-
公开(公告)号:US08683563B1
公开(公告)日:2014-03-25
申请号:US13435616
申请日:2012-03-30
申请人: Marten van Dijk , Kevin D. Bowers , Samuel Curry , Sean P. Doyle , William M. Duane , Ari Juels , Michael J. O'Malley , Nikolaos Triandopoulos , Riaz Zolfonoon
发明人: Marten van Dijk , Kevin D. Bowers , Samuel Curry , Sean P. Doyle , William M. Duane , Ari Juels , Michael J. O'Malley , Nikolaos Triandopoulos , Riaz Zolfonoon
IPC分类号: G06F7/04
CPC分类号: H04L9/00 , G06F21/43 , G06F21/554 , G06F21/56 , H04L63/1433 , H04W12/06 , H04W12/12
摘要: An improved technique for assessing the security status of a device on which a soft token is run collects device posture information from the device running the soft token and initiates transmission of the device posture information to a server to be used in assessing whether the device has been subjected to malicious activity. The device posture information may relate to the software status, hardware status, and/or environmental context of the device. In some examples, the device posture information is transmitted to the server directly. In other examples, the device posture information is transmitted to the server via auxiliary bits embedded in passcodes displayed to the user, which the user may read and transfer to the server as part of authentication requests. The server may apply the device posture information in a number of areas, including, for example, authentication management, risk assessment, and/or security analytics.
摘要翻译: 用于评估其上运行软令牌的设备的安全状态的改进技术从运行软令牌的设备收集设备姿态信息,并且发起设备姿态信息传输到服务器以用于评估设备是否已经被 遭受恶意活动。 设备姿态信息可以涉及设备的软件状态,硬件状态和/或环境上下文。 在一些示例中,设备姿态信息被直接发送到服务器。 在其他示例中,设备姿态信息通过嵌入在显示给用户的密码中的辅助位发送到服务器,用户可以作为认证请求的一部分读取和传送到服务器。 服务器可以在多个区域中应用设备姿态信息,包括例如认证管理,风险评估和/或安全分析。
-
公开(公告)号:US08819769B1
公开(公告)日:2014-08-26
申请号:US13435606
申请日:2012-03-30
申请人: Marten van Dijk , Kevin D. Bowers , Samuel Curry , Sean P. Doyle , Eyal Kolman , Nikolaos Triandopoulos , Riaz Zolfonoon
发明人: Marten van Dijk , Kevin D. Bowers , Samuel Curry , Sean P. Doyle , Eyal Kolman , Nikolaos Triandopoulos , Riaz Zolfonoon
IPC分类号: H04L29/06
CPC分类号: H04L63/0876 , H04L67/303
摘要: An improved technique for managing access of a user of a computing machine to a remote network collects device posture information about the user's mobile device. The mobile device runs a soft token, and the collected posture information pertains to various aspects of the mobile device, such as the mobile device's hardware, software, environment, and/or users, for example. The server applies the collected device posture information along with token codes from the soft token in authenticating the user to the remote network.
