| 摘要 |
Provided is a method for operating an authentication server for authenticating a user who is communicating with an enterprise via a network. The method include receiving, via the network, a first authenticator including first information from a low energy wireless device received via a user device wirelessly, and storing the first authenticator. When the authentication service later receives, from the enterprise, a request to authenticate the user, the authentication server transmits an authentication request to the user device via the network requesting that the user read information from the low energy wireless device using the user device. The information received from the low energy wireless device in response to the authentication request is then used authenticate the user by comparing the information received from the low energy wireless device due to the authentication request with the stored first authenticator. |
| 主权项 |
1. A method of operating an authentication server for authenticating a user who is communicating with an enterprise via a network, comprising:
establishing, via the network, an enterprise account with the enterprise by generating and storing an enterprise account identifier; establishing, via the network, a user device account with the user device by storing authentifiers received using the user device and storing the authentifiers in association with a device identifier associated with the user device; generating, after establishing the user device account with the user device, a first asymmetric key pair and storing one key of the first asymmetric key pair and transmitting the other key of the first asymmetric key pair to the user device; generating, after establishing the user device account and the enterprise account, a relationship account that associates the user device identifier and the enterprise account identifier using a relationship identifier; transmitting the relationship identifier to the user device; receiving, after transmitting the relationship identifier to the user device, one key of a second asymmetric key pair from the user device and transmitting the one key of the second asymmetric key pair to the enterprise with the relationship identifier; receiving, via the network, a first authenticator including first information from a low energy wireless device received via a user device wirelessly, and storing the first authenticator; receiving, from the enterprise, a request to authenticate he user; transmitting an authentication request to the user device via the network requesting that the user read information from the low energy wireless device using the user device; receiving, from the user device via the network, the information received from the low energy wireless device in response to the authentication request; and authenticating the user by comparing the information received from the low energy wireless device due to the authentication request with the stored first authenticator, wherein the information received from the low energy wireless device is encrypted by the user device using the other key of the second asymmetric key pair. |
