US20140164418A1 - Unique device identification among large populations of homogenous devices - Google Patents

Unique device identification among large populations of homogenous devices Download PDF

Info

Publication number
US20140164418A1
US20140164418A1 US14/094,637 US201314094637A US2014164418A1 US 20140164418 A1 US20140164418 A1 US 20140164418A1 US 201314094637 A US201314094637 A US 201314094637A US 2014164418 A1 US2014164418 A1 US 2014164418A1
Authority
US
United States
Prior art keywords
digital fingerprint
user
logic
characteristic
digital
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US14/094,637
Inventor
Craig S. Etchegoyen
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Atreus Labs LLC
Original Assignee
Uniloc Luxembourg SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Uniloc Luxembourg SA filed Critical Uniloc Luxembourg SA
Priority to US14/094,637 priority Critical patent/US20140164418A1/en
Assigned to UNILOC LUXEMBOURG, S.A. reassignment UNILOC LUXEMBOURG, S.A. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: ETCHEGOYEN, CRAIG S, MR
Publication of US20140164418A1 publication Critical patent/US20140164418A1/en
Assigned to FORTRESS CREDIT CO LLC reassignment FORTRESS CREDIT CO LLC SECURITY INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: UNILOC LUXEMBOURG, S.A.; UNILOC CORPORATION PTY LIMITED; UNILOC USA, INC.
Assigned to ATREUS LABS LLC reassignment ATREUS LABS LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: UNILOC 2017 LLC
Abandoned legal-status Critical Current

Links

Images

Classifications

    • G06F17/30386
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/316User authentication by observing the pattern of computer usage, e.g. typical user behaviour
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint

