Security-aware split-server passcode verification for one-time authentication tokens
US9432360B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Feb 22, 2014 |
| Grant date | Aug 30, 2016 |
| Priority date | — |
| Expiry date | Jun 30, 2034 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/2137
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Techniques are provided for security-aware split-server passcode verification for one-time authentication tokens. An exemplary method comprises receiving an authentication passcode generated by a token; and processing the received authentication passcode using at least a first authentication server and a second authentication server. The received authentication passcode is based on a protocode and/or embedded auxiliary information. The embedded auxiliary information comprising a silent alarm and/or a drifting key is extracted from the received authentication passcode. In another exemplary method, the received authentication passcode is processed using a single processing device to extract the embedded auxiliary information comprising one or more of a silent alarm and a drifting key. Another exemplary aspect addresses the processing of an authentication outcome from at least one authentication processing device and providing access to a protected resource based on the authentication outcome and a predefined access policy.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.