公开(公告)号：US11323480B2

公开(公告)日：2022-05-03

申请号：US16405308

申请日：2019-05-07

Applicant: Cisco Technology, Inc.

Inventor： Jeremy Lee Erickson ,  Nicholas Hamilton Steele ,  Nicholas James Mooney

IPC: H04L29/06

Abstract: An authentication system handles authentication requests to apply introspection and policy enforcement. A policy server obtains a client security policy and an authenticator security policy. The policy server obtains an encrypted credential request with client metadata from a client and determines whether the client metadata satisfies the client security policy. The policy server provides the encrypted credential request to an authenticator device and obtains an encrypted credential response with authenticator metadata in response. The policy server determines whether the authenticator metadata satisfies the authenticator security policy. The policy server processes the encrypted credential response, without decrypting the encrypted credential request or the encrypted credential response, based on a determination of whether the client metadata satisfies the client security policy and the authenticator metadata satisfies the authenticator security policy.

公开(公告)号：US11777917B2

公开(公告)日：2023-10-03

申请号：US17071869

申请日：2020-10-15

Applicant: Cisco Technology, Inc.

Inventor： Jeremy Erickson ,  Nicholas James Mooney ,  Jordan Matthew Wright ,  Nicholas Hamilton Steele ,  Mikhail Davidov

IPC: H04L9/40 ,  H04L9/30 ,  H04L9/08

CPC classification number: H04L63/08 ,  H04L9/088 ,  H04L9/30

Abstract: This disclosure describes techniques for authenticating one or more devices of a user in association with cloud computing services. The techniques include generating credential portions. The credential portions may be used in a signing protocol between one of the user devices and a cloud authenticator. The signing protocol may generate a signature that may be used in authentication with a cloud computing service. In some cases, the credential portions may be shared with other devices of the user. As such, the cloud authenticate may assist multiple user devices to authenticate with the cloud computing service.

公开(公告)号：US20220123950A1

公开(公告)日：2022-04-21

申请号：US17071972

申请日：2020-10-15

Applicant: Cisco Technology, Inc.

Inventor： Jeremy Erickson ,  Nicholas James Mooney ,  Jordan Matthew Wright ,  Nicholas Hamilton Steele ,  Mikhail Davidov ,  Richard Lee Barnes, II

IPC: H04L9/32 ,  G06F9/50 ,  H04L9/08

Abstract: This disclosure describes techniques for authenticating one or more devices of a user in association with cloud computing services. The techniques include generating credential portions. The credential portions may be used in a signing protocol between one of the user devices and a cloud authenticator. The signing protocol may generate a signature that may be used in authentication with a cloud computing service. Furthermore, the user may be able to use any one of the user devices to log in to an online service after enrolling only a single user device with the online service. As such, the cloud authenticator may assist multiple user devices to authenticate with the cloud computing service.

公开(公告)号：US20220124078A1

公开(公告)日：2022-04-21

申请号：US17071869

申请日：2020-10-15

Applicant: Cisco Technology, Inc.

Inventor： Jeremy Erickson ,  Nicholas James Mooney ,  Jordan Matthew Wright ,  Nicholas Hamilton Steele ,  Mikhail Davidov

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/30

Abstract: This disclosure describes techniques for authenticating one or more devices of a user in association with cloud computing services. The techniques include generating credential portions. The credential portions may be used in a signing protocol between one of the user devices and a cloud authenticator. The signing protocol may generate a signature that may be used in authentication with a cloud computing service. In some cases, the credential portions may be shared with other devices of the user. As such, the cloud authenticate may assist multiple user devices to authenticate with the cloud computing service.