Securely operating a process using user-specific and device-specific security constraints
US9871821B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Nov 11, 2014 |
| Grant date | Jan 16, 2018 |
| Priority date | — |
| Expiry date | Mar 29, 2036 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2209/64
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method for enforcing secure processes between a user and a device involves determining that the user has initiated installation of a secure application, installing the RA part of the secure application, triggering a trusted UI session upon realization that the TA part of the secure application is not installed, receiving, via the trusted UI session, user credentials for authenticating the user and enforcing user-specific and device-specific security, cryptographically signing combined user credentials with a cryptographic signature to obtain an authentication object, passing the authentication object to a service provider associated with the secure application for extraction of the user credentials, and generating an authorization token permitting the installation of the TA part of the secure application upon verification of the cryptographically signed authentication object.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.