Many are not aware that SFOR technology for "true"
Post# of 82687
(Total Views: 451)
Posted On: 03/21/2018 8:38:27 AM
Many are not aware that SFOR technology for "true" OOBA is achieved by creating two channels. Many IT firms are touting OOBA when in fact it is done through 1 channel (in band).
As layed out in the court docs:
"19. Defendant Duo Security infringes claim 1 of the ‘698 Patent because the Duo Security System performs a method implemented in software to employ a multichannel security system to control access to a computer (e.g., through the Duo Access Gateway). The server running the Duo Security System (e.g., the Duo Access Gateway) receives via a first channel (e.g., over a network such as a WAN, VPN, the Internet), the login identification of a user and the demand for accessing a host computer. The server running Duo Access Gateway verifies the login identification by confirming that the login identification has been matched with the user’s password (e.g., Boolean check). The demand for access and the user’s login identification are passed to a Duo Security server(s) that is connected to a second channel, which receives that
5271(a). Defendant Duo Security has infringed claims 1, 7, 8, 10, 19, 22, 48, 50, 52, 53, and 54 of the ’698 Patent in this District and elsewhere by making, using, offering for sale, or selling systems and methods for out-of-band authentication, including Duo Push, Duo Mobile, and Duo Two-Factor Authentication products (“the Duo Security System”), which are offered for sale and sold in this District and elsewhere."
and
"19. Defendant Duo Security infringes claim 1 of the ‘698 Patent because the Duo Security System performs a method implemented in software to employ a multichannel security system to control access to a computer (e.g., through the Duo Access Gateway). The server running the Duo Security System (e.g., the Duo Access Gateway) receives via a first channel (e.g., over a network such as a WAN, VPN, the Internet), the login identification of a user and the demand for accessing a host computer. The server running Duo Access Gateway verifies the login identification by confirming that the login identification has been matched with the user’s password (e.g., Boolean check). The demand for access and the user’s login identification are passed to a Duo Security server(s) that is connected to a second channel, which receives that data. The Duo Security server(s) running the Duo Cloud Service outputs a prompt to the user requesting a transmission of data, for example, a Push response or a DTMF data transmission. The user’s transmitted data (e.g., a Push response or a DTMF transmission) is received by the Duo Security server(s) running Duo Cloud Service. The Duo Security server(s) running Duo Cloud Service compare the user’s input of data against the expected input (e.g., to predetermined DTMFsignal(s)and/orfraudalertsand/ormobilePushresponses). TheDuoSecurityserver(s) output an instruction to the computer the user is trying to access to grant or deny access based on the comparison of the transmitted data and the predetermined data."
To read more, see link:
https://insight.rpxcorp.com/litigation_documents/12319796
GLTA
IMO
As layed out in the court docs:
"19. Defendant Duo Security infringes claim 1 of the ‘698 Patent because the Duo Security System performs a method implemented in software to employ a multichannel security system to control access to a computer (e.g., through the Duo Access Gateway). The server running the Duo Security System (e.g., the Duo Access Gateway) receives via a first channel (e.g., over a network such as a WAN, VPN, the Internet), the login identification of a user and the demand for accessing a host computer. The server running Duo Access Gateway verifies the login identification by confirming that the login identification has been matched with the user’s password (e.g., Boolean check). The demand for access and the user’s login identification are passed to a Duo Security server(s) that is connected to a second channel, which receives that
5271(a). Defendant Duo Security has infringed claims 1, 7, 8, 10, 19, 22, 48, 50, 52, 53, and 54 of the ’698 Patent in this District and elsewhere by making, using, offering for sale, or selling systems and methods for out-of-band authentication, including Duo Push, Duo Mobile, and Duo Two-Factor Authentication products (“the Duo Security System”), which are offered for sale and sold in this District and elsewhere."
and
"19. Defendant Duo Security infringes claim 1 of the ‘698 Patent because the Duo Security System performs a method implemented in software to employ a multichannel security system to control access to a computer (e.g., through the Duo Access Gateway). The server running the Duo Security System (e.g., the Duo Access Gateway) receives via a first channel (e.g., over a network such as a WAN, VPN, the Internet), the login identification of a user and the demand for accessing a host computer. The server running Duo Access Gateway verifies the login identification by confirming that the login identification has been matched with the user’s password (e.g., Boolean check). The demand for access and the user’s login identification are passed to a Duo Security server(s) that is connected to a second channel, which receives that data. The Duo Security server(s) running the Duo Cloud Service outputs a prompt to the user requesting a transmission of data, for example, a Push response or a DTMF data transmission. The user’s transmitted data (e.g., a Push response or a DTMF transmission) is received by the Duo Security server(s) running Duo Cloud Service. The Duo Security server(s) running Duo Cloud Service compare the user’s input of data against the expected input (e.g., to predetermined DTMFsignal(s)and/orfraudalertsand/ormobilePushresponses). TheDuoSecurityserver(s) output an instruction to the computer the user is trying to access to grant or deny access based on the comparison of the transmitted data and the predetermined data."
To read more, see link:
https://insight.rpxcorp.com/litigation_documents/12319796
GLTA
IMO
(4)
(0)