Cloud authentication

US 10,348,720 B2
Filed: 06/10/2015
Issued: 07/09/2019
Est. Priority Date: 08/09/2006
Status: Expired due to Fees

First Claim

Patent Images

1. An authentication system, comprising:

a processor configured to;

receive, at the authentication system, a request for authentication setup for a first user of a first service provider, wherein the authentication system is configured to provide authentication services on behalf of the first service provider; and

enroll the first user with the authentication system, wherein enrolling the first user with the authentication system includes storing a first set of stimuli to associate with a first user profile of the first user of the first service provider;

wherein the first set of stimuli to associate with the first user profile of the first user of the first service provider is determined by at least one of the first service provider and the authentication system;

wherein the authentication system is configured to provide authentication services on behalf of a second service provider, and wherein a second set of stimuli to associate with a second user profile of a second user of the second service provider is determined by at least one of the second service provider and the authentication system;

receive, at the authentication system and over a network, authentication requests from both the first and second service providers; and

based at least in part on receiving the authentication requests from both the first and second service providers, provide, from the authentication system and over the network, stimuli based at least in part on the first and second sets of stimuli, wherein the provided stimuli are presented to users of the first and second service providers for classification, wherein stimuli presented to users of the first service provider are selected based at least in part on a first set of policies provided to the authentication system by the first service provider, and wherein stimuli presented to users of the second service provider are selected based at least in part on a second set of policies provided to the authentication system by the second service provider; and

a memory coupled to the processor and configured to provide the processor with instructions.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A cloud authentication system is disclosed. A request for an authentication setup for a first user of a first service provider is received. Additional information, such as authentication criteria, can further be received, such as from the first service provider. A set of stimuli to associate with a first user profile of the first user of the first service provider is stored.

Citations

55 Claims

1. An authentication system, comprising:
- a processor configured to;
  
  receive, at the authentication system, a request for authentication setup for a first user of a first service provider, wherein the authentication system is configured to provide authentication services on behalf of the first service provider; and
  
  enroll the first user with the authentication system, wherein enrolling the first user with the authentication system includes storing a first set of stimuli to associate with a first user profile of the first user of the first service provider;
  
  wherein the first set of stimuli to associate with the first user profile of the first user of the first service provider is determined by at least one of the first service provider and the authentication system;
  
  wherein the authentication system is configured to provide authentication services on behalf of a second service provider, and wherein a second set of stimuli to associate with a second user profile of a second user of the second service provider is determined by at least one of the second service provider and the authentication system;
  
  receive, at the authentication system and over a network, authentication requests from both the first and second service providers; and
  
  based at least in part on receiving the authentication requests from both the first and second service providers, provide, from the authentication system and over the network, stimuli based at least in part on the first and second sets of stimuli, wherein the provided stimuli are presented to users of the first and second service providers for classification, wherein stimuli presented to users of the first service provider are selected based at least in part on a first set of policies provided to the authentication system by the first service provider, and wherein stimuli presented to users of the second service provider are selected based at least in part on a second set of policies provided to the authentication system by the second service provider; and
  