Definitions

  • the present invention relates generally to computer systems and, more particularly, to methods of and systems for uniquely identifying computing devices. More specifically, the invention relates to uniquely identifying a computing device by combining device data with personal information of a user of the computing device to form a personalized device fingerprint.
  • Device identification through digital fingerprints has proven to be invaluable in recent years to such technologies as security and digital rights management.
  • authentication of a person can be restricted to a limited number of previously authorized devices that are recognized by their digital fingerprints.
  • digital rights management use of copyrighted or otherwise proprietary subject matter can be similarly restricted to a limited number of previously authorized devices that are recognized by their digital fingerprints.
  • Digital fingerprints are particularly useful in uniquely identifying computing devices that are historically known as “IBM PC compatible”. Such devices have an open architecture in which various computer components are easily interchangeable with compatible but different components. There are two primary effects of such an open architecture that facilitate device identification through digital fingerprints.
  • the first facilitating effect is diversity of device components. Since numerous components of IBM PC compatible devices are interchangeable with comparable but different components, generation of a digital fingerprint from data associated with the respective components of the device is more likely to result in a unique digital fingerprint.
  • the second facilitating effect is discoverability of details of the various components of IBM PC compatible devices. Since the particular combination of components that make up a given device can vary widely and can come from different manufacturers, the components and the operating system of the device cooperate to provide access to detailed information about the components. Such information can include serial numbers, firmware version and revision numbers, model numbers, etc. This detailed information can be used to distinguish identical components from the same manufacturer and therefore improves uniqueness of digital fingerprints of such devices.
  • Laptop computing devices evolved from desktop computing devices such as IBM PC compatible devices and share much of the architecture of desktop computing devices, albeit in shrunken form. Accordingly, while users are much less likely to replace graphics circuitry in a laptop device and components therefore vary less in laptop devices, laptop devices still provide enough detailed and unique information about the components of the laptop device to ensure uniqueness of digital fingerprints.
  • Smart phones are much more homogeneous than older devices. To make smart phones so small, the components of smart phones are much more integrated, including more and more functions within each integrated circuit (IC) chip.
  • IC integrated circuit
  • desktop computing device can include graphics cards and networking cards that are separate from the CPU
  • smart phones typically have integrated graphics and networking circuitry within the CPU.
  • desktop and laptop devices typically include hard drives, which are devices rich with unique and detailed information about themselves
  • smart phones often include non-volatile solid-state memory, such as flash memory, integrated within the CPU or on the same circuit board as the CPU. Flash memory rarely includes information about the flash memory, such as the manufacturer, model number, etc.
  • a digital fingerprint identifying a device includes characteristics of a user of the device. Accordingly, the device can be distinguished from other computing devices that are not readily distinguished by hardware characteristics alone. In effect, characteristics of respective users of homogeneous devices help distinguish the devices from one another.
  • Digital fingerprints are best when they are unique, stable, and difficult to spoof. Accordingly, the personal characteristics used to form the digital fingerprint of the device are those that are likely not to change over time or to change in predictable ways. Examples of such personal characteristics are personal characteristics of the user that can be gathered from publicly available information from social networking sites, such as first and last name, city of residence, employer, relationship status, number of friends, age, etc.
  • the personal characteristics are gathered from sources external to the device, such as profiles of the user stored remotely at a social networking site.
  • sources external to the device such as profiles of the user stored remotely at a social networking site.
  • Each constituent characteristic of a digital fingerprint is associated with extraction logic and comparison logic.
  • the extraction logic of a given characteristic specifies the manner in which the substantive data of the characteristic is retrieved for incorporation into a digital fingerprint.
  • the extraction logic can specify (i) the manner in which a user identifier for the social networking site is extracted from browser personal information such as browsing history, bookmarks, form filling data, and user identifiers; (ii) the manner in which a publicly available profile associated with the extracted user identifier is retrieved; and (iii) the manner in which the characteristic is parsed from the retrieved profile.
  • characteristics used to form digital fingerprints are stable and do not change over time
  • characteristics of a human user can and do change over time.
  • the personal characteristics that are selected for use in forming digital fingerprints are those that are relatively stable and change primarily in predictable, expected ways. For example, a person's first name generally does not change, a person's last name changes rarely, a person's age increases by one each year, and a person's number of friends tends to only increase, and to increase at a modest rate.
  • the comparison logic for each of these characteristics considers the way in which such characteristics can be expected to change over time and estimates a likelihood that two digital fingerprints identify one and the same device according to how well changes in each characteristic over time follows the expected pattern.
  • FIG. 1 is a diagram showing a computing device and a server that cooperate to identify the device in accordance with one embodiment of the present invention.
  • FIG. 2 is a transaction flow diagram illustrating the manner in which the device and server computer of FIG. 1 cooperate to identify the device.
  • FIG. 3 is a block diagram of a digital fingerprint specification used by the server to manage generation of the digital fingerprint of the device of FIG. 1 and comparison of the digital fingerprint to another digital fingerprint.
  • FIGS. 4 and 5 are each a logic flow diagram of an illustrative example of extraction logic by which a part of a digital fingerprint is generated.
  • FIG. 6 is a logic flow diagram illustrating the manner in which the device generates its digital fingerprint in a step of the transaction flow diagram of FIG. 2 in greater detail.
  • FIG. 7 is a logic flow diagram illustrating the manner in which the server compares the digital fingerprint to another digital fingerprint in a step of the transaction flow diagram of FIG. 2 in greater detail.
  • FIGS. 8 and 9 are each a logic flow diagram of an illustrative example of comparison logic by which a part of a digital fingerprint is compared to a corresponding part of another digital fingerprint.
  • FIG. 10 is a block diagram showing in greater detail the server of FIG. 1 .
  • FIG. 11 is a block diagram showing in greater detail the device of FIG. 1 .
  • a computing device 102 ( FIG. 1 ) is identified by a digital fingerprint incorporating a combination of hardware characteristics of device 102 and personal characteristics of a user of device 102 . Accordingly, device 102 can be distinguished from other computing devices that are not readily distinguished by hardware characteristics alone.
  • the personal characteristics used to form the digital fingerprint of device 102 are those that are likely to not change over time or to change in predictable ways.
  • the personal characteristics are gathered from sources external to device 102 . Examples of such personal characteristics are personal characteristics of the user that can be gathered from publicly available information from social networking sites, such as first and last name, city of residence, employer, relationship status, number of friends, age, etc.
  • Device 102 can be any of a number of types of networked computing devices, including smart phones, tablets, netbook computers, laptop computers, and desktop computers.
  • Device 102 communicates with a server 106 through a computer network 104 , which is the Internet in this illustrative embodiment.
  • Server 106 is configured to recognize devices with which server 106 has previously interacted. Such recognition can be part of an authentication process or to provide customized content based on previous interaction with recognized devices, as illustrative examples.
  • Transaction flow diagram 200 ( FIG. 2 ) represents the manner in which device 102 identifies itself to server 106 with a digital fingerprint and server 106 compares the digital fingerprint to digital fingerprints of known devices in accordance with the present invention.
  • step 202 device 102 sends a request for a web page to server computer 106 .
  • the request can be in the form of a URL specified by the user of device 102 using a web browser 1120 ( FIG. 11 ) executing in device 102 and conventional user interface techniques involving physical manipulation of user input devices 1108 .
  • Web browser 1120 and user input devices 1108 and other components of device 102 are described in greater detail below.
  • step 204 server 106 sends the web page that is identified by the request received in step 202 .
  • the web page sent to device 102 includes content that causes web browser 1120 ( FIG. 11 ) of device 102 to generate a digital fingerprint for device 102 , e.g., digital fingerprint 1140 .
  • a web browser plug-in 1122 C installed in client device 102 and, invoked by web browser 1120 , processes the content of the web page to generate the digital fingerprint.
  • the digital fingerprint of device 102 can be generated by other forms of logic of device 102 , such as software installed in device 102 .
  • step 206 is described more completely below with respect to logic flow diagram 206 ( FIG. 6 ).
  • step 208 device 102 sends the digital fingerprint that was generated in step 206 to server 106 .
  • step 210 server 106 compares the digital fingerprint of device 102 received in step 208 to digital fingerprints of known devices. Step 210 is described in greater detail below in conjunction with logic flow diagram 210 ( FIG. 7 ).
  • server 106 continues the interaction with device 102 if device 102 is recognized by its digital fingerprint.
  • server 106 can continue interaction with device 102 regardless of whether device 102 is recognized by its digital fingerprint but modifies the interaction with device 102 according to whether device 102 is recognized.
  • step 206 is shown in greater detail as logic flow diagram 206 ( FIG. 6 ).
  • step 206 is performed by web browser plug-in 1122 C ( FIG. 11 ).
  • Digital fingerprint specification 300 ( FIG. 3 ) stored in digital fingerprint specifications 1032 ( FIG. 10 ) of server 106 .
  • Digital fingerprint specification 300 includes a number of digital fingerprint elements 302 , each of which defines a data element to be included in digital fingerprint 1140 ( FIG. 11 ).
  • Each digital fingerprint element 302 ( FIG. 3 ) includes an identifier 304 , extraction logic 306 , and comparison logic 308 .
  • the particular element represented by digital fingerprint element 302 is sometimes referred to as “the subject element.”
  • Identifier 304 identifies the subject element to enable direct comparison of corresponding elements of digital fingerprints.
  • elements of a digital fingerprint are arranged in a predetermined sequence and specific elements of the digital fingerprint are identified by their position within the sequence, obviating identifier 304 .
  • Extraction logic 306 specifies the manner in which the subject element is extracted by device 102 in generating the digital fingerprint.
  • Logic flow diagrams 306 A ( FIG. 4) and 306B ( FIG. 5 ) are illustrative examples of extraction logic 306 and are described below in greater detail.
  • Comparison logic 308 specifies the manner in which the subject element is compared to a corresponding element of another digital fingerprint to determine whether digital fingerprints match one another.
  • Logic flow diagrams 308 A ( FIG. 8) and 308B ( FIG. 9 ) are illustrative examples of comparison logic 308 and are described below in greater detail.
  • Loop step 602 ( FIG. 6 ) and next step 610 define a loop in which web browser plug-in 1122 C processes each of digital fingerprint elements 302 ( FIG. 3 ) according to steps 604 - 608 .
  • the particular digital fingerprint element 302 processed by web browser plug-in 1122 C is sometimes referred to as the subject element.
  • web browser plug-in 1122 C executes extraction logic 306 of the subject element to extract data representing the subject element.
  • the particular manner in which web browser plug-in 1122 C extracts the data depends on the particular details of extraction logic 306 .
  • Logic flow diagram 306 A ( FIG. 4 ) is an illustrative example of extraction logic for data regarding a hardware characteristic of device 102 .
  • web browser plug-in 1122 C retrieves detailed information about a hard disk drive of device 102 .
  • web browser plug-in 1122 C can retrieve detailed information about a hard disk drive by executing the command, “hdparm -I /dev/sda”.
  • web browser plug-in 1122 C can cache the results of that command to extract data for other elements related to detailed information about the hard disk drive.