摘要翻译: 用于管理计算机的用户对远程网络的访问的改进技术收集关于用户的移动设备的设备姿态信息。 移动设备运行软令牌,并且收集的姿态信息涉及例如移动设备的各个方面,例如移动设备的硬件,软件,环境和/或用户。 服务器将所收集的设备姿态信息以及来自软令牌的令牌代码应用于将用户认证到远程网络。
-
3.发明授权Providing authentication codes which include token codes and biometric factors 有权提供包括令牌代码和生物特征因子的认证码公开(公告)号:US08752146B1
公开(公告)日:2014-06-10
申请号:US13434280
申请日:2012-03-29
申请人: Marten van Dijk , Kevin D. Bowers , Samuel Curry , Sean P. Doyle , Nikolaos Triandopoulos , Riaz Zolfonoon
发明人: Marten van Dijk , Kevin D. Bowers , Samuel Curry , Sean P. Doyle , Nikolaos Triandopoulos , Riaz Zolfonoon
CPC分类号: H04L63/0861 , G06F21/32 , G06F21/43 , H04L9/3215 , H04L9/3228 , H04L9/3231 , H04L63/0838 , H04L63/18
摘要: A technique provides authentication codes to authenticate a user to an authentication server. The technique involves generating, by an electronic apparatus (e.g., a smart phone, a tablet, a laptop, etc.), token codes from a cryptographic key. The technique further involves obtaining biometric measurements from a user, and outputting composite passcodes as the authentication codes. The composite passcodes include the token codes and biometric factors based on the biometric measurements. Additionally, the token codes and the biometric factors of the composite passcodes operate as authentication inputs to user authentication operations performed by the authentication server. In some arrangements, the biometric factors are results of facial recognition (e.g., via a camera), voice recognition (e.g., via a microphone), gate recognition (e.g., via an accelerometer), touch recognition and/or typing recognition (e.g., via a touchscreen or keyboard), combinations thereof, etc.
摘要翻译: 一种技术提供认证码以将用户认证给认证服务器。 该技术涉及通过电子设备(例如,智能电话,平板电脑,笔记本电脑等)从加密密钥生成令牌代码。 该技术还涉及从用户获取生物测量,并输出复合密码作为认证码。 复合密码包括基于生物特征测量的令牌代码和生物特征因子。 此外,复合密码的令牌代码和生物特征因子作为认证服务器执行的用户认证操作的认证输入。 在一些布置中,生物特征因子是面部识别(例如,经由相机),语音识别(例如,经由麦克风),门识别(例如,经由加速度计),触摸识别和/或打字识别(例如, 通过触摸屏或键盘),其组合等
-
公开(公告)号:US08752156B1
公开(公告)日:2014-06-10
申请号:US13435848
申请日:2012-03-30
申请人: Marten van Dijk , Kevin D. Bowers , Samuel Curry , Sean P. Doyle , Nikolaos Triandopoulos , Riaz Zolfonoon
发明人: Marten van Dijk , Kevin D. Bowers , Samuel Curry , Sean P. Doyle , Nikolaos Triandopoulos , Riaz Zolfonoon
IPC分类号: H04L29/06
CPC分类号: H04W12/06 , H04L9/0869 , H04L9/3228 , H04W12/12
摘要: A technique for detecting unauthorized copies of a soft token that runs on a mobile device includes generating a set of random bits on the mobile device and providing samples of the set of random bits, as well as token codes from the soft token, for delivery to a server during authentication requests. The server acquires the set of random bits of the mobile device, or learns the set of random bits over the course of multiple login attempts. Thereafter, the server predicts values of the samples of the set of random bits and tests actual samples arriving in connection with subsequent authentication requests. Mismatches between predicted samples and received samples indicate discrepancies between the random bits of the device providing the samples and the random bits of the mobile device, and thus indicate unauthorized soft token copies.
