Search

US-12621295-B2 - Methods, systems and computer program products for secure remote hardware access through cross-device authentication

US12621295B2US 12621295 B2US12621295 B2US 12621295B2US-12621295-B2

Abstract

The present invention relates to cross-device authentication technologies. In particular, the present invention relates to methods, systems and computer program products for enabling cross-device authentication, including for implementation within cloud based service systems, and even more particularly for implementation within cloud gaming systems.

Inventors

  • Rosen Sharma

Assignees

  • NOW.GG, INC.

Dates

Publication Date
20260505
Application Date
20220304

Claims (13)

  1. 1 . A method for enabling secure remote hardware access through cross-device authentication, comprising: establishing network communication between a client device and a remotely located cloud services server over a communication network; receiving at the cloud services server, a client device authentication token transmitted from the client device, wherein the client device authentication token is retrieved from a memory within or coupled with the client device; comparing at the cloud services server, the received client device authentication token with authentication token data stored in a database of pre-authorized authentication tokens; responsive to a positive match between the received client device authentication token and a matching pre-authorized authentication token that is stored within the database of pre-authorized authentication tokens, wherein the matching pre-authorized authentication token is stored within said database with (i) data associating the matching pre-authorized authentication token with the client device or a user of the client device, and (ii) data identifying the matching pre-authorized authentication token as being pre-authorized for enabling remote access to a hardware device that is distinct from the client device, and that is protected by an access control lock: unlocking the access control lock on the hardware device; and providing to the client device over the communication network, one or more cloud based software services implemented by the hardware device; wherein unlocking the access control lock on the hardware device is performed solely responsive to the positive match of the client device authentication token at the cloud services server, without requiring any user credential entry, password, personal identification number (“PIN”), biometric input, or other user identity verification process being implemented on either the hardware device or the client device during the unlock operation.
  2. 2 . The method as claimed in claim 1 , wherein the client device authentication token has been provisioned in the memory within or coupled with the client device prior to the step of establishing network communication between the client device and the remotely located cloud services server, by implementing steps of: receiving at a remote server, user credentials transmitted from the client device, wherein the user credentials comprises data that includes one or more identifiers corresponding to at least one of the client device or a user of the client device; generating an authentication token and associating the authentication token with the client device or the user of the client device; storing within the database of pre-authorized authentication tokens, the generated authentication token; and transmitting the generated authentication token to the client device for storage in the memory within or coupled with the client device.
  3. 3 . The method as claimed in claim 2 , further comprising the step of storing within the database of pre-authorized authentication tokens: data associating the generated authentication token with the client device or with the user of the client device; or data identifying the generated authentication token as being pre-authorized for remote access to the hardware device.
  4. 4 . The method as claimed in claim 1 , wherein the client device authentication token is retrieved for transmission to the cloud services server, from the memory within or coupled with the client device, in response to initiation of a request for enabling the client device to access a software streaming service provided by the cloud services server.
  5. 5 . The method as claimed in claim 1 , wherein the hardware device is a mobile communication device, or a processor based circuit board that is configured to implement functionality of a mobile communication device, or a data processor based system that is configured to implement functionality of a mobile communication device, and wherein the mobile communication device, the processor based circuit board or the data processor based system is distinct from and remotely located from the client device.
  6. 6 . The method as claimed in claim 1 , wherein the access control lock is a screen lock on a mobile communication device, or on a data processor based system that is configured to implement functionality of a mobile communication device, and wherein the mobile communication device or the data processor based system is distinct from and remotely located from the client device.
  7. 7 . A system for enabling secure remote hardware access through cross-device authentication, comprising a cloud services server comprising at least a processor and a memory, wherein the cloud services server is configured to: establish network communication with a client device located remotely from the cloud services server; receive a client device authentication token transmitted from the client device, wherein the client device authentication token is retrieved from a memory within or coupled with the client device; compare at the cloud services server, the received client device authentication token with authentication token data stored in a database of pre-authorized authentication tokens; responsive to a positive match between the received client device authentication token and a matching pre-authorized authentication token that is stored within the database of pre-authorized authentication tokens, wherein the matching pre-authorized authentication token is stored within said database with (i) data associating the matching pre-authorized authentication token with the client device or a user of the client device, and (ii) data identifying the matching pre-authorized authentication token as being pre-authorized for enabling remote access to a hardware device that is distinct from the client device, and that is protected by an access control lock: unlocking the access control lock on the hardware device; and providing to the client device over the communication network, one or more cloud-based software services implemented by the hardware device; wherein unlocking the access control lock on the hardware device is performed solely responsive to the positive match of the client device authentication token at the cloud services server, without requiring any user credential entry, password, personal identification number (“PIN”), biometric input, or other user identity verification process being implemented on either the hardware device or the client device during the unlock operation.
  8. 8 . The system as claimed in claim 7 , wherein the client device authentication token has been provisioned in the memory within or coupled with the client device by: receiving at a remote server, user credentials transmitted from the client device, wherein the user credentials comprises data that includes one or more identifiers corresponding to at least one of the client device or a user of the client device; generating an authentication token and associating the authentication token with the client device or the user of the client device; storing within the database of pre-authorized authentication tokens, the generated authentication token; and transmitting the generated authentication token to the client device for storage in the memory within or coupled with the client device.
  9. 9 . The system as claimed in claim 8 , wherein the database of pre-authorized authentication tokens includes: data associating the generated authentication token with the client device or with the user of the client device; or data identifying the generated authentication token as being pre-authorized for remote access to the hardware device.
  10. 10 . The system as claimed in claim 7 , wherein the client device authentication token is retrieved for transmission to the cloud services server, from the memory within or coupled with the client device, in response to initiation of a request for enabling the client device to access a software streaming service provided by the cloud services server.
  11. 11 . The system as claimed in claim 7 , wherein the hardware device is a mobile communication device, or a processor based circuit board that is configured to implement functionality of a mobile communication device, or a data processor based system that is configured to implement functionality of a mobile communication device, and wherein the mobile communication device, the processor based circuit board or the data processor based system is distinct from and remotely located from the client device.
  12. 12 . The system as claimed in claim 1 , wherein the access control lock is a screen lock on a mobile communication device, or on a data processor based system that is configured to implement functionality of a mobile communication device, and wherein the mobile communication device or the data processor based system is distinct from and remotely located from the client device.
  13. 13 . A computer program product for enabling secure remote hardware access through cross-device authentication, comprising a non-transitory computer readable medium having a computer readable program code embodied therein, the computer readable program code comprising instructions for implementing steps of: establishing network communication between a client device and a remotely located cloud services server over a communication network; receiving at the cloud services server, a client device authentication token transmitted from the client device, wherein the client device authentication token is retrieved from a memory within or coupled with the client device; comparing at the cloud services server, the received client device authentication token with authentication token data stored in a database of pre-authorized authentication tokens; responsive to a positive match between the received client device authentication token and a matching pre-authorized authentication token that is stored within the database of pre-authorized authentication tokens, wherein the matching pre-authorized authentication token is stored within said database with (i) data associating the matching pre-authorized authentication token with the client device or a user of the client device, and (ii) data identifying the matching pre-authorized authentication token as being pre-authorized for enabling remote access to a hardware device that is distinct from the client device, and that is protected by an access control lock: unlocking the access control lock on the hardware device; and providing to the client device over the communication network, one or more cloud-based software services implemented by the hardware device; wherein unlocking the access control lock on the hardware device is performed solely responsive to the positive match of the client device authentication token at the cloud services server, without requiring any user credential entry, password, personal identification number (“PIN”), biometric input, or other user identity verification process being implemented on either the hardware device or the client device during the unlock operation.

