| CPC H04W 12/06 (2013.01) [G06F 21/44 (2013.01); H04L 9/0825 (2013.01); H04L 9/3213 (2013.01); H04L 9/3271 (2013.01)] | 20 Claims |
|
1. A computer-implemented method for enrollment validation of a secondary device, the computer-implemented method comprising:
responsive to receiving a verification that organization credentials associated with an organization owned device is authenticated, requesting the organization owned device to create a security token, wherein the security token comprises a private key and a public key;
receiving, subsequent to the organization owned device initiating creation of the security token, the public key from the organization owned device;
associating the public key with a User Principle Name associated with a user of the organization owned device;
responsive to detecting an enrollment request from the secondary device, requesting the organization credentials from the secondary device;
requesting, in response to the organization credentials from the secondary device being authenticated, a challenge response from the secondary device;
receiving the challenge response from the secondary device, wherein the challenge response is cryptographically signed by the secondary device with the private key, wherein the private key was transferred to the secondary device via the organization owned device;
determining, with the public key, whether the challenge response is valid; and
validating, based on determining the challenge response is valid, enrollment of the secondary device.
|