13840572

申请日：2013-03-15

Applicant: Intel Corporation

Inventor： Micah Sheller ,  Conor Cahill ,  Jason Martin ,  Brandon Baker

IPC: G06F7/04 ,  H04L29/06 ,  G06F21/31 ,  G06F21/57

Abstract: Technologies are provided in embodiments to manage an authentication confirmation score. Embodiments are configured to identify, in absolute session time, a beginning time and an ending time of an interval of an active user session on a client. Embodiments are also configured to determine a first value representing a first subset of a set of prior user sessions, where the prior user sessions of the first subset were active for at least as long as the beginning time. Embodiments can also determine a second value representing a second subset of the set of prior user sessions, where the prior user sessions of the second subset were active for at least as long as the ending time. Embodiments also determine, based on the first and second values, a decay rate for the authentication confidence score of the active user session. In some embodiments, the set is based on context attributes.