  • step 404 web browser plug-in 1122 C parses the serial number of the hard disk drive from the detailed information retrieved in step 402 . Parsing of the serial number is a straight forward process of pattern recognition, using regular expressions for example.
  • Logic flow diagram 306 B ( FIG. 5 ) is an illustrative example of extraction logic for data regarding a personal characteristic of a user of device 102 .
  • web browser plug-in 1122 C retrieves a user identifier for a social networking site from browser personal information 1130 ( FIG. 11 ).
  • Browser personal information 1130 includes various types of personal information stored by web browser 1120 regarding browsing activity of the user of device 102 . Examples include browsing history, form data, user identifiers and passwords, and bookmarks.
  • web browser plug-in 1122 C retrieves public information about the user from the social networking user identifier retrieved in step 502 .
  • Many social networking sites support URLs that are derived from user identifiers in a deterministic manner. For example, if the user has an account for the social networking site at http://twitter.com and the user identifier is “xyz”, a URL to a public page regarding the user can be retrieved at http://twitter.com/#!/xyz.
  • web browser plug-in 1122 C can cache the retrieved web page to extract data for other elements related to same social networking profile.
  • web browser plug-in 1122 C parses a particular item of information from the web page retrieved in step 504 .
  • the particular item of information is a number of friends the user has at the social networking site. Parsing of the number of friends is a straight forward process of pattern recognition, using regular expressions for example.
  • web browser plug-in 1122 C forms a reversible hash of the subject element, including identifier 304 ( FIG. 3 ) and the data retrieved in step 604 ( FIG. 6 ).
  • the subject element is hashed by web browser plug-in 1122 C to obscure the particular form and content of the digital fingerprint during transport through wide area network 104 ( FIG. 1 ).
  • step 608 web browser plug-in 1122 C adds the hash created in step 606 to an accumulation of element hashes.
  • the accumulation of element hashes is the digital fingerprint sent to server 106 in step 208 .
  • the resulting digital fingerprint is an accumulation of hashes that represents multiple items of system information of device 102 and personal information of a user of device 102 .
  • the resulting digital fingerprint comprises a personalized digital fingerprint.
  • server 106 compares the digital fingerprint of device 102 to digital fingerprints of known devices, e.g., known digital fingerprints 1030 ( FIG. 10 ), in step 208 ( FIG. 2 ).
  • Logic flow diagram 210 FIG. 7 ) illustrates comparison of the digital fingerprint of device 102 to another digital fingerprint, sometimes referred to as “the reference digital fingerprint” in the context of logic flow diagram 210 .
  • step 702 digital fingerprint management logic 1024 parses individual reversible hashes representing individual elements of the digital fingerprint of device 102 .
  • digital fingerprint management logic 1024 initializes a match score that represents a degree of similarity between the digital fingerprint of device 102 and the reference digital fingerprint. In this illustrative embodiment, digital fingerprint management logic 1024 initializes the match score to a value of 1.0, indicating a perfect match.
  • Loop step 706 and next step 710 define a loop in which digital fingerprint management logic 1024 processes each digital fingerprint element 302 ( FIG. 3 ) according to step 708 .
  • the particular digital fingerprint element processed by digital fingerprint management logic 1024 is sometimes referred to as “the subject element” in the context of logic flow diagram 210 .
  • digital fingerprint management logic 1024 executes comparison logic 308 ( FIG. 3 ) of the subject element. Execution of comparison logic 308 adjusts the match score initialized in step 704 in a manner specified within comparison logic 308 .
  • Logic flow diagram 308 A ( FIG. 8 ) is an illustrative example of comparison logic for data regarding a hardware characteristic of device 102 .
  • digital fingerprint management logic 1024 ( FIG. 10 ) compares data representing the serial number of a hard disk drive of digital fingerprint 1140 ( FIG. 11 ) to data representing the serial number of a hard disk drive of the reference digital fingerprint. If the respective serial numbers are not the same, processing transfers to step 804 in which digital fingerprint management logic 1024 reduces the match score by 30%, by multiplication of the match score by 0.7, in step 804 . Conversely, if the respective serial numbers are the same, digital fingerprint management logic 1024 does not reduce the match score in step 806 . Step 806 shows that digital fingerprint management logic 1024 multiplies the match score by 1.0 only to explicitly show that the match score remains unchanged.
  • a mismatch in the serial number of a hard disk drive suggests that digital fingerprint 1140 ( FIG. 11 ) and the reference digital fingerprint do not represent one and the same device and the suggestion is reflected in the match score.
  • Such suggestions accumulate as comparison logic for other digital fingerprints can further reduce the match score.
  • Logic flow diagram 308 B ( FIG. 9 ) is an illustrative example of comparison logic for data regarding a personal characteristic of a user of device 102 .
  • digital fingerprint management logic 1024 evaluates a change in the number of friends of the user per month since the generation of the reference digital fingerprint.
  • Logic flow diagram 308 B illustrates comparison of personal characteristics that can change over time but tend to change in a predictable way. Such is true of the number of friends one has through a social networking site.
  • Case step 902 directs processing by digital fingerprint management logic 1024 to one of steps 906 , 910 , 914 , 918 , and 920 according to the test values of test steps 904 , 908 , 912 , and 916 .
  • digital fingerprint 1140 does not include a number of friends, e.g., because the user of device 102 does not have a profile at the social networking site, and the reference digital fingerprint does include a number of friends
  • processing by digital fingerprint management logic 1024 transfers through test step 904 to step 906 in which digital fingerprint management logic 1024 reduces the match score by 30%, by multiplication of the match score by 0.7. It is rare that people remove profiles from social network sites. Accordingly, the absence of a profile for the user of device 102 when the profile exists for the reference digital fingerprint is relatively strongly indicative of a mismatch between digital fingerprint 1140 and the reference digital fingerprint.
  • step 910 processing by digital fingerprint management logic 1024 transfers through test step 908 to step 910 in which digital fingerprint management logic 1024 reduces the match score by 30%, by multiplication of the match score by 0.7. It is rare that people remove friends in social network sites. Accordingly, the reduction in the number of friends is relatively strongly indicative of a mismatch between digital fingerprint 1140 and the reference digital fingerprint.
  • step 912 processing by digital fingerprint management logic 1024 transfers through test step 912 to step 914 in which digital fingerprint management logic 1024 does not reduce the match score at all.
  • the number of friends of a given user at a social networking site tends to be stable and, to the extent the number changes, the number tends only to increase. Accordingly, equivalence in the number of friends is relatively strongly indicative of a match between digital fingerprint 1140 and the reference digital fingerprint.
  • processing by digital fingerprint management logic 1024 transfers through test step 916 to step 918 in which digital fingerprint management logic 1024 reduces the match score by 5%, by multiplication of the match score by 0.95.
  • step 916 the number of friends of a user of a social networking site increases, the number tends to increase relatively slowly over time once the profile is established. Accordingly, the relatively slow increase in the number of friends is relatively weakly indicative of a mismatch between digital fingerprint 1140 and the reference digital fingerprint.
  • processing by digital fingerprint management logic 1024 transfers through test step 916 to step 920 in which digital fingerprint management logic 1024 reduces the match score by 20%, by multiplication of the match score by 0.8.
  • step 916 the number of friends of a user of a social networking site increases, the number tends to increase relatively slowly over time once the profile is established. Accordingly, the relatively rapid increase in the number of friends is moderately indicative of a mismatch between digital fingerprint 1140 and the reference digital fingerprint.
  • a mismatch in the number of friends the user has at a social networking site can suggest that digital fingerprint 1140 ( FIG. 11 ) and the reference digital fingerprint do not represent one and the same device and the suggestion is reflected in the match score.
  • the degree to which such is suggested depends upon how changes in the number of friends follow an expected pattern.
  • the match score reflects cumulative reductions of mismatches in the corresponding elements of digital fingerprint 1140 and the reference digital fingerprint.
  • digital fingerprint management logic 1024 determines that digital fingerprint 1140 and the reference digital fingerprint match only when the final matching score is at least a predetermined threshold.
  • digital fingerprint management logic 1024 supersedes the reference digital fingerprint with digital fingerprint 1140 in this illustrative embodiment since digital fingerprint 1140 is the more recent digital fingerprint of device 102 .
  • Server computer 106 is shown in greater detail in FIG. 10 .
  • Server 106 includes one or more microprocessors 1002 (collectively referred to as CPU 1002 ) that retrieve data and/or instructions from memory 1004 and execute retrieved instructions in a conventional manner.
  • Memory 1004 can include generally any computer-readable medium including, for example, persistent memory such as magnetic and/or optical disks, ROM, and PROM and volatile memory such as RAM.
  • CPU 1002 and memory 1004 are connected to one another through a conventional interconnect 1006 , which is a bus in this illustrative embodiment and which connects CPU 1002 and memory 1004 to network access circuitry 1012 .
  • Network access circuitry 1012 sends and receives data through computer networks such as wide area network 104 ( FIG. 1 ).
  • a number of components of server 106 are stored in memory 1004 .
  • web server logic 1020 and web application logic 1022 are all or part of one or more computer processes executing within CPU 1002 from memory 1004 in this illustrative embodiment but can also be implemented using digital logic circuitry.
  • Web server logic 1020 is a conventional web server.
  • Web application logic 1022 is content that defines one or more pages of a web site and is served by web server logic 1020 to client devices such as device 102 .
  • Digital fingerprint management logic 1024 is a part of web application logic 1022 that causes client devices to generate digital fingerprints and to compare digital fingerprints in the manner described above.
  • Device 102 is a personal computing device and is shown in greater detail in FIG. 11 .
  • Device 102 includes one or more microprocessors 1102 (collectively referred to as CPU 1102 ) that retrieve data and/or instructions from memory 1104 and execute retrieved instructions in a conventional manner.
  • Memory 1104 can include generally any computer-readable medium including, for example, persistent memory such as magnetic and/or optical disks, ROM, and PROM and volatile memory such as RAM.
  • CPU 1102 and memory 1104 are connected to one another through a conventional interconnect 1106 , which is a bus in this illustrative embodiment and which connects CPU 1102 and memory 1104 to one or more input devices 1108 , output devices 1110 , and network access circuitry 1112 .
  • Input devices 1108 can include, for example, a keyboard, a keypad, a touch-sensitive screen, a mouse, a microphone, and one or more cameras.
  • Output devices 1110 can include, for example, a display —such as a liquid crystal display (LCD) —and one or more loudspeakers.
  • Network access circuitry 1112 sends and receives data through computer networks such as wide area network 104 ( FIG. 1 ).
  • web browser 1120 is all or part of one or more computer processes executing within CPU 1102 from memory 1104 in this illustrative embodiment but can also be implemented using digital logic circuitry.
  • logic refers to (i) logic implemented as computer instructions and/or data within one or more computer processes and/or (ii) logic implemented in electronic circuitry.
  • Web browser plug-ins 1122 A-C are each all or part of one or more computer processes that cooperate with web browser 1120 to augment the behavior of web browser 1120 . The manner in which behavior of a web browser is augmented by web browser plug-ins is conventional and known and is not described herein.
  • Browser personal information 1130 and digital fingerprint 1140 are data stored persistently in memory 1104 .
  • Browser personal information 1130 can be organized as all or part of one or more databases.
  • web browser plug-in 1122 C generates digital fingerprint 1140 according to extraction logic 306 ( FIG. 3 ) of each of digital fingerprint elements 302 .
  • digital fingerprint management logic 1024 sends identifier 304 ( FIG. 3 ) and extraction logic 306 for all digital fingerprint elements 302 to web browser plug-in 1122 C ( FIG. 11 ) in step 204 ( FIG. 2 ).
  • identifier 304 ( FIG. 3 ) and extraction logic 306 for all digital fingerprint elements 302 are included within web browser plug-in 1122 C ( FIG. 11 ) and device 102 downloads web browser plug-in 1122 C from server 106 with all the extraction logic already included.

