公开(公告)号：US20170324731A1

公开(公告)日：2017-11-09

申请号：US15660523

申请日：2017-07-26

Applicant: Intel Corporation

Inventor： Hong Li ,  Suman Sharma ,  John B. Vicente ,  Luis A. Gimenez ,  Carlton D. Ashley ,  Navneet Malpani

IPC: H04L29/06 ,  G06F21/44 ,  G06F21/41 ,  H04L29/08

Abstract: Technologies for remote device authentication include a client computing device, an identity provider, and an application server in communication over a network. The identity provider sends an authentication challenge to the client. A capability proxy of the client intercepts an authentication challenge response and retrieves one or more security assertions from a secure environment of the client computing device. The capability proxy may be an embedded web server providing an HTTP interface to platform features of the client. The client sends a resource access token based on the security assertions to the identity provider. The identity provider verifies the resource access token and authenticates the client computing device based on the resource access token in addition to user authentication factors such as username and password. The identity provider sends an authentication response to the client, which forwards the authentication response to the application server. Other embodiments are described and claimed.

公开(公告)号：US09749310B2

公开(公告)日：2017-08-29

申请号：US14670955

申请日：2015-03-27

Applicant: Intel Corporation

Inventor： Hong Li ,  Suman Sharma ,  John B. Vicente ,  Luis A. Gimenez ,  Carlton D. Ashley ,  Navneet Malpani

IPC: G06F21/44 ,  G06F21/41 ,  H04L29/06 ,  H04L29/08

CPC classification number: H04L63/0815 ,  G06F21/41 ,  G06F21/44 ,  H04L63/10 ,  H04L67/02

Abstract: Technologies for remote device authentication include a client computing device, an identity provider, and an application server in communication over a network. The identity provider sends an authentication challenge to the client. A capability proxy of the client intercepts an authentication challenge response and retrieves one or more security assertions from a secure environment of the client computing device. The capability proxy may be an embedded web server providing an HTTP interface to platform features of the client. The client sends a resource access token based on the security assertions to the identity provider. The identity provider verifies the resource access token and authenticates the client computing device based on the resource access token in addition to user authentication factors such as username and password. The identity provider sends an authentication response to the client, which forwards the authentication response to the application server. Other embodiments are described and claimed.

公开(公告)号：US10462121B2

公开(公告)日：2019-10-29

申请号：US15660523

申请日：2017-07-26

Applicant: Intel Corporation

Inventor： Hong Li ,  Suman Sharma ,  John B. Vicente ,  Luis A. Gimenez ,  Carlton D. Ashley ,  Navneet Malpani

IPC: H04L29/06 ,  G06F21/44 ,  G06F21/41 ,  H04L29/08

Abstract: Technologies for remote device authentication include a client computing device, an identity provider, and an application server in communication over a network. The identity provider sends an authentication challenge to the client. A capability proxy of the client intercepts an authentication challenge response and retrieves one or more security assertions from a secure environment of the client computing device. The capability proxy may be an embedded web server providing an HTTP interface to platform features of the client. The client sends a resource access token based on the security assertions to the identity provider. The identity provider verifies the resource access token and authenticates the client computing device based on the resource access token in addition to user authentication factors such as username and password. The identity provider sends an authentication response to the client, which forwards the authentication response to the application server. Other embodiments are described and claimed.