  a memory coupled to the processor and configured to provide the processor with instructions.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
- - 2. The authentication system of claim 1 wherein the processor is further configured to receive authentication criteria from the first service provider.
  - 3. The authentication system of claim 1 wherein the processor is further configured to receive from the first service provider an indication that the first user is one of a plurality of user types.
  - 4. The authentication system of claim 1 wherein the processor is further configured to determine whether a profile of the first user that is associated with a third service provider is already present on the authentication system.
  - 5. The authentication system of claim 4 wherein the processor is further configured to associate an already present profile with the first service provider.
  - 6. The authentication system of claim 4 wherein the processor is further configured to copy the already present profile and associate the copy with the first service provider.
  - 7. The authentication system of claim 4 wherein the first user profile comprises a score history.
  - 8. The authentication system of claim 1 wherein a classification of a presented stimulus comprises a binary classification.
  - 9. The authentication system of claim 1 wherein a classification of a presented stimulus comprises a ternary classification.
  - 10. The authentication system of claim 1 wherein a presented stimulus is associated with an item, and wherein classification of the presented stimulus comprises an indication of whether a user owns the item.
  - 11. The authentication system of claim 1 wherein a presented stimulus is associated with a statement, and wherein classification of the presented stimulus comprises an indication of whether a user agrees with the statement.
  - 12. The authentication system of claim 1 wherein a presented stimulus is classified as being not applicable.
  - 13. The authentication system of claim 1 wherein a stimulus is presented visually.
  - 14. The authentication system of claim 1 wherein a stimulus is presented acoustically.
  - 15. The authentication system of claim 1 wherein the first user profile includes at least one of identifying information associated with the first user, demographic information associated with the first user, and device information corresponding to the first user.
  - 16. The authentication system of claim 15 wherein the identifying information associated with the first user includes at least one of a name, a pseudonym, an address, and a phone number.
  - 17. The authentication system of claim 15 wherein the device information corresponding to the first user includes at least one of an operating system specification, a MAC address, and an IMEI.
  - 18. The authentication system of claim 1 wherein at least some of the provided stimuli are provided, over the network, via one or more interfaces served by the authentication system.
  - 19. The authentication system of claim 18 wherein at least one of the interfaces is served by the authentication system by an iframe element.
  - 20. The authentication system of claim 1 wherein at least some of the provided stimuli are provided, over the network, via an application programming interface.
  - 21. The authentication system of claim 1 wherein at least some of the provided stimuli are provided, over the network, directly to a client.
  - 22. The authentication system of claim 1 wherein at least some of the provided stimuli are provided, over the network, to a client via one of the first and second service providers.
  - 23. The authentication system of claim 1 wherein classification of a presented stimulus comprises an indication of preference for an item associated with the presented stimulus.
  - 24. The authentication system of claim 1 wherein at least some of the presented stimuli are presented for classification via an iframe element included in a website associated with at least one of the first and second service providers.

25. A method, comprising:
- receiving, at an authentication system, a request for authentication setup for a first user of a first service provider, wherein the authentication system is configured to provide authentication services on behalf of the first service provider; and
  
  enrolling, using a processor, the first user with the authentication system, wherein enrolling the first user with the authentication system includes storing a first set of stimuli to associate with a first user profile of the first user of the first service providerwherein the first set of stimuli to associate with the first user profile of the first user of the first service provider is determined by at least one of the first service provider and the authentication system;
  
  wherein the authentication system is configured to provide authentication services on behalf of a second service provider, and wherein a second set of stimuli to associate with a second user profile of a second user of the second service provider is determined by at least one of the second service provider and the authentication systemreceiving, at the authentication system and over a network, authentication requests from both the first and second service providers; and
  