Abstract

A digital fingerprint identifying a device includes characteristics of a user of the device in addition to characteristics of the device itself. The personal characteristics used to form the digital fingerprint of the device are those that are likely to not change over time or to change in predictable ways. The personal characteristics are gathered from sources external to the device, such as profiles of the user stored remotely at a social networking site. Each constituent characteristic of a digital fingerprint is associated with extraction logic and comparison logic.

Description

  • This application claim priority to U.S. Provisional Application No. 61/734,455, filed Dec. 7, 2012, which is fully incorporated herein by reference.
    • BACKGROUND OF THE INVENTION
  • 1. Field of the Invention
  • The present invention relates generally to computer systems and, more particularly, to methods of and systems for uniquely identifying computing devices. More specifically, the invention relates to uniquely identifying a computing device by combining device data with personal information of a user of the computing device to form a personalized device fingerprint.
  • 2. Description of the Related Art
  • Device identification through digital fingerprints has proven to be invaluable in recent years to such technologies as security and digital rights management. In security, authentication of a person can be restricted to a limited number of previously authorized devices that are recognized by their digital fingerprints. In digital rights management, use of copyrighted or otherwise proprietary subject matter can be similarly restricted to a limited number of previously authorized devices that are recognized by their digital fingerprints.
  • Digital fingerprints are particularly useful in uniquely identifying computing devices that are historically known as “IBM PC compatible”. Such devices have an open architecture in which various computer components are easily interchangeable with compatible but different components. There are two primary effects of such an open architecture that facilitate device identification through digital fingerprints.
  • The first facilitating effect is diversity of device components. Since numerous components of IBM PC compatible devices are interchangeable with comparable but different components, generation of a digital fingerprint from data associated with the respective components of the device is more likely to result in a unique digital fingerprint.
  • The second facilitating effect is discoverability of details of the various components of IBM PC compatible devices. Since the particular combination of components that make up a given device can vary widely and can come from different manufacturers, the components and the operating system of the device cooperate to provide access to detailed information about the components. Such information can include serial numbers, firmware version and revision numbers, model numbers, etc. This detailed information can be used to distinguish identical components from the same manufacturer and therefore improves uniqueness of digital fingerprints of such devices.
  • Laptop computing devices evolved from desktop computing devices such as IBM PC compatible devices and share much of the architecture of desktop computing devices, albeit in shrunken form. Accordingly, while users are much less likely to replace graphics circuitry in a laptop device and components therefore vary less in laptop devices, laptop devices still provide enough detailed and unique information about the components of the laptop device to ensure uniqueness of digital fingerprints.
  • However, the world of computing devices is rapidly changing. Smart phones that fit in one's pocket now include processing resources that were state of the art just a few years ago. In addition, smart phones are growing wildly in popularity. Unlike tablet computing devices of a decade ago, which were based on laptop device architectures, tablet devices available today are essentially larger versions of smart phones.
  • Smart phones are much more homogeneous than older devices. To make smart phones so small, the components of smart phones are much more integrated, including more and more functions within each integrated circuit (IC) chip. For example, while a desktop computing device can include graphics cards and networking cards that are separate from the CPU, smart phones typically have integrated graphics and networking circuitry within the CPU. Furthermore, while desktop and laptop devices typically include hard drives, which are devices rich with unique and detailed information about themselves, smart phones often include non-volatile solid-state memory, such as flash memory, integrated within the CPU or on the same circuit board as the CPU. Flash memory rarely includes information about the flash memory, such as the manufacturer, model number, etc.
  • Since these components of smart phones are generally tightly integrated and not replaceable, the amount and variety of unique data within a smart phone that can be used to generate a unique digital fingerprint is greatly reduced relative to older device architectures. In addition, since it is not expected that smart phone components will ever be replaced, there is less support for access to detailed information about the components of smart phones even if such information exists.
  • Accordingly, it is much more difficult to assure that digital fingerprints of smart phones and similar portable personal computing devices such as tablet devices are unique. What is needed is a way to uniquely identify individual devices in large populations of homogeneous devices.
    • SUMMARY OF THE INVENTION
  • In accordance with the present invention, a digital fingerprint identifying a device includes characteristics of a user of the device. Accordingly, the device can be distinguished from other computing devices that are not readily distinguished by hardware characteristics alone. In effect, characteristics of respective users of homogeneous devices help distinguish the devices from one another.
  • Digital fingerprints are best when they are unique, stable, and difficult to spoof. Accordingly, the personal characteristics used to form the digital fingerprint of the device are those that are likely not to change over time or to change in predictable ways. Examples of such personal characteristics are personal characteristics of the user that can be gathered from publicly available information from social networking sites, such as first and last name, city of residence, employer, relationship status, number of friends, age, etc.
  • In addition, the personal characteristics are gathered from sources external to the device, such as profiles of the user stored remotely at a social networking site. As a result, it is difficult for one person to spoof characteristics of another person without also having the ability to modify the profile of the other person that is maintained externally to the device.
  • Each constituent characteristic of a digital fingerprint is associated with extraction logic and comparison logic. The extraction logic of a given characteristic specifies the manner in which the substantive data of the characteristic is retrieved for incorporation into a digital fingerprint. To retrieve a characteristic, such as the number of friends of the user at a social networking site, the extraction logic can specify (i) the manner in which a user identifier for the social networking site is extracted from browser personal information such as browsing history, bookmarks, form filling data, and user identifiers; (ii) the manner in which a publicly available profile associated with the extracted user identifier is retrieved; and (iii) the manner in which the characteristic is parsed from the retrieved profile.
  • While it is preferred that characteristics used to form digital fingerprints are stable and do not change over time, characteristics of a human user can and do change over time. The personal characteristics that are selected for use in forming digital fingerprints are those that are relatively stable and change primarily in predictable, expected ways. For example, a person's first name generally does not change, a person's last name changes rarely, a person's age increases by one each year, and a person's number of friends tends to only increase, and to increase at a modest rate. The comparison logic for each of these characteristics considers the way in which such characteristics can be expected to change over time and estimates a likelihood that two digital fingerprints identify one and the same device according to how well changes in each characteristic over time follows the expected pattern.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • Other systems, methods, features and advantages of the invention will be or will become apparent to one with skill in the art upon examination of the following figures and detailed description. It is intended that all such additional systems, methods, features and advantages be included within this description, be within the scope of the invention, and be protected by the accompanying claims. Component parts shown in the drawings are not necessarily to scale, and may be exaggerated to better illustrate the important features of the invention. In the drawings, like reference numerals may designate like parts throughout the different views, wherein:
  • FIG. 1 is a diagram showing a computing device and a server that cooperate to identify the device in accordance with one embodiment of the present invention.
  • FIG. 2 is a transaction flow diagram illustrating the manner in which the device and server computer of FIG. 1 cooperate to identify the device.
  • FIG. 3 is a block diagram of a digital fingerprint specification used by the server to manage generation of the digital fingerprint of the device of FIG. 1 and comparison of the digital fingerprint to another digital fingerprint.
  • FIGS. 4 and 5 are each a logic flow diagram of an illustrative example of extraction logic by which a part of a digital fingerprint is generated.
  • FIG. 6 is a logic flow diagram illustrating the manner in which the device generates its digital fingerprint in a step of the transaction flow diagram of FIG. 2 in greater detail.
  • FIG. 7 is a logic flow diagram illustrating the manner in which the server compares the digital fingerprint to another digital fingerprint in a step of the transaction flow diagram of FIG. 2 in greater detail.
  • FIGS. 8 and 9 are each a logic flow diagram of an illustrative example of comparison logic by which a part of a digital fingerprint is compared to a corresponding part of another digital fingerprint.
  • FIG. 10 is a block diagram showing in greater detail the server of FIG. 1.
  • FIG. 11 is a block diagram showing in greater detail the device of FIG. 1.
    •  DETAILED DESCRIPTION
  • In accordance with the present invention, a computing device 102 (FIG. 1) is identified by a digital fingerprint incorporating a combination of hardware characteristics of device 102 and personal characteristics of a user of device 102. Accordingly, device 102 can be distinguished from other computing devices that are not readily distinguished by hardware characteristics alone.
  • Digital fingerprints are best when they are unique, stable, and difficult to spoof. Accordingly, the personal characteristics used to form the digital fingerprint of device 102 are those that are likely to not change over time or to change in predictable ways. In addition, the personal characteristics are gathered from sources external to device 102. Examples of such personal characteristics are personal characteristics of the user that can be gathered from publicly available information from social networking sites, such as first and last name, city of residence, employer, relationship status, number of friends, age, etc.
  • Device 102 can be any of a number of types of networked computing devices, including smart phones, tablets, netbook computers, laptop computers, and desktop computers. Device 102 communicates with a server 106 through a computer network 104, which is the Internet in this illustrative embodiment. Server 106 is configured to recognize devices with which server 106 has previously interacted. Such recognition can be part of an authentication process or to provide customized content based on previous interaction with recognized devices, as illustrative examples.
  • Transaction flow diagram 200 (FIG. 2) represents the manner in which device 102 identifies itself to server 106 with a digital fingerprint and server 106 compares the digital fingerprint to digital fingerprints of known devices in accordance with the present invention.
  • In step 202, device 102 sends a request for a web page to server computer 106. The request can be in the form of a URL specified by the user of device 102 using a web browser 1120 (FIG. 11) executing in device 102 and conventional user interface techniques involving physical manipulation of user input devices 1108. Web browser 1120 and user input devices 1108 and other components of device 102 are described in greater detail below.
  • In step 204 (FIG. 2), server 106 sends the web page that is identified by the request received in step 202. The web page sent to device 102 includes content that causes web browser 1120 (FIG. 11) of device 102 to generate a digital fingerprint for device 102, e.g., digital fingerprint 1140. In one embodiment, a web browser plug-in 1122C installed in client device 102 and, invoked by web browser 1120, processes the content of the web page to generate the digital fingerprint. In other embodiments, the digital fingerprint of device 102 can be generated by other forms of logic of device 102, such as software installed in device 102. The various elements of device 102 and their interaction are described more completely below. In addition, step 206 is described more completely below with respect to logic flow diagram 206 (FIG. 6).
  • In step 208 (FIG. 2), device 102 sends the digital fingerprint that was generated in step 206 to server 106.
  • In step 210, server 106 compares the digital fingerprint of device 102 received in step 208 to digital fingerprints of known devices. Step 210 is described in greater detail below in conjunction with logic flow diagram 210 (FIG. 7).
  • In step 212, server 106 continues the interaction with device 102 if device 102 is recognized by its digital fingerprint. Alternatively, server 106 can continue interaction with device 102 regardless of whether device 102 is recognized by its digital fingerprint but modifies the interaction with device 102 according to whether device 102 is recognized.
  • As described above, device 102 generates a digital fingerprint to identify itself in step 206 (FIG. 2), and step 206 is shown in greater detail as logic flow diagram 206 (FIG. 6). In this illustrative embodiment, step 206 is performed by web browser plug-in 1122C (FIG. 11).
  • The generation and comparison of digital fingerprints are defined by a digital fingerprint specification 300 (FIG. 3) stored in digital fingerprint specifications 1032 (FIG. 10) of server 106. Digital fingerprint specification 300 (FIG. 3) includes a number of digital fingerprint elements 302, each of which defines a data element to be included in digital fingerprint 1140 (FIG. 11).
  • Each digital fingerprint element 302 (FIG. 3) includes an identifier 304, extraction logic 306, and comparison logic 308. In the context of FIG. 3, the particular element represented by digital fingerprint element 302 is sometimes referred to as “the subject element.”
  • Identifier 304 identifies the subject element to enable direct comparison of corresponding elements of digital fingerprints. In an alternative embodiment, elements of a digital fingerprint are arranged in a predetermined sequence and specific elements of the digital fingerprint are identified by their position within the sequence, obviating identifier 304.
  • Extraction logic 306 specifies the manner in which the subject element is extracted by device 102 in generating the digital fingerprint. Logic flow diagrams 306A (FIG. 4) and 306B (FIG. 5) are illustrative examples of extraction logic 306 and are described below in greater detail.
  • Comparison logic 308 specifies the manner in which the subject element is compared to a corresponding element of another digital fingerprint to determine whether digital fingerprints match one another. Logic flow diagrams 308A (FIG. 8) and 308B (FIG. 9) are illustrative examples of comparison logic 308 and are described below in greater detail.
  • Loop step 602 (FIG. 6) and next step 610 define a loop in which web browser plug-in 1122C processes each of digital fingerprint elements 302 (FIG. 3) according to steps 604-608. During a particular iteration of the loop of steps 602-610, the particular digital fingerprint element 302 processed by web browser plug-in 1122C is sometimes referred to as the subject element.
