Establishing trust according to historical usage of selected hardware involves providing a usage history for a selected client device; and extending trust to a selected user based on the user's usage history of the client device. The usage history is embodied as signed statements issued by a third p
Establishing trust according to historical usage of selected hardware involves providing a usage history for a selected client device; and extending trust to a selected user based on the user's usage history of the client device. The usage history is embodied as signed statements issued by a third party or an authentication server. The issued statement is stored either on the client device, or on an authentication server. The usage history is updated every time a user is authenticated from the selected client device. By combining the usage history with conventional user authentication, an enhanced trust level is readily established. The enhanced, hardware-based trust provided by logging on from a trusted client may eliminate the necessity of requiring secondary authentication for e-commerce and financial services transactions, and may also be used to facilitate password recovery and conflict resolution in the case of stolen passwords.
대표청구항▼
1. One or more computer-readable storage memory devices comprising processor-executable instructions which, responsive to execution by at least one processor, are configured to: write a token into any of a memory or a disk that is associated with a selected client device of one or more client device
1. One or more computer-readable storage memory devices comprising processor-executable instructions which, responsive to execution by at least one processor, are configured to: write a token into any of a memory or a disk that is associated with a selected client device of one or more client devices;confirm that the token exists on the selected client device during each log in of the selected client device through one or more access points across a network; andextend an increase in trust to the selected client device at a level that is based, at least in part, on at least one of: a frequency of the confirmed log ins; ora number of the confirmed log ins. 2. The one or more computer-readable storage memory devices of claim 1, wherein the token comprises at least one of: a cookie; ora tag. 3. The one or more computer-readable storage memory devices of claim 1, the processor-instructions further configured to: perform an authentication of a selected user of the selected client device, wherein the authentication is based on a combination of the extended trust and at least one other form of authentication. 4. The one or more computer-readable storage memory devices of claim 1, wherein the token comprises a statement that is created by an issuer, wherein the statement corresponds with one or more of the log ins for a selected user of the selected client device. 5. The one or more computer-readable storage memory devices of claim 4, the processor-executable instructions further configured to: provide the statement by the selected client device with a request for any of service and access. 6. The one or more computer-readable storage memory devices of claim 1, wherein the processor-executable instructions are further configured to: determine a level of trust according to a selected user's frequency of use of the selected client device that corresponds with one or more of the log ins for the selected user, wherein a frequent user is granted enhanced trust over an infrequent user. 7. The one or more computer-readable storage memory devices of claim 1, wherein the processor-executable instructions are further configured to: establish a pattern of use based at least on tracked information for any of a selected user or the selected client device, wherein the tracked information corresponds with one or more of the log ins for the selected user,wherein a determination to extend trust is based, at least in part, on a level of conformance to the established pattern of use. 8. The one or more computer-readable storage memory devices of claim 7, wherein, wherein the tracked information comprises at least one of: information indicating where the selected user dials in from;information indicating a device type;information indicating a device operating system;information indicating an Internet Protocol (IP) address;information indicating a subnet; orinformation indicating the token on the selected client device. 9. One or more computer-readable storage memory devices comprising processor-executable instructions which, responsive to execution by at least one processor, are configured to: track information unique to each log-in for a selected user through one or more access points associated with a network; andextend an increase in trust to the selected user at a level based, at least in part, on at least one of: a frequency of said tracked log-ins; anda number of said tracked log-ins through said access points for said selected user. 10. The one or more computer-readable storage memory devices of claim 9, wherein the processor-executable instructions are further configured to: perform an authentication of said selected user, wherein said authentication is based, at least in part, on a combination of said extended trust and at least one other form of authentication. 11. The one or more computer-readable storage memory devices of claim 9, wherein the processor-executable instructions are further configured to: store said tracked information at any of a remote location or a selected device of one or more devices that corresponds with one or more of said log ins for said selected user. 12. The one or more computer-readable storage memory devices of claim 9, wherein the processor-executable instructions to track information are further configured to: create a statement by an issuer;download said statement from said issuer; andstore said downloaded statement on a selected device of one or more devices that corresponds with one or more of said log ins for said selected user. 13. The one or more computer-readable storage memory devices of claim 12, wherein the processor-executable instructions are further configured to: provide said stored tracked information by said selected device with a request for any of service and access or access. 