摘要翻译: 用于检测在移动设备上运行的软令牌的未授权复制的技术包括在移动设备上生成一组随机比特,并提供该组随机比特的样本以及来自该软令牌的令牌代码,用于递送到 认证请求期间的服务器。 服务器获取移动设备的一组随机比特,或者在多次登录尝试过程中学习一组随机比特。 此后,服务器预测该组随机比特的样本的值并测试结合后续认证请求到达的实际样本。 预测样本和接收到的样本之间的不匹配指示提供样本的设备的随机比特与移动设备的随机比特之间的差异,并且因此指示未授权的软令牌副本。
-
公开(公告)号:US08875263B1
公开(公告)日:2014-10-28
申请号:US13434272
申请日:2012-03-29
申请人: Marten van Dijk , Kevin D. Bowers , John G. Brainard , Samuel Curry , Sean P. Doyle , Michael J. O'Malley , Nikolaos Triandopoulos
发明人: Marten van Dijk , Kevin D. Bowers , John G. Brainard , Samuel Curry , Sean P. Doyle , Michael J. O'Malley , Nikolaos Triandopoulos
CPC分类号: G06F21/31 , G06F21/34 , G06F21/42 , H04L9/3228 , H04L63/08 , H04L63/083 , H04L63/0846 , H04L63/0853 , H04L63/18
摘要: A technique controls a soft token running within an electronic apparatus. The technique involves providing an initial series of authentication codes based on a first set of machine states. The initial series of authentication codes is provided from the electronic apparatus to a server through a forward channel to authenticate a user. The technique further involves receiving a command from the server through a reverse channel between the electronic apparatus and the server. The reverse channel provides communications in a direction opposite to that of the forward channel. The technique further involves changing the first set of machine states to a second set of machine states in response to the command, and providing a new series of authentication codes based on the second set of machine states. The new series of authentication codes is provided from the electronic apparatus to the server through the forward channel for user authentication.
摘要翻译: 技术控制在电子设备内运行的软令牌。 该技术涉及提供基于第一组机器状态的初始系列认证码。 通过前向信道从电子设备向服务器提供初始系列认证码,以认证用户。 该技术还涉及通过电子设备和服务器之间的反向信道从服务器接收命令。 反向信道在与正向信道相反的方向上提供通信。 该技术还涉及响应于该命令将第一组机器状态改变到第二组机器状态,并且基于第二组机器状态提供新的一系列认证代码。 新的认证码系列通过前向信道从电子设备提供给服务器,用于用户认证。
-
公开(公告)号:US08683570B1
公开(公告)日:2014-03-25
申请号:US13435611
申请日:2012-03-30
CPC分类号: G06F21/35 , H04L63/0838 , H04L63/0853 , H04L63/1416
摘要: An improved technique provides scheduled data transfer between a mobile device and a server. The mobile device combines token codes generated by a soft token with sequences of auxiliary bits and displays the combinations to users as passcodes. Users may then copy the passcodes to their computers for authenticating to a server on a remote network. As the passcodes include both token codes and sequences of auxiliary bits, a communication channel is established whereby the auxiliary bits as well as the soft token codes are transmitted from the mobile device to the server.
摘要翻译: 改进的技术提供了移动设备和服务器之间的调度数据传输。 移动设备将由软令牌产生的令牌代码与辅助位序列组合,并将用户的组合显示为密码。 然后,用户可以将密码复制到其计算机,以便对远程网络上的服务器进行身份验证。 由于密码包括令牌码和辅助比特序列,所以建立通信信道,由此辅助比特以及软令牌码从移动设备发送到服务器。
-
7.发明授权Authentication based on a current location of a communications device associated with an entity 有权基于与实体相关联的通信设备的当前位置的认证公开(公告)号:US08904496B1
公开(公告)日:2014-12-02
申请号:US13435951
申请日:2012-03-30
CPC分类号: G06F21/44 , G06F21/552 , G06F2221/2111 , G06F2221/2151 , H04L9/3271 , H04L9/3297 , H04L2209/80 , H04W12/06
摘要: There is disclosed a method and system for use in authenticating an entity in connection with a computerized resource. An authentication request is received from entity for access to computerized resource. An input signal is received from a communications device associated with entity. The input signal comprises current location of communications device. The current location of communications device is derived from input signal. A location history in connection with communications device is captured. The location history comprises a record of discrete locations visited by communications device over a period of time. An analysis is performed between current location of the communications device and location history in connection with communications device. An authentication result is generated based on analysis between current location of communications device and location history in connection with communications device. The authentication result can be used for authenticating entity.