Description

CROSS-REFERENCE TO RELATED APPLICATION This application claims priority to U.S. Provisional Application No. 63/156,471 filed Mar. 4, 2021, the disclosure of which is hereby incorporated by reference in its entirety. FIELD OF THE INVENTION The present invention relates to remote hardware access through cross-device authentication. In particular, the present invention provides methods, systems and computer program products for enabling secure remote hardware access through cross-device authentication, including for implementation with cloud based services systems, and even more particularly for implementation within cloud gaming systems. BACKGROUND With the increase in availability of affordable computing hardware, it has become commonplace for individuals to use a plurality of computing devices or data processing devices for accessing cloud based, or network based, services. It has however been found that session instantiation with each computing device requires prior authentication of an identity of a user, or authentication of an identity of a client device that is requesting session instantiation. The identity authentication process ordinarily involves some form of call-response challenge—for example, providing a user name and password to enable identity authentication. Going through an identity authentication process for every instance of session instantiation is tedious, and provides a poor user experience. There is accordingly a need for a solution that enables secure and convenient identity authentication without interfering with the overall user experience. SUMMARY The invention provides remote hardware access through cross-device authentication. In particular, the present invention provides methods, systems and computer program products for enabling secure remote hardware access through cross-device authentication, including for implementation with cloud based services systems, and even more particularly for implementation within cloud gaming systems. The invention provides a method for enabling secure remote hardware access through cross-device authentication. The method comprises the steps of (i) establishing network communication between a client device and a remotely located cloud services server over a communication network, (ii) receiving at the cloud services server, a client device authentication token transmitted from the client device, wherein the client device authentication token is retrieved from a memory within or coupled with the client device, (iii) comparing the received client device authentication token with authentication token data stored in a database of pre-authorized authentication tokens corresponding to one or more client devices or users that are pre-authorized for remote access to a hardware device that is protected by an access control lock, wherein the hardware device is distinct from the client device, (iv) responsive to a positive match between the received client device authentication token and a pre-authorized authentication token (a) unlocking the access control lock on the hardware device, and (b) providing to the client device over the communication network, one or more cloud based software services implemented by the hardware device. In an embodiment of the method, the client device authentication token has been provisioned in the memory within or coupled with the client device prior to the step of establishing network communication between the client device and the remotely located cloud services server, by implementing the steps of (i) receiving at a remote server, user credentials transmitted from the client device, wherein the user credentials comprises data that includes one or more identifiers corresponding to at least one of the client device or a user of the client device, (ii) generating an authentication token and associating the authentication token with the client device or the user of the client device, (iii) storing within the database of pre-authorized authentication tokens, the generated authentication token, and (iv) transmitting the generated authentication token to the client device for storage in the memory within or coupled with the client device. The method may in an embodiment further comprise the step of storing within the database of pre-authorized authentication tokens: (i) data associating the generated authentication token with the client device or with the user of the client device, or (ii) data identifying the generated authentication token as being pre-authorized for remote access to the hardware device. In a specific embodiment of the method, the client device authentication token is retrieved for transmission to the cloud services server, from the memory within or coupled with the client device, in response to initiation of a request for enabling the client device to access a software streaming service provided by the cloud services server. In one embodiment of the method, the hardware device is a mobile communication device, or