14. The one or more computer-readable storage memory devices of claim 9, wherein the processor-executable instructions to extend an increase in trust are further configured to: determine a level of trust according to said selected user's frequency of use of a selected device of one or more devices that corresponds with one or more of said log ins for said selected user, wherein a frequent user is granted enhanced trust over an infrequent user. 15. The one or more computer-readable storage memory devices of claim 9, wherein the processor-executable instructions are further configured to: establish a pattern of use based at least on said tracked information for any of said selected user or a selected device of one or more devices that corresponds with one or more of said log ins for said selected user,wherein a determination to extend trust is based, at least in part, on a level of conformance to said established pattern of use. 16. The one or more computer-readable storage memory devices of claim 15, wherein said tracked information comprises any of: a location associated with where said selected user connects in from;a device type;a device operating system;an IP address or subnet; orone or more cookies or tags stored on said selected device. 17. One or more computer-readable storage memory devices comprising processor-executable instructions which, responsive to execution by at least one processor, are configured to: track information unique to each log-in for a selected user through one or more access points associated with a network;extend an increase in trust to the selected user at a level based, at least in part, on a frequency of said tracked log-ins or a number of said tracked log-ins through said access points for said selected user;identify a new access point associated with the network that the selected user logs-in from; andrequest authentication information from the selected user instead of extending an increase in trust, to the selected user, for the log-in associated with the new access point. 18. The one or more computer-readable storage memory devices of claim 17, wherein the processor-executable instructions further configured to: receive the requested authentication information;verify the requested authentication information; andresponsive to verifying the requested information, extent an increase in trust to the selected user for future log-ins associated with the new access point. 19. The one or more computer-readable storage memory devices of claim 17, wherein the tracked information comprises at least one of: a device type;a device operating system;an IP address or subnet;a cookie stored on an associated access point;a tag stored on an associated access point; ora location associated with where the selected user connects in from. 20. The one or more computer-readable storage memory devices claim 17, the processor-executable instructions further configured to: enable the selected user to change an associated password based, at least in part, on the extended increased trust.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (43)
Wood, David L.; Norton, Derk, Access management system and method employing secure credentials.
Rosenberg Jonathan ; Gandhi Munish ; Werth Andrew, Apparatus and method for tracking world wide web browser requests across distinct domains using persistent client-side state.
Howard, John Hal; Kunins, Jeffrey C.; Anderson, Darren L.; Battle, Ryan W.; Metral, Max E., Controlling access to a network server using an authentication ticket.
See Michael E. ; Bailey John W. ; Panza Charles L. ; Pikover Yuri ; Stone Geoffrey C., Deterministic user authentication service for communication network.
Shi Shaw-Ben ; Ault Michael Bradford ; Plassmann Ernst Robert ; Rich Bruce Arland ; Rosiles Mickella Ann ; Shrader Theodore Jack London, Distributed file system web server user authentication with cookies.
Hrabik,Michael; Guilfoyle,Jeffrey; Mac Beaver,Edward, Method and apparatus for verifying the integrity and security of computer networks and implementing counter measures.
Stephen J. Purpura, Method and system for authentication and single sign on using cryptographically assured cookies in a distributed computer environment.
Hershey Paul C. (Manassas VA) Johnson Donald B. (Manassas VA) Le An V. (Manassas VA) Matyas Stephen M. (Manassas VA) Waclawsky John G. (Frederick MD) Wilkins John D. (Somerville VA), Network security system and method using a parallel finite state machine adaptive active monitor and responder.
Grawrock David ; Lohstroh Shawn R., System for supporting secured log-in of multiple users into a plurality of computers using combined presentation of memorized password and transportable passport record.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Kent Eldon Seamons ; William Hale Winsborough, Trust negotiation in a client/server data processing network using automatic incremental credential disclosure.
Dulai Dharmender S. ; Marur Vinod R. ; Vitale Benjamin F. ; Zenel Bruce A., Two-tier authentication system where clients first authenticate with independent service providers and then automatically exchange messages with a client controller to gain network access.
Ensor Myra L. ; Kowalski Thaddeus Julius ; Primatic Agesino, User-transparent security method and apparatus for authenticating user terminal access to a network.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.