摘要翻译: 公开了一种用于认证与计算机资源有关的实体的方法和系统。 从实体接收到对计算机资源的访问的认证请求。 从与实体相关联的通信设备接收输入信号。 输入信号包括通信设备的当前位置。 通信设备的当前位置来源于输入信号。 捕获与通信设备相关的位置历史记录。 位置历史包括通信设备在一段时间内访问的离散位置的记录。 在通信设备的当前位置和与通信设备相关的位置历史之间进行分析。 基于通信设备的当前位置和与通信设备相关的位置历史之间的分析生成认证结果。 验证结果可用于认证实体。
-
公开(公告)号:US09405897B1
公开(公告)日:2016-08-02
申请号:US13538640
申请日:2012-06-29
CPC分类号: G06F21/44 , G06F21/316 , G06F21/552 , G06F2221/2111 , G06F2221/2151 , H04L9/3271 , H04L9/3297 , H04L2209/80
摘要: There is disclosed a method and system for use in authenticating an entity. An entity location history is stored comprising a historical record of locations visited by the entity. An authentication request is received from the entity. A pattern of recent locations visited by the entity indicative of irregular behavior is detected. An analysis is performed between the pattern of recent locations indicative of irregular behavior and the entity location history for establishing the riskiness of the authentication request. An authentication result is generated based on the analysis between the pattern of recent locations indicative of irregular behavior and the entity location history.
摘要翻译: 公开了一种用于认证实体的方法和系统。 存储实体位置历史,其包括由该实体访问的位置的历史记录。 从实体接收到认证请求。 检测到由实体访问的指示不规则行为的最近位置的模式。 在指示不规则行为的最近位置的模式和用于建立认证请求的风险的实体位置历史之间进行分析。 基于指示不规则行为的最近位置的模式与实体位置历史之间的分析,生成认证结果。
-
公开(公告)号:US08683548B1
公开(公告)日:2014-03-25
申请号:US13249484
申请日:2011-09-30
申请人: Samuel Curry , Daniel Schiappa
发明人: Samuel Curry , Daniel Schiappa
IPC分类号: G06F17/00
CPC分类号: G06F21/57
摘要: An improved technique for delegating computing actions among different machines includes a policy engine that receives inputs specifying computing actions to be performed and automatically selects a virtual machine to perform each action. Machine selection is based on a policy, which recognizes multiple categories of computing actions, classifies each input as belonging to one of the categories, and directs each computing action to a virtual machine designated for performing only that one category of computing actions.
摘要翻译: 用于在不同机器之间委派计算动作的改进技术包括策略引擎,其接收指定要执行的计算动作的输入,并自动选择虚拟机以执行每个动作。 机器选择基于一种策略,该策略识别多种类型的计算动作,将每个输入分类为属于其中一个类别,并将每个计算动作定向到指定用于仅执行该类别计算动作的虚拟机。
-
公开(公告)号:US5884866A
公开(公告)日:1999-03-23
申请号:US715128
申请日:1996-09-17
CPC分类号: B64G1/641 , B64G1/002 , B64G1/222 , B64G1/645 , B64G1/1085 , B64G2001/643
摘要: A dispenser that is connectable to a launch vehicle in order to deploy a plurality of satellites in orbit. The dispenser includes a post having a longitudinal axis, an assembly for coupling the post to a launch vehicle, and a plurality of fittings coupled to the post and having attachment means for deployably coupling a satellite to the post. The attachment means is aligned substantially orthogonal to the longitudinal axis of the post and defines attachment bays extending annularly about the post.
摘要翻译: 一种能够连接到运载火箭以便将多颗卫星部署在轨道上的分配器。 分配器包括具有纵向轴线的柱,用于将柱连接到运载火箭的组件以及耦合到柱的多个配件,并具有用于将卫星可展开地联接到柱上的附接装置。 所述附接装置基本上垂直于所述柱的纵向轴线对齐并且限定围绕所述柱环状延伸的附接槽。
-
-
-
-
-
-
-
-
-
搜索结果
15 条记录 (耗时 0.035 秒)
