US 12,010,248 B2
Systems and methods for providing authentication to a plurality of devices
Carl Jackson, San Francisco, CA (US); Bryan Berg, San Francisco, CA (US); David Terrence Bartley, San Francisco, CA (US); and Evan Broder, San Francisco, CA (US)
Assigned to STRIPE, INC., South San Francisco, CA (US)
Filed by Stripe, Inc., San Francisco, CA (US)
Filed on Jun. 30, 2023, as Appl. No. 18/216,992.
Application 18/216,992 is a continuation of application No. 17/234,456, filed on Apr. 19, 2021, granted, now 11,711,222.
Application 17/234,456 is a continuation of application No. 16/518,557, filed on Jul. 22, 2019, granted, now 10,985,925, issued on Apr. 20, 2021.
Application 16/518,557 is a continuation of application No. 16/235,509, filed on Dec. 28, 2018, granted, now 10,404,476, issued on Sep. 3, 2019.
Application 16/235,509 is a continuation of application No. 15/979,021, filed on May 14, 2018, granted, now 10,193,697, issued on Jan. 29, 2019.
Application 15/979,021 is a continuation of application No. 15/480,057, filed on Apr. 5, 2017, granted, now 9,992,029, issued on Jun. 5, 2018.
Prior Publication US 2023/0344647 A1, Oct. 26, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/32 (2006.01); H04L 9/14 (2006.01); H04L 9/40 (2022.01)
CPC H04L 9/3263 (2013.01) [H04L 9/14 (2013.01); H04L 9/3247 (2013.01); H04L 9/3268 (2013.01); H04L 9/3271 (2013.01); H04L 63/0428 (2013.01); H04L 63/083 (2013.01); H04L 2209/127 (2013.01)] 18 Claims
OG exemplary drawing
 
1. A method for a certificate authority system providing authentication to a device associated with an organization, the method comprising:
receiving, at the certificate authority system, a request from the device to sign authentication information of the device;
sending a challenge to the device comprising a request to perform an action;
receiving a response to the challenge from the device as a result of performing the action;
verifying, by the certificate authority system, the response was correctly generated based on the challenge;
analyzing a factor associated with the device, the factor comprising at least one of a location of the device, a role of a user of the device within the organization, one or more permissions associated with a user of the device, one or more privileges of the user within the organization, a type of device, and a purpose of the device;
selecting, based on the analysis of the factor, a key from among a plurality of keys of the certificate authority system associated with a level of trust associated with the device wherein the level of trust encompasses at least one of: a device permission level of the device within the organization, a user permission level of a user of the device, an operation permission level associated with a privilege available to the device for performing an operation within the organization, and an access permission level that establishes a privilege to a resource; and
signing, in response to verifying the response and selecting the key, the authentication information of the device with at least the selected key of the certificate authority system as a certificate authority system authentication of an identity of the device that certifies the device as a trusted device having the level of trust when interacting with another device associated with the organization.