  • In step 604, web browser plug-in 1122C executes extraction logic 306 of the subject element to extract data representing the subject element. The particular manner in which web browser plug-in 1122C extracts the data depends on the particular details of extraction logic 306. Logic flow diagram 306A (FIG. 4) is an illustrative example of extraction logic for data regarding a hardware characteristic of device 102.
  • In step 402, web browser plug-in 1122C retrieves detailed information about a hard disk drive of device 102. For example, in an embodiment in which device 102 includes the known Linux operating system, web browser plug-in 1122C can retrieve detailed information about a hard disk drive by executing the command, “hdparm -I /dev/sda”. To enhance efficiency, web browser plug-in 1122C can cache the results of that command to extract data for other elements related to detailed information about the hard disk drive.
  • In step 404, web browser plug-in 1122C parses the serial number of the hard disk drive from the detailed information retrieved in step 402. Parsing of the serial number is a straight forward process of pattern recognition, using regular expressions for example.
  • Logic flow diagram 306B (FIG. 5) is an illustrative example of extraction logic for data regarding a personal characteristic of a user of device 102. In step 502, web browser plug-in 1122C retrieves a user identifier for a social networking site from browser personal information 1130 (FIG. 11). Browser personal information 1130 includes various types of personal information stored by web browser 1120 regarding browsing activity of the user of device 102. Examples include browsing history, form data, user identifiers and passwords, and bookmarks.
  • In step 504, web browser plug-in 1122C retrieves public information about the user from the social networking user identifier retrieved in step 502. Many social networking sites support URLs that are derived from user identifiers in a deterministic manner. For example, if the user has an account for the social networking site at http://twitter.com and the user identifier is “xyz”, a URL to a public page regarding the user can be retrieved at http://twitter.com/#!/xyz. To enhance efficiency, web browser plug-in 1122C can cache the retrieved web page to extract data for other elements related to same social networking profile.
  • In step 506, web browser plug-in 1122C parses a particular item of information from the web page retrieved in step 504. In this illustrative example, the particular item of information is a number of friends the user has at the social networking site. Parsing of the number of friends is a straight forward process of pattern recognition, using regular expressions for example.
  • In step 606, web browser plug-in 1122C forms a reversible hash of the subject element, including identifier 304 (FIG. 3) and the data retrieved in step 604 (FIG. 6). The subject element is hashed by web browser plug-in 1122C to obscure the particular form and content of the digital fingerprint during transport through wide area network 104 (FIG. 1).
  • In step 608, web browser plug-in 1122C adds the hash created in step 606 to an accumulation of element hashes. The accumulation of element hashes is the digital fingerprint sent to server 106 in step 208.
  • Once all of digital fingerprint elements 302 (FIG. 3) have been processed by web browser plug-in 1122C according to the loop of steps 602-610 (FIG. 6), processing according to logic flow diagram 206, and therefore step 206 (FIG. 2), completes. The resulting digital fingerprint is an accumulation of hashes that represents multiple items of system information of device 102 and personal information of a user of device 102. In this respect, the resulting digital fingerprint comprises a personalized digital fingerprint.
  • As described above, server 106 (FIG. 1) compares the digital fingerprint of device 102 to digital fingerprints of known devices, e.g., known digital fingerprints 1030 (FIG. 10), in step 208 (FIG. 2). Logic flow diagram 210 (FIG. 7) illustrates comparison of the digital fingerprint of device 102 to another digital fingerprint, sometimes referred to as “the reference digital fingerprint” in the context of logic flow diagram 210.
  • In step 702, digital fingerprint management logic 1024 parses individual reversible hashes representing individual elements of the digital fingerprint of device 102.
  • In step 704, digital fingerprint management logic 1024 initializes a match score that represents a degree of similarity between the digital fingerprint of device 102 and the reference digital fingerprint. In this illustrative embodiment, digital fingerprint management logic 1024 initializes the match score to a value of 1.0, indicating a perfect match.
  • Loop step 706 and next step 710 define a loop in which digital fingerprint management logic 1024 processes each digital fingerprint element 302 (FIG. 3) according to step 708. During each iteration of the loop of steps 706-710, the particular digital fingerprint element processed by digital fingerprint management logic 1024 is sometimes referred to as “the subject element” in the context of logic flow diagram 210.
  • In step 708, digital fingerprint management logic 1024 executes comparison logic 308 (FIG. 3) of the subject element. Execution of comparison logic 308 adjusts the match score initialized in step 704 in a manner specified within comparison logic 308.
  • Logic flow diagram 308A (FIG. 8) is an illustrative example of comparison logic for data regarding a hardware characteristic of device 102. In test step 802, digital fingerprint management logic 1024 (FIG. 10) compares data representing the serial number of a hard disk drive of digital fingerprint 1140 (FIG. 11) to data representing the serial number of a hard disk drive of the reference digital fingerprint. If the respective serial numbers are not the same, processing transfers to step 804 in which digital fingerprint management logic 1024 reduces the match score by 30%, by multiplication of the match score by 0.7, in step 804. Conversely, if the respective serial numbers are the same, digital fingerprint management logic 1024 does not reduce the match score in step 806. Step 806 shows that digital fingerprint management logic 1024 multiplies the match score by 1.0 only to explicitly show that the match score remains unchanged.
  • Thus, according to logic flow diagram 308A (FIG. 8), a mismatch in the serial number of a hard disk drive suggests that digital fingerprint 1140 (FIG. 11) and the reference digital fingerprint do not represent one and the same device and the suggestion is reflected in the match score. Such suggestions accumulate as comparison logic for other digital fingerprints can further reduce the match score.
  • Logic flow diagram 308B (FIG. 9) is an illustrative example of comparison logic for data regarding a personal characteristic of a user of device 102. In case step 902, digital fingerprint management logic 1024 evaluates a change in the number of friends of the user per month since the generation of the reference digital fingerprint. Logic flow diagram 308B illustrates comparison of personal characteristics that can change over time but tend to change in a predictable way. Such is true of the number of friends one has through a social networking site. Case step 902 directs processing by digital fingerprint management logic 1024 to one of steps 906, 910, 914, 918, and 920 according to the test values of test steps 904, 908, 912, and 916.
  • If digital fingerprint 1140 does not include a number of friends, e.g., because the user of device 102 does not have a profile at the social networking site, and the reference digital fingerprint does include a number of friends, processing by digital fingerprint management logic 1024 transfers through test step 904 to step 906 in which digital fingerprint management logic 1024 reduces the match score by 30%, by multiplication of the match score by 0.7. It is rare that people remove profiles from social network sites. Accordingly, the absence of a profile for the user of device 102 when the profile exists for the reference digital fingerprint is relatively strongly indicative of a mismatch between digital fingerprint 1140 and the reference digital fingerprint.
  • If digital fingerprint 1140 and the reference digital fingerprint show a reduction in the number of friends over time, processing by digital fingerprint management logic 1024 transfers through test step 908 to step 910 in which digital fingerprint management logic 1024 reduces the match score by 30%, by multiplication of the match score by 0.7. It is rare that people remove friends in social network sites. Accordingly, the reduction in the number of friends is relatively strongly indicative of a mismatch between digital fingerprint 1140 and the reference digital fingerprint.
  • If digital fingerprint 1140 and the reference digital fingerprint show no change in the number of friends over time, processing by digital fingerprint management logic 1024 transfers through test step 912 to step 914 in which digital fingerprint management logic 1024 does not reduce the match score at all. The number of friends of a given user at a social networking site tends to be stable and, to the extent the number changes, the number tends only to increase. Accordingly, equivalence in the number of friends is relatively strongly indicative of a match between digital fingerprint 1140 and the reference digital fingerprint.
  • If digital fingerprint 1140 and the reference digital fingerprint show an increase in the number of friends over time of no more than three (3) friends per month, processing by digital fingerprint management logic 1024 transfers through test step 916 to step 918 in which digital fingerprint management logic 1024 reduces the match score by 5%, by multiplication of the match score by 0.95. To the extent the number of friends of a user of a social networking site increases, the number tends to increase relatively slowly over time once the profile is established. Accordingly, the relatively slow increase in the number of friends is relatively weakly indicative of a mismatch between digital fingerprint 1140 and the reference digital fingerprint.
  • If digital fingerprint 1140 and the reference digital fingerprint show an increase in the number of friends over time of more than three (3) friends per month, processing by digital fingerprint management logic 1024 transfers through test step 916 to step 920 in which digital fingerprint management logic 1024 reduces the match score by 20%, by multiplication of the match score by 0.8. To the extent the number of friends of a user of a social networking site increases, the number tends to increase relatively slowly over time once the profile is established. Accordingly, the relatively rapid increase in the number of friends is moderately indicative of a mismatch between digital fingerprint 1140 and the reference digital fingerprint.
  • Thus, according to logic flow diagram 308B (FIG. 9), a mismatch in the number of friends the user has at a social networking site can suggest that digital fingerprint 1140 (FIG. 11) and the reference digital fingerprint do not represent one and the same device and the suggestion is reflected in the match score. The degree to which such is suggested depends upon how changes in the number of friends follow an expected pattern.
  • After all digital fingerprint elements 302 (FIG. 3) have been processed according to the loop of steps 706-708 (FIG. 7), the match score reflects cumulative reductions of mismatches in the corresponding elements of digital fingerprint 1140 and the reference digital fingerprint. In this illustrative embodiment, digital fingerprint management logic 1024 determines that digital fingerprint 1140 and the reference digital fingerprint match only when the final matching score is at least a predetermined threshold. In addition, upon determination that the digital fingerprints match, digital fingerprint management logic 1024 supersedes the reference digital fingerprint with digital fingerprint 1140 in this illustrative embodiment since digital fingerprint 1140 is the more recent digital fingerprint of device 102.
  • Server computer 106 is shown in greater detail in FIG. 10. Server 106 includes one or more microprocessors 1002 (collectively referred to as CPU 1002) that retrieve data and/or instructions from memory 1004 and execute retrieved instructions in a conventional manner. Memory 1004 can include generally any computer-readable medium including, for example, persistent memory such as magnetic and/or optical disks, ROM, and PROM and volatile memory such as RAM.
  • CPU 1002 and memory 1004 are connected to one another through a conventional interconnect 1006, which is a bus in this illustrative embodiment and which connects CPU 1002 and memory 1004 to network access circuitry 1012. Network access circuitry 1012 sends and receives data through computer networks such as wide area network 104 (FIG. 1).
  • A number of components of server 106 are stored in memory 1004. In particular, web server logic 1020 and web application logic 1022, including digital fingerprint management logic 1024, are all or part of one or more computer processes executing within CPU 1002 from memory 1004 in this illustrative embodiment but can also be implemented using digital logic circuitry.
  • Web server logic 1020 is a conventional web server. Web application logic 1022 is content that defines one or more pages of a web site and is served by web server logic 1020 to client devices such as device 102. Digital fingerprint management logic 1024 is a part of web application logic 1022 that causes client devices to generate digital fingerprints and to compare digital fingerprints in the manner described above.
  • Device 102 is a personal computing device and is shown in greater detail in FIG. 11. Device 102 includes one or more microprocessors 1102 (collectively referred to as CPU 1102) that retrieve data and/or instructions from memory 1104 and execute retrieved instructions in a conventional manner. Memory 1104 can include generally any computer-readable medium including, for example, persistent memory such as magnetic and/or optical disks, ROM, and PROM and volatile memory such as RAM.
  • CPU 1102 and memory 1104 are connected to one another through a conventional interconnect 1106, which is a bus in this illustrative embodiment and which connects CPU 1102 and memory 1104 to one or more input devices 1108, output devices 1110, and network access circuitry 1112. Input devices 1108 can include, for example, a keyboard, a keypad, a touch-sensitive screen, a mouse, a microphone, and one or more cameras. Output devices 1110 can include, for example, a display —such as a liquid crystal display (LCD) —and one or more loudspeakers. Network access circuitry 1112 sends and receives data through computer networks such as wide area network 104 (FIG. 1).
  • A number of components of client device 102 are stored in memory 1104. In particular, web browser 1120 is all or part of one or more computer processes executing within CPU 1102 from memory 1104 in this illustrative embodiment but can also be implemented using digital logic circuitry. As used herein, “logic” refers to (i) logic implemented as computer instructions and/or data within one or more computer processes and/or (ii) logic implemented in electronic circuitry. Web browser plug-ins 1122A-C are each all or part of one or more computer processes that cooperate with web browser 1120 to augment the behavior of web browser 1120. The manner in which behavior of a web browser is augmented by web browser plug-ins is conventional and known and is not described herein.
  • Browser personal information 1130 and digital fingerprint 1140 are data stored persistently in memory 1104. Browser personal information 1130 can be organized as all or part of one or more databases.
  • As described above, web browser plug-in 1122C generates digital fingerprint 1140 according to extraction logic 306 (FIG. 3) of each of digital fingerprint elements 302. In one embodiment, digital fingerprint management logic 1024 (FIG. 10) sends identifier 304 (FIG. 3) and extraction logic 306 for all digital fingerprint elements 302 to web browser plug-in 1122C (FIG. 11) in step 204 (FIG. 2). In an alternative embodiment, identifier 304 (FIG. 3) and extraction logic 306 for all digital fingerprint elements 302 are included within web browser plug-in 1122C (FIG. 11) and device 102 downloads web browser plug-in 1122C from server 106 with all the extraction logic already included.
  • The above description is illustrative only and is not limiting. The present invention is defined solely by the claims which follow and their full range of equivalents. It is intended that the following appended claims be interpreted as including all such alterations, modifications, permutations, and substitute equivalents as fall within the true spirit and scope of the present invention.

