Mobile terminal and method for controlling the same
US-2016306350-A1 · Oct 20, 2016 · US
Enterprise computing environment with continuous user authentication
US2016337328A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2016337328-A1 |
| Application number | US-201514708707-A |
| Country | US |
| Kind code | A1 |
| Filing date | May 11, 2015 |
| Priority date | May 11, 2015 |
| Publication date | Nov 17, 2016 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Continuous user authentication includes receiving authentication event information including (1) transaction information describing authentication transactions, the transaction information received from authentication providers and including identification of users and instances of authentication of the users by the authentication providers, and (2) user identification and activity information describing presence and state (e.g. location) of the users, this information received from (a) mobile sensing devices in physical proximity of users independent of user location, and (b) stationary sensing devices at fixed locations of the users. The authentication event information is stored in an authentication event database and is provided to the authentication providers in a continual manner to enable the authentication providers to (a) establish new authentications of the users for accessing services of the computing system, and (b) maintain and revoke previously established authentications of the users based on the authentication event information and authentication policies.
First claim
Opening claim text (preview).
What is claimed is: 1 . A computer-implemented method of continuous user authentication in a computing system, comprising: receiving, by processing circuitry, authentication event information including (1) transaction information describing authentication transactions occurring in the computing system, the transaction information being received from authentication providers and including identification of users and respective instances of authentication of the users by the authentication providers, and (2) user identification and activity information describing presence and state of the users as they interact with the computing system, the user identification and activity information being received from (a) mobile sensing devices in physical proximity of respective users independent of user location, and (b) stationary sensing devices at fixed locations of the users when interacting with the computing system; storing, by the processing circuitry, the authentication event information in an authentication event database; and providing, by the processing circuitry, authentication event information from the authentication event database to the authentication providers, the authentication event information being provided in a continual manner to enable the authentication providers to (a) establish new authentications of the users for accessing services of the computing system, and (b) maintain and revoke previously established authentications of the users based on the authentication event information and authentication policies of the computing system. 2 . The computer-implemented method of claim 1 , wherein the mobile sensing devices include personal devices carried or worn by respective users. 3 . The computer-implemented method of claim 2 , wherein at least some of the personal devices are biometric sensing devices sensing biometric aspects of the respective users. 4 . The computer-implemented method of claim 1 , wherein the stationary sensing devices include user presence sensing devices. 5 . The computer-implemented method of claim 1 , wherein the authentication providers include respective application agents closely coupled to respective applications executing in the computing system, the applications requiring user authentication as a condition to allowing user access to application services. 6 . The computer-implemented method of claim 1 , wherein the authentication providers include first and second authentication providers, the first authentication providers acting as both providers and consumers of the authentication event information, the second authentication providers acting as either but not both of providers and consumers of the authentication event information. 7 . The computer-implemented method of claim 1 , further including providing, by the processing circuitry, authentication event information from the authentication event database to third party consumers of the authentication event information, the third-party consumers not participating in sending authentication event information for storing in the authentication event database. 8 . Authentication server equipment, comprising: a communications interface; memory; storage; and one or more processors coupled to the communications interface, memory and storage, wherein the memory stores computer program instructions executed by the processors to form processing circuitry causing the authentication server equipment to perform a method of continuous user authentication in a computing system, the method including: receiving, by the processing circuitry, authentication event information including (1) transaction information describing authentication transactions occurring in the computing system, the transaction information being received from authentication providers and including identification of users and respective instances of authentication of the users by the authentication providers, and (2) user identification and activity information describing presence and state of the users as they interact with the computing system, the user identification and activity information being received from (a) mobile sensing devices in physical proximity of respective users independent of user location, and (b) stationary sensing devices at fixed locations of the users when interacting with the computing system; storing, by the processing circuitry, the authentication event information in an authentication event database; and providing, by the processing circuitry, authentication event information from the authentication event database to the authentication providers, the authentication event information being provided in a continual manner to enable the authentication providers to (a) establish new authentications of the users for accessing services of the computing system, and (b) maintain and revoke previously established authentications of the users based on the authentication event information and authentication policies of the computing system. 9 . The authentication server equipment of claim 8 , wherein the mobile sensing devices include personal devices carried or worn by respective users. 10 . The authentication server equipment of claim 9 , wherein at least some of the personal devices are biometric sensing devices sensing biometric aspects of the respective users. 11 . The authentication server equipment of claim 8 , wherein the stationary sensing devices include user presence sensing devices. 12 . The authentication server equipment of claim 8 , wherein the authentication providers include respective application agents closely coupled to respective applications executing in the computing system, the applications requiring user authentication as a condition to allowing user access to application services. 13 . The authentication server equipment of claim 8 , wherein the authentication providers include first and second authentication providers, the first authentication providers acting as both providers and consumers of the authentication event information, the second authentication providers acting as either but not both of providers and consumers of the authentication event information. 14 . The authentication server equipment of claim 8 , wherein the method further includes providing, by the processing circuitry, authentication event information from the authentication event database to third party consumers of the authentication event information, the third-party consumers not participating in sending authentication event information for storing in the authentication event database. 15 . A computer program product having a non-transitory computer-readable medium storing a set of computer program instructions, the computer program instructions being executable by processing circuitry of authentication server equipment to cause the authentication server equipment to perform continuous user authentication in a computing system, by: receiving, by processing circuitry, authentication event information including (1) transaction information describing authentication transactions occurring in the computing system, the transaction information being received from authentication providers and including identification of users and respective instances of authentication of the users by the authentication providers, and (2) user identification and activity information describing presence and state of the users as they interact with the computing system, the user identification and activity information being received from (a) mobile sensing devices in physical proximity of respective users independent of user location, and (b) stationary sensi
Assignees
Inventors
Classifications
using biometrical features, e.g. fingerprint, retina-scan (cryptographic mechanisms or cryptographic arrangements for entity authentication using biological data H04L9/3231) · CPC title
- H04L63/08Primary
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2016337328A1 cover?
- Continuous user authentication includes receiving authentication event information including (1) transaction information describing authentication transactions, the transaction information received from authentication providers and including identification of users and instances of authentication of the users by the authentication providers, and (2) user identification and activity information …
- Who is the assignee on this patent?
- Citrix Systems Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/08. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Thu Nov 17 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).