| 发明名称 |
SYSTEM FOR TRANSPARENT AUTHENTICATION ACROSS INSTALLED APPLICATIONS |
| 摘要 |
A system for authenticating mobile device users transparently is disclosed. This invention improves on the existing flaws by deriving encryption keys from environmental condition data when the user and device are trusted. The keys are then cryptographically hashed and compared with repository hashed data to determine if the conditions match a prior set of conditions. If a match is found and trust factors are sufficient, the system uses the condition data to decrypt a master key that allows access to secure data in the same manner as would a user-provided password. The security system cannot be bypassed if the device is stolen, as an attacker would have to replicate the exact environment and behavioral attributes employed and learned from the user without any knowledge as to the factors that constitute them because the factors are not maintained by the system. |
| 申请公布号 |
US2017041145(A1) |
申请公布日期 |
2017.02.09 |
| 申请号 |
US201615332850 |
申请日期 |
2016.10.24 |
| 申请人 |
Trusted Mobile, LLC (d/b/a Sentegrity) |
发明人 |
Sinchak Jason Richard;Frost Troy |
| 分类号 |
H04L9/32;H04L9/08;H04L9/14;G06Q20/40;H04W12/06;H04W12/04;G06Q20/10;H04L9/06;H04L29/06 |
主分类号 |
H04L9/32 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method of user authentication on a device, comprising:
receiving a request for a master key to access secure data; generating, via a processor, a device score based on security factors that are indicative of the integrity of the device; in response to the device score being above a first threshold:
gathering present conditions from a plurality of device sensors;generating, via the processor and an encoding algorithm, a user trust score based on cyrptographic hashes of each of the present conditions and weighted pre-recorded hashes stored in a profile repository in a memory of the device, the weighted pre-recorded hashes representing past values of the conditions;if the user trust score exceeds a second threshold, generating a candidate token by cryptographically hashing a data string formed by the present conditions and comparing it to pre-recorded tokens stored in a token repository of the memory;if the candidate token matches one of the pre-recorded tokens:generating, via the processor and a derived key derived from the present conditions, the master key from an encrypted key uniquely associated with the matched token; and providing the master key to access the secure data. |
| 地址 |
Aurora IL US |
