logo

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 9769167 B1

PDFFull Text
Date of Patent:
Sep. 19, 2017

Filed:

Jun. 18, 2014

Authentication and authorization using device-based validation

Applicants:

David Arthur Mary, Natick, MA (US);

Herbert Paul Mehlhorn, Westford, MA (US);

Thomas E. Hamilton, Iii, Sudbury, MA (US);

Ganesh Gudaru, Hyderabad, IN;

Rohit Ganda, Hyderabad, IN;

Chavvakula Ravikanth, Hyderabad, IN;

Inventors:

David Arthur Mary, Natick, MA (US);

Herbert Paul Mehlhorn, Westford, MA (US);

Thomas E. Hamilton, III, Sudbury, MA (US);

Ganesh Gudaru, Hyderabad, IN;

Rohit Ganda, Hyderabad, IN;

Chavvakula Ravikanth, Hyderabad, IN;

Assignee:

CA, Inc., New York, NY (US);

Attorney:

Baker Botts L.L.P.

Primary Examiner:

Eleni Shiferaw

Assistant Examiner:

Nelson Giddins

Int. Cl.
CPC ...
H04L 29/06 (2006.01); G06F 21/44 (2013.01); G06F 21/33 (2013.01); H04L 29/08 (2006.01);
U.S. Cl.
CPC ...
H04L 63/0876 (2013.01); G06F 21/335 (2013.01); G06F 21/44 (2013.01); H04L 67/14 (2013.01);
Abstract

A method includes authenticating a user of a client device and sending a response to the client device. The response includes browser code configured to retrieve respective first values for a plurality of device properties from the client device. The method also includes storing session information for the user in a memory. The session information includes the first values and criteria for triggering validation of the client device. The method further includes receiving a request, sent from a requesting device, to access a protected resource and determining whether the request is authenticated by determining that the request is associated with the session information and determining that the criteria has been met. Determining whether the request is authenticated also includes retrieving respective second values for the plurality of device properties from the requesting device, and determining whether the second values match the first values to authenticate the request.

Find Patent Forward Citations

Loading…