公开(公告)号：US11777917B2

公开(公告)日：2023-10-03

申请号：US17071869

申请日：2020-10-15

Applicant: Cisco Technology, Inc.

Inventor： Jeremy Erickson ,  Nicholas James Mooney ,  Jordan Matthew Wright ,  Nicholas Hamilton Steele ,  Mikhail Davidov

IPC: H04L9/40 ,  H04L9/30 ,  H04L9/08

CPC classification number: H04L63/08 ,  H04L9/088 ,  H04L9/30

Abstract: This disclosure describes techniques for authenticating one or more devices of a user in association with cloud computing services. The techniques include generating credential portions. The credential portions may be used in a signing protocol between one of the user devices and a cloud authenticator. The signing protocol may generate a signature that may be used in authentication with a cloud computing service. In some cases, the credential portions may be shared with other devices of the user. As such, the cloud authenticate may assist multiple user devices to authenticate with the cloud computing service.

公开(公告)号：US20220123950A1

公开(公告)日：2022-04-21

申请号：US17071972

申请日：2020-10-15

Applicant: Cisco Technology, Inc.

Inventor： Jeremy Erickson ,  Nicholas James Mooney ,  Jordan Matthew Wright ,  Nicholas Hamilton Steele ,  Mikhail Davidov ,  Richard Lee Barnes, II

IPC: H04L9/32 ,  G06F9/50 ,  H04L9/08

Abstract: This disclosure describes techniques for authenticating one or more devices of a user in association with cloud computing services. The techniques include generating credential portions. The credential portions may be used in a signing protocol between one of the user devices and a cloud authenticator. The signing protocol may generate a signature that may be used in authentication with a cloud computing service. Furthermore, the user may be able to use any one of the user devices to log in to an online service after enrolling only a single user device with the online service. As such, the cloud authenticator may assist multiple user devices to authenticate with the cloud computing service.

公开(公告)号：US20220124078A1

公开(公告)日：2022-04-21

申请号：US17071869

申请日：2020-10-15

Applicant: Cisco Technology, Inc.

Inventor： Jeremy Erickson ,  Nicholas James Mooney ,  Jordan Matthew Wright ,  Nicholas Hamilton Steele ,  Mikhail Davidov

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/30

Abstract: This disclosure describes techniques for authenticating one or more devices of a user in association with cloud computing services. The techniques include generating credential portions. The credential portions may be used in a signing protocol between one of the user devices and a cloud authenticator. The signing protocol may generate a signature that may be used in authentication with a cloud computing service. In some cases, the credential portions may be shared with other devices of the user. As such, the cloud authenticate may assist multiple user devices to authenticate with the cloud computing service.

公开(公告)号：US11665161B2

公开(公告)日：2023-05-30

申请号：US16444036

申请日：2019-06-18

Applicant: Cisco Technology, Inc.

Inventor： Eldridge Lee Alexander ,  James Leslie Barclay ,  Nicholas James Mooney ,  Mujtaba Hussain

IPC: H04L9/40 ,  H04L9/08

CPC classification number: H04L63/0884 ,  H04L9/0897

Abstract: An identity server authenticates a first user identity for a user device through a first authentication exchange as part of a passwordless authentication system. The identity server registers with a relying party as an authenticator for a second user identity. The identity server initiates a second authentication exchange by obtaining from the relying party, a credential request associated with the second user identity. Responsive to a determination that the first user identity authenticated in the first authentication exchange is authorized to act as the second user identity, the identity server obtains a credential request response authenticated by the authenticator in the identity server. The identity server completes the second authentication exchange by providing the credential response to the relying party. The second authentication exchange authenticates the user device to the relying party without involving the user device.

公开(公告)号：US11323480B2

公开(公告)日：2022-05-03

申请号：US16405308

申请日：2019-05-07

Applicant: Cisco Technology, Inc.

Inventor： Jeremy Lee Erickson ,  Nicholas Hamilton Steele ,  Nicholas James Mooney

IPC: H04L29/06

Abstract: An authentication system handles authentication requests to apply introspection and policy enforcement. A policy server obtains a client security policy and an authenticator security policy. The policy server obtains an encrypted credential request with client metadata from a client and determines whether the client metadata satisfies the client security policy. The policy server provides the encrypted credential request to an authenticator device and obtains an encrypted credential response with authenticator metadata in response. The policy server determines whether the authenticator metadata satisfies the authenticator security policy. The policy server processes the encrypted credential response, without decrypting the encrypted credential request or the encrypted credential response, based on a determination of whether the client metadata satisfies the client security policy and the authenticator metadata satisfies the authenticator security policy.