Claims (7)

1. A method for identifying a remotely located device, the method comprising:
sending characteristic extraction logic to the remotely located device, wherein the characteristic extraction logic causes the remotely located device to retrieve characteristics of the device and at least one characteristic of a user of the device from a publicly available profile of the user of the device;
receiving a digital fingerprint of the device from the device, wherein the digital fingerprint includes data representing the characteristics of the device and at least the characteristic of the user of the device; and
comparing the digital fingerprint of the device to a reference digital fingerprint to determine whether the digital fingerprint of the device and the reference digital fingerprint identify one and the same device.
2. The method of claim 1 wherein the characteristic extraction logic causes the remotely located device to retrieve the characteristic of the user of the device by at least:
identifying the publicly available profile of the user of the device from browser personal information stored in the device.
3-15. (canceled)
16. The method of any one of claim 1 or 2, wherein the characteristic extraction logic causes the remotely located device to retrieve the characteristic of the user of the device by at least also:
retrieving the publicly available profile through a computer network.
17. The method of any one of claim 1 or 3, wherein comparing comprises:
retrieving comparison logic associated with each of the characteristics of the device and the characteristic of the user of the device; and
executing the comparison logic to determine a degree of similarity between the digital fingerprint of the device to a reference digital fingerprint.
18. The method of claim 4 wherein the comparison logic associated with the characteristic of the user of the device considers changes in the characteristic of the user of the device over time relative to expected changes in the characteristic of the user of the device over time.
19-24. (canceled)
US14/094,637 2013-02-28 2013-12-02 Unique device identification among large populations of homogenous devices Abandoned US20140164418A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US14/094,637 US20140164418A1 (en) 2013-02-28 2013-12-02 Unique device identification among large populations of homogenous devices

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US201361770662P 2013-02-28 2013-02-28
AU2013100369 2013-03-20
AU2013100369A AU2013100369B4 (en) 2013-02-28 2013-03-20 Unique device authentication among large populations of homogeneous devices
US14/094,637 US20140164418A1 (en) 2013-02-28 2013-12-02 Unique device identification among large populations of homogenous devices

Publications (1)

Publication Number Publication Date
US20140164418A1 true US20140164418A1 (en) 2014-06-12

Family

ID=48221696

Family Applications (3)

Application Number Title Priority Date Filing Date
US14/074,153 Active US8881280B2 (en) 2013-02-28 2013-11-07 Device-specific content delivery
US14/094,637 Abandoned US20140164418A1 (en) 2013-02-28 2013-12-02 Unique device identification among large populations of homogenous devices
US14/530,529 Active US9294491B2 (en) 2013-02-28 2014-10-31 Device-specific content delivery

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US14/074,153 Active US8881280B2 (en) 2013-02-28 2013-11-07 Device-specific content delivery

Family Applications After (1)

Application Number Title Priority Date Filing Date
US14/530,529 Active US9294491B2 (en) 2013-02-28 2014-10-31 Device-specific content delivery

Country Status (2)

Country Link
US (3) US8881280B2 (en)
AU (2) AU2013100355B4 (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140025791A1 (en) * 2010-11-05 2014-01-23 Bluecava, Inc. Incremental Browser-Based Device Fingerprinting
US20150188897A1 (en) * 2013-12-30 2015-07-02 AdMobius, Inc. Cookieless management translation and resolving of multiple device identities for multiple networks
US9356914B2 (en) * 2014-07-30 2016-05-31 Gracenote, Inc. Content-based association of device to user
CN112292671A (en) * 2018-06-08 2021-01-29 日本电信电话株式会社 Device recognition apparatus and device recognition method
WO2022026965A1 (en) * 2020-07-29 2022-02-03 Hewlett-Packard Development Company, L.P. Device fingerprint encoding component attributes
US20220253489A1 (en) * 2013-03-15 2022-08-11 Webroot Inc. Detecting a change to the content of information displayed to a user of a website
US20230208876A1 (en) * 2021-12-22 2023-06-29 Abnormal Security Corporation Url rewriting

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104468466B (en) * 2013-09-12 2019-01-29 深圳市腾讯计算机系统有限公司 The operation management method and device of network account
KR102465249B1 (en) * 2016-02-19 2022-11-11 삼성전자주식회사 Electronic device for authenticating based on biometric data and operating method thereof

