Method and a system for improving logon security in network applications

US 20020038426A1
Filed: 12/04/2000
Published: 03/28/2002
Est. Priority Date: 09/28/2000
Status: Abandoned Application

First Claim

Patent Images

1. An authentication method to authenticate an individual at a client station (1) seeking access to a server station (2), comprising the steps of obtaining (101) biometric data from the individual at the client station, supplying (103) the data to the server station, and comparing (104) the data received in the server station with data from one or more records of enrolled individuals, characterized by the steps of:

creating (107) or reading (108) a random password at the server station (2) when an authorized individual seeks access, transmitting (109) the password from the server station to the client station (1), and using (110) the password at the client station to authenticate the individual.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer system is provided for authentication of an individual at a client station (1) seeking access to a server station (2). The client station (1) obtains biometric data from the individual at the client station (1) and supplies the biometric data to the server station (2). The server station compares the biometric data with data from one or more records of enrolled individuals, and if the comparison is successful the server station (2) creates a random password, which is transmitted from the server station (2) to the client station (1). The client station (1) uses the password to authenticate the individual.

Citations

16 Claims

1. An authentication method to authenticate an individual at a client station (1) seeking access to a server station (2), comprising the steps of obtaining (101) biometric data from the individual at the client station, supplying (103) the data to the server station, and comparing (104) the data received in the server station with data from one or more records of enrolled individuals, characterized by the steps of:
- creating (107) or reading (108) a random password at the server station (2) when an authorized individual seeks access, transmitting (109) the password from the server station to the client station (1), and using (110) the password at the client station to authenticate the individual.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 16)
- - 2. A method according to claim 1, wherein the random password is deleted (112) when a specified period of time has elapsed since the password was created.
  - 3. A method according to claim 1 or 2, wherein the biometric data includes fingerprint data provided by a fingerprint reader (8).
  - 4. A method according to any of claims 1-3, wherein the fingerprint reader (8) provides a digital certificate ensuring the identity of the individual at the client station (1).
  - 5. A method according to any preceding claim, wherein an encrypted communication channel (10) is established (107) between the server station (2) and the client station (1) prior to supplying (103) the biometric data to the server station.
  - 6. A method according to claim 5, wherein the encrypted communication channel (10) is established over the Internet.
  - 7. A method according to any preceding claim, comprising the further steps of:
    - inserting (110) the password in a logon form (7) at the client station (1), transmitting (111) the logon form to the server station (2), and completing the authentication of the individual upon reception of the logon form in the server station.
  - 16. A computer program product (6) directly loadable into the internal memory (21) of an electronic apparatus with digital computer capabilities (20), characterized in that the computer program product (6) comprises software code portions for performing the steps of any of the claims 1 to 6 when said product is run on said apparatus (1).

8. A computer system for authentication of an individual seeking access to a server station (2) from a client station (1), where the client station (1) is adapted to obtain biometric data from the individual and to supply the biometric data to the server station (2), said server station being adapted to compare the biometric data with data from one or more records of enrolled individuals, characterized in that the server station (2) is adapted to create a random password when an authorized individual seeks access to the server station, and to transmit the password from the server station to the client station (1), and in that the client station (1) is adapted to use the password to authenticate the individual.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. A computer system according to claim 8, wherein the client station (1) comprises a COM object (6)
  - 10. A computer system according to claim 8 or 9, wherein the server station is adapted to delete the random password when a specified period of time has elapsed since the password was created.
  - 11. A computer system according to any of claims 8-10, wherein the biometric data includes fingerprint data provided by a fingerprint reader (8), coupled to the client station (1).
  - 12. A computer system according to any of claims 8-11, wherein the fingerprint reader (8) is adapted to provide a digital certificate ensuring the identity of the user at the client station (1).
  - 13. A computer system according to any of claims 8-12, wherein means are provided to establish an encrypted communication channel (10) between the server station (2) and the client station (1) to be used when supplying the biometric data to the server station (2).
  - 14. A computer system according to claim 13, wherein the encrypted communication channel (10) is established over the Internet.
  - 15. A computer system according to any of claims 8-14, wherein the client station is adapted to insert (110) the password in a logon form (7) at the client station (1), and to transmit (111) the logon form to the server station (2), and in that the server station is adapted to complete the authentication of the individual upon reception of the logon form in the server station.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Netmage AB
Original Assignee
Netmage AB
Inventors
Pettersson, Marcus, Lysen, Georg

Application Number

US09/727,695
Publication Number

US 20020038426A1
Time in Patent Office

Days
Field of Search
US Class Current

713/186
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/83   input devices, e.g. keyboar...

H04L 63/0823   using certificates cryptogr...

H04L 63/0861   using biometrical features,...

Method and a system for improving logon security in network applications

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Method and a system for improving logon security in network applications

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links