  based at least in part on receiving the authentication requests from both the first and second service providers, providing, from the authentication system and over the network, stimuli based at least in part on the first and second sets of stimuli, wherein the provided stimuli are presented to users of the first and second service providers for classification, wherein stimuli presented to users of the first service provider are selected based at least in part on a first set of policies provided to the authentication system by the first service provider, and wherein stimuli presented to users of the second service provider are selected based at least in part on a second set of policies provided to the authentication system by the second service provider.
- View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 52, 53, 54, 55)
- - 26. The method of claim 25 further comprising receiving authentication criteria from the first service provider.
  - 27. The method of claim 25 further comprising receiving from the first service provider an indication that the first user is one of a plurality of user types.
  - 28. The method of claim 25 further comprising determining whether a profile of the first user that is associated with a third service provider is already present on the authentication system.
  - 29. The method of claim 28 further comprising associating an already present profile with the first service provider.
  - 30. The method of claim 28 further comprising copying the already present profile and associating the copy with the first service provider.
  - 31. The method of claim 28 wherein the first user profile comprises a score history.
  - 32. The method of claim 25 wherein a classification of a presented stimulus comprises a binary classification.
  - 33. The method of claim 25 wherein a classification of a presented stimulus comprises a ternary classification.
  - 34. The method of claim 25 wherein a presented stimulus is associated with an item, and wherein classification of the presented stimulus comprises an indication of whether a user owns the item.
  - 35. The method of claim 25 wherein a presented stimulus is associated with a statement, and wherein classification of the presented stimulus comprises an indication of whether a user agrees with the statement.
  - 36. The method of claim 25 wherein a presented stimulus is classified as being not applicable.
  - 37. The method of claim 25 wherein a stimulus is presented visually.
  - 38. The method of claim 25 wherein a stimulus is presented acoustically.
  - 39. The method of claim 25 wherein the first user profile includes at least one of identifying information associated with the first user, demographic information associated with the first user, and device information corresponding to the first user.
  - 40. The method of claim 39 wherein the identifying information associated with the first user includes at least one of a name, a pseudonym, an address, and a phone number.
  - 41. The method of claim 39 wherein the device information corresponding to the first user includes at least one of an operating system specification, a MAC address, and an IMEI.
  - 42. The method of claim 25 wherein at least some of the provided stimuli are provided, over the network, via one or more interfaces served by the authentication system.
  - 43. The method of claim 42 wherein at least one of the interfaces is served by the authentication system by an iframe element.
  - 44. The method of claim 25 wherein at least some of the provided stimuli are provided, over the network, via an application programming interface.
  - 45. The method of claim 25 wherein at least some of the provided stimuli are provided, over the network, directly to a client.
  - 46. The method of claim 25 wherein at least some of the provided stimuli are provided, over the network, to a client via one of the first and second service providers.
  - 47. The method of claim 25 wherein classification of a presented stimulus comprises an indication of preference for an item associated with the presented stimulus.
  - 48. The method of claim 25 wherein at least some of the presented stimuli are presented for classification via an iframe element included in a website associated with at least one of the first and second service providers.
  - 52. The computer program product of claim 32 further comprising determining whether a profile of the first user that is associated with a third service provider is already present on the authentication system.
  - 53. The computer program product of claim 35 further comprising associating an already present profile with the first service provider.
  - 54. The computer program product of claim 35 further comprising copying the already present profile and associating the copy with the first service provider.
  - 55. The computer program product of claim 35 wherein the first user profile comprises a score history.

49. A computer program product embodied in a non-transitory computer readable storage medium and comprising computer instructions for:
- receiving, at an authentication system, a request for authentication setup for a first user of a first service provider, wherein the authentication system is configured to provide authentication services on behalf of the first service provider; and
  
  enrolling, using a processor, the first user with the authentication system, wherein enrolling the first user with the authentication system includes storing a first set of stimuli to associate with a first user profile of the first user of the first service provider;
  
  wherein the first set of stimuli to associate with the first user profile of the first user of the first service provider is determined by at least one of the first service provider and the authentication system;
  
  wherein the authentication system is configured to provide authentication services on behalf of a second service provider, and wherein a second set of stimuli to associate with a second user profile of a second user of the second service provider is determined by at least one of the second service provider and the authentication systemreceiving, at the authentication system and over a network, authentication requests from both the first and second service providers; and
  
  based at least in part on receiving the authentication requests from both the first and second service providers, providing, from the authentication system and over the network, stimuli based at least in part on the first and second sets of stimuli, wherein the provided stimuli are presented to users of the first and second service providers for classification, wherein stimuli presented to users of the first service provider are selected based at least in part on a first set of policies provided to the authentication system by the first service provider, and wherein stimuli presented to users of the second service provider are selected based at least in part on a second set of policies provided to the authentication system by the second service provider.
- View Dependent Claims (50, 51)
- - 50. The computer program product of claim 49 further comprising receiving authentication criteria from the first service provider.
  - 51. The computer program product of claim 49 further comprising receiving from the first service provider an indication that the first user is one of a plurality of user types.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
RavenWhite Security, Inc. (Bjorn Markus Jakobsson)
Original Assignee
RavenWhite Security, Inc. (Bjorn Markus Jakobsson)
Inventors
Jakobsson, Bjorn Markus
Primary Examiner(s)
King, John B

Application Number

US14/736,156
Publication Number

US 20150381603A1
Time in Patent Office

1,490 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/31   User authentication

G06F 21/552   involving long-term monitor...

G06F 21/60   Protecting data

G06F 2221/2131   Lost password, e.g. recover...

H04K 1/00   Secret communication

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/605   Copy protection

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 63/083   using passwords cryptograph...

H04L 63/1483   service impersonation, e.g....

H04L 9/0891   Revocation or update of sec...

H04W 4/02   Services making use of loca...

Cloud authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

55 Claims

Specification

Solutions

Use Cases

Quick Links

Cloud authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

55 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links