Family Cites Families (137)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4200770A (en) 1977-09-06 1980-04-29 Stanford University Cryptographic apparatus and method
US4218582A (en) 1977-10-06 1980-08-19 The Board Of Trustees Of The Leland Stanford Junior University Public key cryptographic apparatus and method
US4405829A (en) 1977-12-14 1983-09-20 Massachusetts Institute Of Technology Cryptographic communications system and method
FR2448825A1 (en) 1979-02-06 1980-09-05 Telediffusion Fse SYSTEM FOR TRANSMITTING INFORMATION BETWEEN A TRANSMISSION CENTER AND RECEIVING STATIONS, WHICH IS PROVIDED WITH A MEANS OF CONTROLLING ACCESS TO THE INFORMATION TRANSMITTED
FR2448824A1 (en) 1979-02-06 1980-09-05 Telediffusion Fse VIDEOTEX SYSTEM PROVIDED WITH INFORMATION ACCESS CONTROL MEANS
FR2492135B1 (en) 1980-09-16 1988-01-22 Cii Honeywell Bull APPARATUS FOR DISTRIBUTING OBJECTS AND ACQUIRING SERVICES
US4652990A (en) 1983-10-27 1987-03-24 Remote Systems, Inc. Protected software access control apparatus and method
US4672572A (en) 1984-05-21 1987-06-09 Gould Inc. Protector system for computer access and use
US4633036A (en) 1984-05-31 1986-12-30 Martin E. Hellman Method and apparatus for use in public-key data encryption system
US4747139A (en) 1984-08-27 1988-05-24 Taaffe James L Software security method and systems
US4977594A (en) 1986-10-14 1990-12-11 Electronic Publishing Resources, Inc. Database usage metering and protection system and method
US5050213A (en) 1986-10-14 1991-09-17 Electronic Publishing Resources, Inc. Database usage metering and protection system and method
US5155680A (en) 1986-10-24 1992-10-13 Signal Security Technologies Billing system for computing software
NL8700861A (en) 1987-04-13 1988-11-01 Nedap Nv READING, WRITING SYSTEM WITH MINIATURE INFORMATION CARRIER.
US5005200A (en) 1988-02-12 1991-04-02 Fischer Addison M Public key/signature cryptosystem with enhanced digital signature certification
US4868877A (en) 1988-02-12 1989-09-19 Fischer Addison M Public key/signature cryptosystem with enhanced digital signature certification
US5313637A (en) 1988-11-29 1994-05-17 Rose David K Method and apparatus for validating authorization to access information in an information processing system
US5191611A (en) 1989-04-03 1993-03-02 Lang Gerald S Method and apparatus for protecting material on storage media and for transferring material on storage media to various recipients
US5123045A (en) 1989-08-18 1992-06-16 Massachusetts Institute Of Technology Comprehensive software protection system
US5148481A (en) 1989-10-06 1992-09-15 International Business Machines Corporation Transaction system security method and apparatus
US5048085A (en) 1989-10-06 1991-09-10 International Business Machines Corporation Transaction system security method and apparatus
FR2654236B1 (en) 1989-11-03 1992-01-17 Europ Rech Electr Lab METHOD FOR PROTECTING AGAINST THE FRAUDULENT USE OF MICROPROCESSOR CARDS, AND DEVICE FOR IMPLEMENTING SAME.
CA2047891C (en) 1990-07-26 1995-02-14 Takatoshi Kurano Routing system capable of effectively processing routing information
JPH04130950A (en) 1990-09-21 1992-05-01 Toshiba Corp Network system
US5144667A (en) 1990-12-20 1992-09-01 Delco Electronics Corporation Method of secure remote access
US5231668A (en) 1991-07-26 1993-07-27 The United States Of America, As Represented By The Secretary Of Commerce Digital signature algorithm
US5204901A (en) 1991-08-01 1993-04-20 General Electric Company Public key cryptographic mechanism
US5418854A (en) 1992-04-28 1995-05-23 Digital Equipment Corporation Method and apparatus for protecting the confidentiality of passwords in a distributed data processing system
US5349643A (en) 1993-05-10 1994-09-20 International Business Machines Corporation System and method for secure initial program load for diskless workstations
GB9321357D0 (en) 1993-10-15 1993-12-22 British Telecomm Personal identification systems
CN100452071C (en) 1995-02-13 2009-01-14 英特特拉斯特技术公司 Systems and methods for secure transaction management and electronic rights protection
JP3557056B2 (en) 1996-10-25 2004-08-25 株式会社東芝 Packet inspection device, mobile computer device, and packet transfer method
US6681017B1 (en) 1997-09-03 2004-01-20 Lucent Technologies Inc. Simplified secure shared key establishment and data delivery protocols for electronic commerce
US6098053A (en) 1998-01-28 2000-08-01 Citibank, N.A. System and method for performing an electronic financial transaction
US7032242B1 (en) 1998-03-05 2006-04-18 3Com Corporation Method and system for distributed network address translation with network security features
US6098106A (en) 1998-09-11 2000-08-01 Digitalconvergence.Com Inc. Method for controlling a computer with an audio signal
US6151631A (en) * 1998-10-15 2000-11-21 Liquid Audio Inc. Territorial determination of remote computer location in a wide area network for conditional delivery of digitized products
US8019881B2 (en) 1998-11-30 2011-09-13 George Mason Intellectual Properties, Inc. Secure cookies
WO2001009756A2 (en) 1999-07-30 2001-02-08 Safewww, Inc. A system and method for secure network purchasing
US6791982B2 (en) 1999-09-29 2004-09-14 Telefonaktiebolaget Lm Ericsson Segmentation protocol that supports compressed segmentation headers
US20080082813A1 (en) 2000-01-06 2008-04-03 Chow David Q Portable usb device that boots a computer as a server with security measure
US20020091855A1 (en) 2000-02-02 2002-07-11 Yechiam Yemini Method and apparatus for dynamically addressing and routing in a data network
US7343421B1 (en) 2000-02-14 2008-03-11 Digital Asset Enterprises Llc Restricting communication of selected processes to a set of specific network addresses
US6977930B1 (en) 2000-02-14 2005-12-20 Cisco Technology, Inc. Pipelined packet switching and queuing architecture
US7600039B2 (en) 2000-02-16 2009-10-06 Motorola, Inc. Label-based multiplexing
US6591285B1 (en) 2000-06-16 2003-07-08 Shuo-Yen Robert Li Running-sum adder networks determined by recursive construction of multi-stage networks
US7032110B1 (en) 2000-06-30 2006-04-18 Landesk Software Limited PKI-based client/server authentication
GB0017479D0 (en) 2000-07-18 2000-08-30 Bit Arts Ltd Transaction verification
US7350204B2 (en) 2000-07-24 2008-03-25 Microsoft Corporation Policies for secure software execution
US7313825B2 (en) 2000-11-13 2007-12-25 Digital Doors, Inc. Data security system and method for portable device
US7003497B2 (en) 2001-05-23 2006-02-21 International Business Machines Corporation System and method for confirming electronic transactions
JP2003101570A (en) 2001-09-21 2003-04-04 Sony Corp Communication processing system and method, and its server device and computer program
US20030063750A1 (en) 2001-09-26 2003-04-03 Alexander Medvinsky Unique on-line provisioning of user terminals allowing user authentication
US7965843B1 (en) 2001-12-27 2011-06-21 Cisco Technology, Inc. Methods and apparatus for security over fibre channel
US20030131001A1 (en) 2002-01-04 2003-07-10 Masanobu Matsuo System, method and computer program product for setting access rights to information in an information exchange framework
WO2003067450A1 (en) 2002-02-07 2003-08-14 University Of Massachusetts Probabalistic packet marking
US7092943B2 (en) 2002-03-01 2006-08-15 Enterasys Networks, Inc. Location based data
US20030217263A1 (en) 2002-03-21 2003-11-20 Tsutomu Sakai System and method for secure real-time digital transmission
US20030190046A1 (en) 2002-04-05 2003-10-09 Kamerman Matthew Albert Three party signing protocol providing non-linkability
US6880079B2 (en) 2002-04-25 2005-04-12 Vasco Data Security, Inc. Methods and systems for secure transmission of information using a mobile device
US7461251B2 (en) 2002-05-09 2008-12-02 Canon Kabushiki Kaisha Public key certification issuing apparatus
EP1367780A1 (en) 2002-05-30 2003-12-03 Motorola, Inc. Method and Apparatus for route optimisation in nested mobile networks
US6792545B2 (en) 2002-06-20 2004-09-14 Guidance Software, Inc. Enterprise computer investigation system
JP4304362B2 (en) 2002-06-25 2009-07-29 日本電気株式会社 PKI-compliant certificate confirmation processing method and apparatus, and PKI-compliant certificate confirmation processing program
US7216369B2 (en) 2002-06-28 2007-05-08 Intel Corporation Trusted platform apparatus, system, and method
TW588243B (en) 2002-07-31 2004-05-21 Trek 2000 Int Ltd System and method for authentication
GB2391965B (en) 2002-08-14 2005-11-30 Messagelabs Ltd Method of, and system for, heuristically detecting viruses in executable code
US7310813B2 (en) 2002-09-30 2007-12-18 Authenex, Inc. System and method for strong access control to a network
EP1550271A1 (en) 2002-09-30 2005-07-06 Nokia Corporation Routing data packets in a compressed-header domain
US7269731B2 (en) 2003-01-29 2007-09-11 Hewlett-Packard Development Company, L.P. Message authorization system and method
JP4117548B2 (en) 2003-01-30 2008-07-16 株式会社イノアックコーポレーション Duct for vehicle
JP4504099B2 (en) 2003-06-25 2010-07-14 株式会社リコー Digital certificate management system, digital certificate management apparatus, digital certificate management method, update procedure determination method and program
US7444508B2 (en) 2003-06-30 2008-10-28 Nokia Corporation Method of implementing secure access
US7665147B2 (en) 2004-02-05 2010-02-16 At&T Mobility Ii Llc Authentication of HTTP applications
US20070060358A1 (en) 2005-08-10 2007-03-15 Amaitis Lee M System and method for wireless gaming with location determination
US20050289559A1 (en) 2004-06-08 2005-12-29 Daniel Illowsky Method and system for vertical layering between levels in a processing unit facilitating direct event-structures and event-queues level-to-level communication without translation
US8359464B2 (en) 2004-07-02 2013-01-22 International Business Machines Corporation Quarantine method and system
US7716139B2 (en) 2004-10-29 2010-05-11 Research In Motion Limited System and method for verifying digital signatures on certificates
US20060095454A1 (en) 2004-10-29 2006-05-04 Texas Instruments Incorporated System and method for secure collaborative terminal identity authentication between a wireless communication device and a wireless operator
WO2006063118A2 (en) 2004-12-07 2006-06-15 Pure Networks, Inc. Network management
US20060130135A1 (en) 2004-12-10 2006-06-15 Alcatel Virtual private network connection methods and systems
SG123638A1 (en) 2004-12-31 2006-07-26 St Microelectronics Asia Method and system for enhancing bass effect in audio signals
EP1845666A1 (en) 2005-02-02 2007-10-17 Matsushita Electric Industrial Co., Ltd. Packet transfer method in communication network system and packet processing method in communication device constituting the system
US20060271485A1 (en) 2005-03-12 2006-11-30 Jiwire, Inc. Wireless connectivity security technique
WO2006102399A1 (en) 2005-03-18 2006-09-28 Absolute Software Corporation Persistent servicing agent
US20060253584A1 (en) * 2005-05-03 2006-11-09 Dixon Christopher J Reputation of an entity associated with a content item
US8438499B2 (en) * 2005-05-03 2013-05-07 Mcafee, Inc. Indicating website reputations during user interactions
US20060280207A1 (en) 2005-06-08 2006-12-14 Stephen Guarini Distributed network monitoring system
JP2007013433A (en) 2005-06-29 2007-01-18 Fujitsu Ltd Method for transmitting/receiving encrypted data and information processing system
US7599303B2 (en) 2005-07-26 2009-10-06 Cisco Technology, Inc. System and methods for sending trace messages
JP4701929B2 (en) 2005-09-02 2011-06-15 株式会社日立製作所 Boot configuration change method, management server, and computer system
JP4489676B2 (en) 2005-09-28 2010-06-23 富士通株式会社 Communications system
US8020190B2 (en) * 2005-10-14 2011-09-13 Sdc Software, Inc. Enhanced browser security
US7890752B2 (en) 2005-10-31 2011-02-15 Scenera Technologies, Llc Methods, systems, and computer program products for associating an originator of a network packet with the network packet using biometric information
US20070153707A1 (en) 2006-01-04 2007-07-05 Pascal Thubert Ad hoc network formation and management based on aggregation of ad hoc nodes according to an aggregation hierarchy
US7506056B2 (en) 2006-03-28 2009-03-17 Symantec Corporation System analyzing configuration fingerprints of network nodes for granting network access and detecting security threat
US20070235525A1 (en) 2006-04-07 2007-10-11 Nearnet Llc Information accessing and conveying systems and methods
US8527770B2 (en) 2006-07-20 2013-09-03 Research In Motion Limited System and method for provisioning device certificates
KR100849223B1 (en) 2006-07-27 2008-07-31 삼성전자주식회사 Method of testing USB apparatus and system thereof
US8226474B2 (en) 2006-09-08 2012-07-24 Igt Mobile gaming devices for use in a gaming network having gaming and non-gaming zones
US7575160B2 (en) 2006-09-15 2009-08-18 Ncr Corporation Security validation of machine components
WO2008034900A1 (en) 2006-09-21 2008-03-27 Boesgaard Soerensen Hans Marti Fabrication of computer executable program files from source code
US20080080750A1 (en) 2006-10-02 2008-04-03 Wison Technology Corp. Interactive wireless fingerprint recognition system
US20100146609A1 (en) 2006-10-04 2010-06-10 Rob Bartlett Method and system of securing accounts
WO2008079491A2 (en) 2006-10-20 2008-07-03 Electronic Plastics, Llc Decentralized secure transaction system
US7852861B2 (en) 2006-12-14 2010-12-14 Array Networks, Inc. Dynamic system and method for virtual private network (VPN) application level content routing using dual-proxy method
US7818573B2 (en) 2006-12-29 2010-10-19 Honeywell International Inc. Remote control of a security system using e-mail
US8695089B2 (en) 2007-03-30 2014-04-08 International Business Machines Corporation Method and system for resilient packet traceback in wireless mesh and sensor networks
US20080282338A1 (en) * 2007-05-09 2008-11-13 Beer Kevin J System and method for preventing the reception and transmission of malicious or objectionable content transmitted through a network
US8769611B2 (en) 2007-05-31 2014-07-01 Qualcomm Incorporated Methods and apparatus for providing PMIP key hierarchy in wireless communication networks
US8019995B2 (en) 2007-06-27 2011-09-13 Alcatel Lucent Method and apparatus for preventing internet phishing attacks
US8243924B2 (en) 2007-06-29 2012-08-14 Google Inc. Progressive download or streaming of digital media securely through a localized container and communication protocol proxy
US8103727B2 (en) * 2007-08-30 2012-01-24 Fortinet, Inc. Use of global intelligence to make local information classification decisions
US8069490B2 (en) 2007-10-16 2011-11-29 Oracle America, Inc. Detecting counterfeit electronic components using EMI telemetric fingerprints
CN101868954A (en) 2007-11-21 2010-10-20 Nxp股份有限公司 Device and method for near field communications using audio transducers
US9215217B2 (en) * 2008-12-05 2015-12-15 Suhayya Abu-Hakima and Kenneth E. Grigg Auto-discovery of diverse communications devices for alert broadcasting
KR100950769B1 (en) 2007-12-17 2010-04-05 한국전자통신연구원 The method for trackback and the device for receiving signals
US20100146589A1 (en) * 2007-12-21 2010-06-10 Drivesentry Inc. System and method to secure a computer system by selective control of write access to a data storage medium
JP5181734B2 (en) 2008-03-06 2013-04-10 パナソニック株式会社 Hot water storage water heater
US8155130B2 (en) 2008-08-05 2012-04-10 Cisco Technology, Inc. Enforcing the principle of least privilege for large tunnel-less VPNs
US8350666B2 (en) 2008-10-15 2013-01-08 Honeywell International Inc. Apparatus and method for location-based access control in wireless networks
US8533844B2 (en) * 2008-10-21 2013-09-10 Lookout, Inc. System and method for security data collection and analysis
US8069471B2 (en) * 2008-10-21 2011-11-29 Lockheed Martin Corporation Internet security dynamics assessment system, program product, and related methods
EP2373073B1 (en) * 2008-12-26 2016-11-09 Panasonic Intellectual Property Corporation of America Communication device
US8438386B2 (en) * 2009-04-21 2013-05-07 Webroot Inc. System and method for developing a risk profile for an internet service
US20110026529A1 (en) 2009-07-31 2011-02-03 Saugat Majumdar Method And Apparatus For Option-based Marking Of A DHCP Packet
US9456356B2 (en) 2009-10-15 2016-09-27 Apple Inc. Methods for synchronizing data in a network
US8316421B2 (en) * 2009-10-19 2012-11-20 Uniloc Luxembourg S.A. System and method for device authentication with built-in tolerance
US8966657B2 (en) 2009-12-31 2015-02-24 Intel Corporation Provisioning, upgrading, and/or changing of hardware
DE102010002584B4 (en) 2010-03-04 2014-12-24 Infineon Technologies Ag Passive RFID transponder and RFID reader
US20110295988A1 (en) * 2010-05-28 2011-12-01 Le Jouan Herve Managing data on computer and telecommunications networks
US20120275354A1 (en) 2011-04-26 2012-11-01 Nxp B.V. Asymmetric white space communications
US8375221B1 (en) 2011-07-29 2013-02-12 Microsoft Corporation Firmware-based trusted platform module for arm processor architectures and trustzone security extensions
US8943015B2 (en) * 2011-12-22 2015-01-27 Google Technology Holdings LLC Hierarchical behavioral profile
US20130166609A1 (en) * 2011-12-22 2013-06-27 General Instrument Corporation Hierarchical behavioral profile
US9118718B2 (en) * 2012-04-10 2015-08-25 Intel Corporation Techniques to monitor connection paths on networked devices
US9130977B2 (en) * 2012-04-18 2015-09-08 Radware, Ltd. Techniques for separating the processing of clients' traffic to different zones

