System and method for establishing historical usage-based hardware trust
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
H04L-009/00
H04L-009/32
출원번호
US-0960326
(2010-12-03)
등록번호
US-8181015
(2012-05-15)
발명자
/ 주소
Roskind, James A.
출원인 / 주소
AOL Inc.
대리인 / 주소
Glenn, Michael A.
인용정보
피인용 횟수 :
9인용 특허 :
34
초록▼
Establishing trust according to historical usage of selected hardware involves providing a usage history for a selected client device; and extending trust to a selected user based on the user's usage history of the client device. The usage history is embodied as signed statements issued by a third p
Establishing trust according to historical usage of selected hardware involves providing a usage history for a selected client device; and extending trust to a selected user based on the user's usage history of the client device. The usage history is embodied as signed statements issued by a third party or an authentication server. The issued statement is stored either on the client device, or on an authentication server. The usage history is updated every time a user is authenticated from the selected client device. By combining the usage history with conventional user authentication, an enhanced trust level is readily established. The enhanced, hardware-based trust provided by logging on from a trusted client may eliminate the necessity of requiring secondary authentication for e-commerce and financial services transactions, and may also be used to facilitate password recovery and conflict resolution in the case of stolen passwords.
대표청구항▼
1. A method for establishing trust in relation to a service provider across a network, comprising the steps of: tracking information unique to each log in for a selected user through one or more access points associated with said network; andextending an increase in trust to said selected user at a
1. A method for establishing trust in relation to a service provider across a network, comprising the steps of: tracking information unique to each log in for a selected user through one or more access points associated with said network; andextending an increase in trust to said selected user at a level at least partially based on any of frequency of said tracked log ins or number of said tracked log ins through said access points for said selected user. 2. The method of claim 1, further comprising the step of: performing an authentication of said selected user, wherein said authentication is based on a combination of said extended trust and at least one other form of authentication. 3. The method of claim 1, further comprising the step of: storing said tracked information at any of a remote location or a selected device of one or more devices that corresponds with one or more of said log ins for said selected user. 4. The method of claim 1, wherein said step of tracking information further comprises creating a statement by an issuer, downloading said statement from said issuer, and storing said downloaded statement on a selected device of one or more devices that corresponds with one or more of said log ins for said selected user. 5. The method of claim 4, further comprising the step of: providing said stored tracked information by said selected device with a request for any of service or access. 6. The method of claim 1, wherein said step of extending an increase in trust comprises: determining a level of trust according to said selected user's frequency of use of a selected device of one or more devices that corresponds with one or more of said log ins for said selected user, wherein a frequent user is granted enhanced trust over an infrequent user. 7. The method of claim 1, further comprising the step of: establishing a pattern of use based at least on said tracked information for any of said selected user or a selected device of one or more devices that corresponds with one or more of said log ins for said selected user;wherein said step of extending trust is at least partially based on a level of conformance to said established pattern of use. 8. The method of claim 7, wherein said tracked information comprises any of where said selected user dials in from, device type, device operating system, any of IP address or subnet, or any of cookies or tags on said selected device. 9. A system for establishing trust across a network, comprising: a service provider; andone or more servers associated with said service provider;wherein at least one of said servers is configured to track information unique to each log in for a selected user through one or more access points associated with said network; andwherein at least one of said servers is configured to extend an increase in trust to said selected user at a level at least partially based on any of frequency of said log ins or number of said tracked log ins through said access points for said selected user. 10. The system of claim 9, wherein at least one of said servers is configured to authenticate said selected user, wherein said authentication is based on a combination of said extended trust and at least one other form of authentication. 