Device authentication using out-of-band communications

Assignee

• Dell Products L.P. · US

Inventors

• Mohit Arora · Faridabad, IN
• Abeye Teshome · Austin, US
• Richard M. Tonry · Austin, US
• Bassem El-Azzami · Austin, US
• Vinodkumar Vasudev Ottar · McKinney, US
• Luis Antonio Valencia Reyes · Waxahachie, US
• Adolfo S. Montero · Pflugerville, US
• Rajaravi Chandra Kollarapu · Allen, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L2463/082
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Methods and systems for authenticating a user device to an application device are disclosed. The user device may request access to a (computer-implemented) service provided by the application device. Access to the service may include access to sensitive data; therefore, to prevent unauthorized access to the sensitive data, the user device may be authenticated to the application device before the service is provided. To do so, the application device may perform a first factor authentication using in-band hardware resources of the user device; however, the in-band hardware resources may be vulnerable to attacks by malicious parties. Thus, in addition, a second factor authentication of the user device may be performed out-of-band (e.g., using a management controller of the user device) in order to bypass potentially compromised in-band hardware resources. The additional out-of-band authentication may reduce the likelihood of the malicious parties gaining access to the sensitive data via spoofing attacks.