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9942349B2 (en) 2010-11-05 2018-04-10 Bluecava, Inc. Incremental browser-based device fingerprinting
US8954560B2 (en) * 2010-11-05 2015-02-10 Bluecava, Inc. Incremental browser-based device fingerprinting
US20140025791A1 (en) * 2010-11-05 2014-01-23 Bluecava, Inc. Incremental Browser-Based Device Fingerprinting
US20220253489A1 (en) * 2013-03-15 2022-08-11 Webroot Inc. Detecting a change to the content of information displayed to a user of a website
US20150188897A1 (en) * 2013-12-30 2015-07-02 AdMobius, Inc. Cookieless management translation and resolving of multiple device identities for multiple networks
US9686276B2 (en) * 2013-12-30 2017-06-20 AdMobius, Inc. Cookieless management translation and resolving of multiple device identities for multiple networks
US9356914B2 (en) * 2014-07-30 2016-05-31 Gracenote, Inc. Content-based association of device to user
US9769143B2 (en) 2014-07-30 2017-09-19 Gracenote, Inc. Content-based association of device to user
CN112292671A (en) * 2018-06-08 2021-01-29 日本电信电话株式会社 Device recognition apparatus and device recognition method
US11288158B2 (en) * 2018-06-08 2022-03-29 Nippon Telegraph And Telephone Corporation Device identification device and device identification method
WO2022026965A1 (en) * 2020-07-29 2022-02-03 Hewlett-Packard Development Company, L.P. Device fingerprint encoding component attributes
US20230208876A1 (en) * 2021-12-22 2023-06-29 Abnormal Security Corporation Url rewriting
US11943257B2 (en) * 2021-12-22 2024-03-26 Abnormal Security Corporation URL rewriting

Also Published As

Publication number Publication date
AU2013100355B4 (en) 2013-10-31
US20150058990A1 (en) 2015-02-26
AU2013100369A4 (en) 2013-05-02
US8881280B2 (en) 2014-11-04
US20140245442A1 (en) 2014-08-28
AU2013100355A4 (en) 2013-05-09
AU2013100369B4 (en) 2013-11-21
US9294491B2 (en) 2016-03-22

Similar Documents

Publication Publication Date Title
AU2013100369A4 (en) Unique device authentication among large populations of homogeneous devices
US7866542B2 (en) System and method for resolving identities that are indefinitely resolvable
WO2018157818A1 (en) Method and apparatus for inferring preference of user, terminal device, and storage medium
US9578502B2 (en) Device authentication using inter-person message metadata
AU2012101559A4 (en) Device identification using synthetic device keys
US10305894B2 (en) Verifying a user based on digital fingerprint signals derived from out-of-band data
US8326999B2 (en) Creating context-sensitive webpage time-out intervals
AU2012101558A4 (en) Adaptive device authentication
EP2715565A2 (en) Dynamic rule reordering for message classification
Ganorkar et al. Iris recognition: an emerging biometric technology
US10878089B2 (en) Identifying malware based on content item identifiers
WO2015196964A1 (en) Matching picture search method, picture search method and apparatuses
US20130212105A1 (en) Information processing apparatus, information processing method, and program
Kondekar et al. Image retrieval techniques based on image features: a state of art approach for cbir
WO2022105497A1 (en) Text screening method and apparatus, device, and storage medium
CN110457434B (en) Webpage evidence obtaining method and device based on search, readable storage medium and server
US20060294222A1 (en) System and method for enhancing event correlation with exploitation of external data
US10313391B1 (en) Digital distillation
EP1574929A1 (en) Technique for evaluating computer system passwords
WO2018201596A1 (en) Password input method, apparatus, computer readable storage medium and terminal device
CN107016266B (en) Content-based authentication
Zhang et al. Wireless fingerprint attendance management system
US20160292278A1 (en) Coincidental Searching and Browsing
CN116088960A (en) Chain running version processing method, device, equipment and medium in block chain system
CN115934571A (en) Interface test case generation method and device based on Bayesian classification algorithm

Legal Events

Date Code Title Description
AS Assignment

Owner name: UNILOC LUXEMBOURG, S.A., LUXEMBOURG

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:ETCHEGOYEN, CRAIG S, MR;REEL/FRAME:031941/0573

Effective date: 20131230

AS Assignment

Owner name: FORTRESS CREDIT CO LLC, CALIFORNIA

Free format text: SECURITY INTEREST;ASSIGNOR:UNILOC LUXEMBOURG, S.A.; UNILOC CORPORATION PTY LIMITED; UNILOC USA, INC.;REEL/FRAME:034747/0001

Effective date: 20141230

STCB Information on status: application discontinuation

Free format text: ABANDONED -- AFTER EXAMINER'S ANSWER OR BOARD OF APPEALS DECISION

AS Assignment

Owner name: ATREUS LABS LLC, DELAWARE

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:UNILOC 2017 LLC;REEL/FRAME:057453/0790

Effective date: 20210727