11. The system of claim 9, wherein at least one of said servers is configured to store said tracked information at any of a remote location or a selected device of one or more devices that corresponds with one or more of said log ins for said selected user. 12. The system of claim 9, wherein at least one of said servers is configured to create a statement by corresponding to said tracked information, and store said statement on a selected device of one or more devices that corresponds with one or more of said log ins for said selected user. 13. The system of claim 12, wherein at least one of said servers is configured to provide said stored tracked information in response to a request for any of service or access. 14. The system of claim 9, wherein at least one or said servers is configured to determine a level of trust according to said selected user's frequency of use of a selected device of one or more devices that corresponds with one or more of said log ins for said selected user, wherein a frequent user is granted enhanced trust over an infrequent user. 15. A system for establishing trust with a service provider across a network, comprising: one or more access points; andone or more servers associated with said service provider;wherein at least one of said servers is configured to track information unique to each log in for a selected user through one or more of said access points associated with said network; andwherein at least one of said servers is configured to extend an increase in trust to said selected user at a level at least partially based on any of frequency of said log ins or number of said tracked log ins through said access points for said selected user. 16. The system of claim 15, wherein at least one of said servers is configured to authenticate said selected user, wherein said authentication is based on a combination of said extended trust and at least one other form of authentication. 17. The system of claim 15, wherein at least one of said servers is configured to store said tracked information at any of a remote location or a selected device of one or more devices that corresponds with one or more of said log ins for said selected user. 18. The system of claim 15, wherein at least one or said servers is configured to determine a level of trust according to said selected user's frequency of use of a selected device of one or more devices that corresponds with one or more of said log ins for said selected user, wherein a frequent user is granted enhanced trust over an infrequent user. 19. The system of claim 15, wherein at least one of said servers is configured to establish or update a pattern of use based at least on said tracked information for any of said selected user or a selected device of one or more devices that corresponds with one or more of said log ins for said selected user; wherein said extended trust is at least partially based on a level of conformance to said pattern of use. 20. The system of claim 19, wherein said tracked information comprises any of where said selected user dials in from, device type, device operating system, any of IP address or subnet, or any of cookies or tags on said selected device.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (34)
Wood, David L.; Norton, Derk, Access management system and method employing secure credentials.
Howard, John Hal; Kunins, Jeffrey C.; Anderson, Darren L.; Battle, Ryan W.; Metral, Max E., Controlling access to a network server using an authentication ticket.
See Michael E. ; Bailey John W. ; Panza Charles L. ; Pikover Yuri ; Stone Geoffrey C., Deterministic user authentication service for communication network.
Shi Shaw-Ben ; Ault Michael Bradford ; Plassmann Ernst Robert ; Rich Bruce Arland ; Rosiles Mickella Ann ; Shrader Theodore Jack London, Distributed file system web server user authentication with cookies.
Hrabik,Michael; Guilfoyle,Jeffrey; Mac Beaver,Edward, Method and apparatus for verifying the integrity and security of computer networks and implementing counter measures.
Stephen J. Purpura, Method and system for authentication and single sign on using cryptographically assured cookies in a distributed computer environment.
Hershey Paul C. (Manassas VA) Johnson Donald B. (Manassas VA) Le An V. (Manassas VA) Matyas Stephen M. (Manassas VA) Waclawsky John G. (Frederick MD) Wilkins John D. (Somerville VA), Network security system and method using a parallel finite state machine adaptive active monitor and responder.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Kent Eldon Seamons ; William Hale Winsborough, Trust negotiation in a client/server data processing network using automatic incremental credential disclosure.
Dulai Dharmender S. ; Marur Vinod R. ; Vitale Benjamin F. ; Zenel Bruce A., Two-tier authentication system where clients first authenticate with independent service providers and then automatically exchange messages with a client controller to gain network access.
Ensor Myra L. ; Kowalski Thaddeus Julius ; Primatic Agesino, User-transparent security method and apparatus for authenticating user terminal access to a network.
Khanwalkar, Manoj; Camacho, Adler; Van Lare, Stephen; Winkler, Omer; Tuttle, Luke David; Patel, Surag I., Data structures for intelligently resolving deterministic and probabilistic device identifiers to device profiles and/or groups.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.