公开(公告)号：US20240195804A1

公开(公告)日：2024-06-13

申请号：US18065002

申请日：2022-12-13

Applicant: Cisco Technology, Inc.

Inventor： Omar Naji Abduljaber ,  Michael G. Brown ,  Mujtaba Hussain ,  Robert Jacob Linial Small ,  Bradley A. Kuykendall

IPC: H04L9/40

CPC classification number: H04L63/0853

Abstract: In one embodiment, a method, by an authentication server, includes receiving user information associated with a first authentication factor for verification from the first endpoint device. The method further includes in response to verifying the first authentication factor, transmitting a prompt to provide an authentication decision associated with a second authentication factor to the second endpoint device, wherein the second endpoint device is communicatively coupled to the first endpoint device through the communication link. The method further includes receiving the authentication decision that is initiated by the first endpoint device from the second endpoint device, wherein the first endpoint device is configured to initiate and transmit the authentication decision to the second endpoint device in response to receiving the second authentication factor from the second endpoint device.

公开(公告)号：US11665161B2

公开(公告)日：2023-05-30

申请号：US16444036

申请日：2019-06-18

Applicant: Cisco Technology, Inc.

Inventor： Eldridge Lee Alexander ,  James Leslie Barclay ,  Nicholas James Mooney ,  Mujtaba Hussain

IPC: H04L9/40 ,  H04L9/08

CPC classification number: H04L63/0884 ,  H04L9/0897

Abstract: An identity server authenticates a first user identity for a user device through a first authentication exchange as part of a passwordless authentication system. The identity server registers with a relying party as an authenticator for a second user identity. The identity server initiates a second authentication exchange by obtaining from the relying party, a credential request associated with the second user identity. Responsive to a determination that the first user identity authenticated in the first authentication exchange is authorized to act as the second user identity, the identity server obtains a credential request response authenticated by the authenticator in the identity server. The identity server completes the second authentication exchange by providing the credential response to the relying party. The second authentication exchange authenticates the user device to the relying party without involving the user device.