Identity verification and associated platform
US-2024403403-A1 · Dec 5, 2024 · US
Method and apparatus for accelerated authentication
US9979545B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9979545-B2 |
| Application number | US-201715604134-A |
| Country | US |
| Kind code | B2 |
| Filing date | May 24, 2017 |
| Priority date | Sep 27, 2010 |
| Publication date | May 22, 2018 |
| Grant date | May 22, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Techniques for accelerated authentication include receiving first data that indicates a first portion of user credentials for a first user but not a second portion. It is verified whether the first portion of user credentials is valid. If the first portion of user credentials is valid, then second data that indicates a valid value for the second portion of user credentials for the first user is sent. Other techniques include receiving first data that indicates a first portion of user credentials for a first user but not a second portion of user credentials for the first user. A first message that indicates the first portion of user credentials is sent to a remote process that initiates authentication of the first user based on the first portion of user credentials before receiving second data that indicates the second portion of user credentials for the first user.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: receiving, by a hardware processor from a user device, first data that indicates a first portion of user credentials for a first user but not a second portion of the user credentials for the first user; determining, by the hardware processor, whether the first portion of the user credentials is valid; and when the first portion of the user credentials is valid, then determining, by the hardware processor, to send a service response authorized by the first portion to the user device, wherein sending of the service response authorized by the first portion occurs before receiving the second portion of the user credentials from the user device. 2. The method of claim 1 , wherein, the service response authorized by the first portion provides access control to the first user, and when the user device is a trusted client, a level of access control provided to the first user that is authorized by the first portion is less strict than the level of access control provided to the user by the second portion. 3. The method of claim 2 , wherein, the service response authorized by the first portion is included in second data that is sent to the user device, and the second data further includes a valid value for the second portion of the user credentials for the first user and a token that is used by the first user to obtain service from a set of one or more network services. 4. The method of claim 1 , wherein, when the user device is a trusted client, the service response authorized by the first portion is included in second data that is received by the user device, and the second data further includes a valid value for the second portion of the user credentials for the first user and a token that is used by the first user to obtain service from a set of one or more network services, and wherein the user device inhibits sending the token to obtain service from the set of one or more network services until all entries of the user credentials for the first user are verified as correct. 5. The method of claim 1 , wherein, the user device is an untrusted client, and the method further comprises: after sending the service response authorized by the first portion to the user device, receiving the second portion of the user credentials for the first user; and when the second portion of the user credentials is valid, then determining, by the hardware processor, to send a further service response authorized by the second portion and a token to the user device, wherein the service response authorized by the first portion and the further service response authorized by the second portion each provide a different level of access control to the first user, wherein the further service response authorized by the second portion is a more strict level of access control than that provided by the service response authorized by the first portion, and wherein the token is data that is used by the first user to obtain service from a set of one or more network services. 6. A method comprising: receiving, by a hardware processor of a user device, first data that indicates a first portion of user credentials for a first user but not a second portion of the user credentials for the first user, wherein the first data is received in response to a sign-in prompt to the first user to provide the user credentials to authenticate the first user; before receiving second data that indicates the second portion of the user credentials for the first user, determining, by the hardware processor, to send a first message that indicates the first portion of the user credentials to a remote process that initiates authentication of the first user based on the first portion of the user credentials; and receiving a service response authorized by the first portion, wherein the receiving of the service response authorized by the first portion occurs before a submit button on the user device is activated to send the second portion of the user credentials from the user device. 7. The method of claim 6 , wherein, the service response authorized by the first portion provides access control to the first user, and when the user device is a trusted client, a level of access control provided to the first user that is authorized by the first portion is less strict than the level of access control provided to the user by the second portion. 8. The method of claim 7 , wherein, the service response authorized by the first portion is included in third data that is received by the user device, and the third data further includes a valid value for the second portion of the user credentials for the first user and a token that is used by the first user to obtain service from a set of one or more network services. 9. The method of claim 6 , wherein, when the user device is a trusted client, the service response authorized by the first portion is included in third data that is received by the user device, and the third data further includes a valid value for the second portion of the user credentials for the first user and a token that is used by the first user to obtain service from a set of one or more network services, wherein the method further comprises: inhibiting sending the token from the user device to obtain service from the set of one or more network services until all entries of the user credentials for the first user are verified as correct. 10. The method of claim 6 , wherein, the user device is an untrusted client, and the method further comprises: after receiving the service response authorized by the first portion, sending the second portion of the user credentials for the first user to the remote process; and receiving a further service response authorized by the second portion and a token, wherein the service response authorized by the first portion and the further service response authorized by the second portion each provide a different level of access control to the first user, wherein the further service response authorized by the second portion is a more strict level of access control than that provided by the service response authorized by the first portion, and wherein the token is data that is used by the first user to obtain service from a set of one or more network services. 11. An apparatus comprising: at least one hardware processor; and at least one memory including computer program code for one or more programs, the at least one memory and the computer program code configured to, with the at least one hardware processor, cause the apparatus to at least: receive first data that indicates a first portion of user credentials for a first user but not a second portion of the user credentials for the first user, wherein the first data is received in response to a sign-in prompt to the first user at a user device to provide the user credentials to authenticate the first user; before receiving second data that indicates the second portion of the user credentials for the first user, determine to send a first message that indicates the first portion of the user credentials to a remote process that initiates authentication of the first user based on the first portion of the user credentials; and receive a service response authorized by the first portion, wherein receiving of the service response authorized by the first portion occurs before a submit button on the user device is activated to send the second portion of the user credentials from the user device. 12. The apparatus of claim 11 , wherein, the service response authorized by the first portion provides access control to the first user, and when the user device is a trusted client, a level of access con
Assignees
Inventors
Classifications
wherein the data content is protected, e.g. by encrypting or encapsulating the payload · CPC title
involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token (network architectures or network communication protocols for supporting authentication of entities using an additional device in a packet data network H04L63/0853) · CPC title
- H04L9/3213Primary
using tickets or tokens, e.g. Kerberos (network architectures or network communication protocols for entities authentication using tickets in a packet data network H04L63/0807) · CPC title
using passwords (cryptographic mechanisms or cryptographic arrangements for entity authentication using a predetermined code H04L9/3226) · CPC title
Entity profiles · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9979545B2 cover?
- Techniques for accelerated authentication include receiving first data that indicates a first portion of user credentials for a first user but not a second portion. It is verified whether the first portion of user credentials is valid. If the first portion of user credentials is valid, then second data that indicates a valid value for the second portion of user credentials for the first user is…
- Who is the assignee on this patent?
- Nokia Technologies Oy
- What technology area does this patent fall under?
- Primary CPC classification H04L9/3213. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue May 22 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).