公开(公告)号：US08800003B2

公开(公告)日：2014-08-05

申请号：US13162834

申请日：2011-06-17

申请人： Wei-Qiang (Michael) Guo ,  Yordan Rouskov ,  Rui Chen ,  Pui-Yin Winfred Wong

发明人： Wei-Qiang (Michael) Guo ,  Yordan Rouskov ,  Rui Chen ,  Pui-Yin Winfred Wong

IPC分类号： G06F21/00 ,  G06F21/31 ,  G06F21/32 ,  G06F21/34

CPC分类号： G06F21/31 ,  G06F21/32 ,  G06F21/34 ,  H04L9/3234 ,  H04L9/3263 ,  H04L63/0823 ,  H04L63/0876 ,  H04L63/105 ,  H04L2209/56

摘要： An authentication system combines device credential verification with user credential verification to provide a more robust authentication mechanism that is convenient to the user and effective across enterprise boundaries. In one implementation, user credential verification and device credential verification are combined to provide a convenient two-factor authentication. In this manner, an account authority service or other authentication provider verify both factors and provide a security token in accordance with the security policy of the account network resource the user is intending to access. The level of privilege granted by the target account network resource can vary depending on the number and type of factors verified by the account authority service.

摘要翻译： 认证系统将设备凭据验证与用户凭证验证相结合，提供了更加强大的身份验证机制，方便用户，跨企业边界有效。 在一个实现中，组合用户凭证验证和设备凭据验证以提供方便的双因素认证。 以这种方式，帐户权限服务或其他认证提供者验证两个因素并根据用户打算访问的帐户网络资源的安全策略提供安全令牌。 目标帐户网络资源授予的权限级别可以根据帐户权限服务验证的因素的数量和类型而有所不同。

公开(公告)号：US07979899B2

公开(公告)日：2011-07-12

申请号：US12131142

申请日：2008-06-02

申请人： Wei-Qiang (Michael) Guo ,  Yordan Rouskov ,  Rui Chen ,  Pui-Yin Winfred Wong

发明人： Wei-Qiang (Michael) Guo ,  Yordan Rouskov ,  Rui Chen ,  Pui-Yin Winfred Wong

IPC分类号： G06F7/04 ,  G06F15/16 ,  G06F17/30 ,  H04L29/06

CPC分类号： G06F21/31 ,  G06F21/32 ,  G06F21/34 ,  H04L9/3234 ,  H04L9/3263 ,  H04L63/0823 ,  H04L63/0876 ,  H04L63/105 ,  H04L2209/56

摘要： An authentication system combines device credential verification with user credential verification to provide a more robust authentication mechanism that is convenient to the user and effective across enterprise boundaries. In one implementation, user credential verification and device credential verification are combined to provide a convenient two-factor authentication. In this manner, an account authority service or other authentication provider verify both factors and provide a security token in accordance with the security policy of the account network resource the user is intending to access. The level of privilege granted by the target account network resource can vary depending on the number and type of factors verified by the account authority service.

摘要翻译： 认证系统将设备凭据验证与用户凭证验证相结合，提供了更加强大的身份验证机制，方便用户，跨企业边界有效。 在一个实现中，组合用户凭证验证和设备凭证验证以提供方便的双因素认证。 以这种方式，帐户权限服务或其他认证提供者验证两个因素并根据用户打算访问的帐户网络资源的安全策略提供安全令牌。 目标帐户网络资源授予的权限级别可以根据帐户权限服务验证的因素的数量和类型而有所不同。

公开(公告)号：US20090300744A1

公开(公告)日：2009-12-03

申请号：US12131142

申请日：2008-06-02

申请人： Wei-Qiang (Michael) Guo ,  Yordan Rouskon ,  Rui Chen ,  Pui-Yin Winfred Wong

发明人： Wei-Qiang (Michael) Guo ,  Yordan Rouskon ,  Rui Chen ,  Pui-Yin Winfred Wong

IPC分类号： H04L9/32

CPC分类号： G06F21/31 ,  G06F21/32 ,  G06F21/34 ,  H04L9/3234 ,  H04L9/3263 ,  H04L63/0823 ,  H04L63/0876 ,  H04L63/105 ,  H04L2209/56

摘要： An authentication system combines device credential verification with user credential verification to provide a more robust authentication mechanism that is convenient to the user and effective across enterprise boundaries. In one implementation, user credential verification and device credential verification are combined to provide a convenient two-factor authentication. In this manner, an account authority service or other authentication provider verify both factors and provide a security token in accordance with the security policy of the account network resource the user is intending to access. The level of privilege granted by the target account network resource can vary depending on the number and type of factors verified by the account authority service.

摘要翻译： 认证系统将设备凭据验证与用户凭证验证相结合，提供了更加强大的身份验证机制，方便用户，跨企业边界有效。 在一个实现中，组合用户凭证验证和设备凭证验证以提供方便的双因素认证。 以这种方式，帐户权限服务或其他认证提供者验证两个因素并根据用户打算访问的帐户网络资源的安全策略提供安全令牌。 目标帐户网络资源授予的权限级别可以根据帐户权限服务验证的因素的数量和类型而有所不同。

公开(公告)号：US20090300168A1

公开(公告)日：2009-12-03

申请号：US12131140

申请日：2008-06-02

申请人： Wei-Qiang (Michael) Guo ,  Vaishali De ,  Rui Chen ,  Yordan Rouskov ,  Vikas Rajvanshy

发明人： Wei-Qiang (Michael) Guo ,  Vaishali De ,  Rui Chen ,  Yordan Rouskov ,  Vikas Rajvanshy

IPC分类号： G06F15/173

CPC分类号： G06F21/73 ,  G06F2221/2129

摘要： A device identifier (ID) is used across enterprise boundaries. A user can use the device ID to publish a device for sharing with other remote users. The remote users can discover devices that are shared by other users based on device IDs, connect to a selected device, and then verify that they have connected to the correct device based on its device ID. An account authority service may be used to manage the publication and/or discovery of the shared devices and their device IDs.

摘要翻译： 跨企业边界使用设备标识符（ID）。 用户可以使用设备ID发布设备以与其他远程用户共享。 远程用户可以基于设备ID发现其他用户共享的设备，连接到所选设备，然后根据设备ID验证是否连接到正确的设备。 可以使用帐户权限服务来管理共享设备及其设备ID的发布和/或发现。