Invention Grant
US08627088B2 System and method for in- and out-of-band multi-factor server-to-user authentication
有权
带内和带外多因素服务器到用户认证的系统和方法
- Patent Title: System and method for in- and out-of-band multi-factor server-to-user authentication
- Patent Title (中): 带内和带外多因素服务器到用户认证的系统和方法
-
Application No.: US12703685Application Date: 2010-02-10
-
Publication No.: US08627088B2Publication Date: 2014-01-07
- Inventor: Len L. Mizrah
- Applicant: Len L. Mizrah
- Applicant Address: US CA Redwood City
- Assignee: Authernative, Inc.
- Current Assignee: Authernative, Inc.
- Current Assignee Address: US CA Redwood City
- Agency: Haynes Beffel & Wolfeld LLP
- Main IPC: H04K1/00
- IPC: H04K1/00
Abstract:
A method to authenticate a server to a client is provided, including in-band and out-of-band techniques. At least a first shared secret identifies a server path, including a plurality of pre-defined locations on a frame of reference (e.g. a grid). An authentication session is initiated upon receiving a client identifier at the server-side resources. A current session instance of the grid is presented to the client, populated with characters. The process includes sharing between the client and the server a challenge identifying a random subset of the plurality of predefined locations in the server path, and a response including characters that match the characters in the locations on the server path identified by the challenge. As a result, client is capable of verifying that the server has access to the first shared secret. Then a protocol is executed to authenticate the client to the server.
Public/Granted literature
- US20110197070A1 SYSTEM AND METHOD FOR IN- AND OUT-OF-BAND MULTI-FACTOR SERVER-TO-USER AUTHENTICATION Public/Granted day:2011-08-11
Information query
