Abrégé

Described are various embodiments of a user activity-related monitoring system and method, and a user access authorization system and method employing same. In one embodiment, a system is provided for authenticating a user authorised to perform a designated activity in a designated environment. The system comprises a wireless digital user authentication device (UAD) operable to: wirelessly establish an authenticated access session at an access point within the designated environment for performing the designated activity; and acquire activity-related data during performance of the designated activity. The system further comprises a digital application operatively associated with the wireless digital UAD and operable to: digitally compare and evaluate compliance of the activity-related data with a digital authenticated activity template within a designated tolerance.

Classes IPC  ?

• H04W 12/37 - Gestion des politiques de sécurité pour des dispositifs mobiles ou pour le contrôle d’applications mobiles
• G06F 21/31 - Authentification de l’utilisateur
• H04W 12/06 - Authentification
• H04W 12/68 - Sécurité dépendant du contexte dépendant des gestes ou des comportements
• H04W 12/79 - Empreinte radio

Abrégé

Described are various embodiments of a system for monitoring a physical user presence. In one embodiment, the system comprises a wireless digital user authentication device (UAD) operable to: wirelessly establish the authenticated user access session at the access point; periodically communicate an authenticated presence code during the session so to actively maintain the session; and acquire motion-related data during the session so to capture a UAD departure motion representative of the user departing from the access point; and a digital application operatively associated with the access point and operable to: wirelessly establish the session with the UAD upon arrival at the access point; and periodically receive said authenticated presence code so to maintain the session, and otherwise terminate the session upon failure to timely receive the authenticated presence code.

Classes IPC  ?

• G07C 9/28 - Enregistrement de l’entrée ou de la sortie d'une entité isolée comportant l’utilisation d’un laissez-passer le laissez-passer permettant le repérage ou signalant la présence
• A61B 5/0295 - Mesure du débit sanguin utilisant la pléthysmographie, c. à d. par mesure des variations du volume d'une partie du corps induites par la circulation du sang qui traverse cette partie, p.ex. pléthysmographie par impédance
• G07C 9/29 - Enregistrement de l’entrée ou de la sortie d'une entité isolée comportant l’utilisation d’un laissez-passer le laissez-passer comportant des éléments électroniques actifs, p.ex. des cartes à puce
• G01S 1/00 - Radiophares ou systèmes de balisage émettant des signaux ayant une ou des caractéristiques pouvant être détectées par des récepteurs non directionnels et définissant des directions, situations ou lignes de position déterminées par rapport aux émetteu; Récepteurs travaillant avec ces systèmes

Abrégé

Described are various embodiments of a digital user authentication device to authenticate an authorized user. The device comprises a wearable user authentication interface operable to receive unique user identification data and a finger physiological signal; an onbody physiological sensor operable to simultaneously acquire a distinct onbody physiological signal; and a digital data processor operable to execute a user authentication process based on the unique user identification data while confirming a user presence based on the finger physiological signal, and further digitally compare the finger physiological signal and the distinct onbody physiological signal to automatically confirm that they match within a designated level of confidence so to confirm that they were both acquired from a same user.

Classes IPC  ?

• G06F 21/32 - Authentification de l’utilisateur par données biométriques, p.ex. empreintes digitales, balayages de l’iris ou empreintes vocales
• G06F 21/35 - Authentification de l’utilisateur impliquant l’utilisation de dispositifs externes supplémentaires, p.ex. clés électroniques ou cartes à puce intelligentes communiquant sans fils
• G06F 21/40 - Authentification de l’utilisateur sous réserve d’un quorum, c. à d. avec l’intervention nécessaire d’au moins deux responsables de la sécurité
• H04W 12/06 - Authentification

Abrégé

Described are various embodiments of a cryptographic process for portable devices, and user presence and/or access authorization systems and methods employing such protocols. In one embodiment, a digital user authentication system is described to comprise a wireless digital user authentication device (UAD) operable to authenticate the user and wirelessly communicate an authenticated identity thereof; and a network application operatively associated with a wireless access point and operable to authenticate the user presence. Upon the network application authenticating the user presence based, at least in part, on the authenticated identity, the UAD and the network application securely establish a short-term symmetric advertising (STSA) key. During a prescribed advertising lifetime of the STSA, the UAD periodically computes and advertises authentication codes encompassing the STSA key so to securely advertise the authenticated user presence.

Classes IPC  ?

• H04W 12/06 - Authentification

Abrégé

Described are various embodiments of a digital certificate enrolment system and method, and challenge password management system and method therefor. In one embodiment, a digital certificate enrolment front-end process is digitally executable by one or more digital data processors for enrolling a digital certificate for a network device with a corresponding certification authority (CA). This process illustratively comprises: requesting a challenge password on behalf of the network device; providing the network device secure access to the challenge password; obtaining a signed certification request from the network device encompassing the challenge password; issuing a certificate enrolment request encompassing the challenge password on behalf of the network device so to invoke issuance of the digital user certificate from the CA; and relaying the digital certificate to the network device.

Classes IPC  ?

• H04L 9/32 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
• G06F 21/33 - Authentification de l’utilisateur par certificats

Abrégé

Described are various embodiments of a digital user authentication device, the device comprising: a user authentication interface operable to receive as input unique user identification data required to execute a digital user authentication process; a distinct physiological sensor operable to interface with the user to acquire a physiological signal from the user to automatically confirm a live user presence during said authentication process; and a digital data processor and computer-readable memory operable to execute computer-readable instructions to invoke said user authentication process based on said unique user identification data while confirming said live user presence based on said physiological signal such that a successful user authentication is only concluded upon confirmation of said live user presence during said authentication process. Various authentication, access authorization and revocation systems and processes are also described.

Classes IPC  ?

• G06F 21/32 - Authentification de l’utilisateur par données biométriques, p.ex. empreintes digitales, balayages de l’iris ou empreintes vocales
• H04W 12/06 - Authentification
• H04W 4/38 - Services spécialement adaptés à des environnements, à des situations ou à des fins spécifiques pour la collecte d’informations de capteurs

Abrégé

Embodiments are directed towards authenticating users using biometric devices. The biometric device may be arranged to capture one or more biometric feature of a user that may be wearing the biometric device such as biometric features that correspond to an electrocardiogram of the user. The user of the biometric device may be authenticated based on one or more biometric features, or a combination thereof. Authenticating the user of the biometric device, may include communicating information that includes biometric features to an authorized authentication device (AAD). When the user is authenticated, the biometric device may be preauthorized for the user. When the preauthorized biometric device senses at least one access point, an authorization signal may be provided to the access point. If the preauthorized biometric device is removed from the user, the biometric device is deauthorized, disabling access to access points by the user.

Classes IPC  ?

• G06F 21/32 - Authentification de l’utilisateur par données biométriques, p.ex. empreintes digitales, balayages de l’iris ou empreintes vocales
• A61B 5/117 - Identification des personnes
• G07C 9/02 - Tourniquets avec moyens d'enregistrement
• H04L 9/32 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système