Graphical passwords for use in a data processing network

US 20030093699A1
Filed: 11/15/2001
Published: 05/15/2003
Est. Priority Date: 11/15/2001
Status: Abandoned Application

First Claim

Patent Images

1. A method of authorizing access to restricted information on a data processing network, comprising:

responsive to receiving a request for a document, determining whether access to the document is restricted;

responsive to determining that access to the requested document is restricted, providing at least one password document comprising a plurality of icons to a user for selection by the user;

detecting a user'"'"'s selection of one or more icons from the at least one password documents and, based thereon, determining the user'"'"'s authority to access the requested documents.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for authorizing access to networked information using a graphically based password. In one embodiment, access to a restricted document is granted only after the user has demonstrated its authority to access the information by identifying a previously determined sequence of graphical images. If the user identifies the correct images, the user is granted access to the restricted information. In one embodiment, the graphical images may be presented to the user as a sequence of web pages where each page has multiple graphical images (icons). On each page in the sequence, the user selects (such as by clicking) the correct icon. The icon may be implemented as a link to the next web page in the password sequence. As each page is presented, the user clicks the correct icon thereby generating a sequence of accessed web pages. The server then verifies the user as an authorized user by comparing the sequence of web pages visited by the user to a predetermined sequence. In this manner, the password enabling a user to access confidential information comprises a sequence of web pages visited by the user. The graphically based password information may be supplemented with user identification information that is either entered by the user or provided by the user as cookie information. In this embodiment, the server may grant various levels of access based on the combination of the user identification information and the graphically entered password.

Citations

21 Claims

1. A method of authorizing access to restricted information on a data processing network, comprising:
- responsive to receiving a request for a document, determining whether access to the document is restricted;
  
  responsive to determining that access to the requested document is restricted, providing at least one password document comprising a plurality of icons to a user for selection by the user;
  
  detecting a user'"'"'s selection of one or more icons from the at least one password documents and, based thereon, determining the user'"'"'s authority to access the requested documents.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein providing at least one password document comprises providing a series of password documents to the user, each password document comprising a plurality of icons and prompting the user to select one of the icons from each of the password documents.
  - 3. The method of claim 2, wherein a correct icon on each password document comprises a link to a next password document such that selecting an appropriate sequence of icons produces a corresponding sequence of documents.
  - 4. The method of claim 1, wherein determining the user'"'"'s authority to access a requested document comprises comparing the sequence of selected icons to a previously stored sequence and granting authority if the selected sequence matches the previously stored sequence.
  - 5. The method of claim 1, further comprising, reading user identification information provided with the request and determining authority to access the requested document based on the selected icons and the user identification information.
  - 6. The method of claim 5, wherein the user identification information is provided as a cookie portion of the request.
  - 7. The method of claim 5, wherein the user is provided read only access authority to the requested document if the user identification information matches previously stored user identification information.

8. A computer program product comprising a set of computer executable instructions for authorizing access to restricted information on a data processing network, the instruction stored on a computer readable medium, comprising:
- computer code means for determining whether access to the document is restricted responsive to receiving a request for a document;
  
  computer code means responsive to determining that access to the requested document is restricted for providing at least one password document comprising a plurality of icons to a user for selection by the user;
  
  computer code means for detecting a user'"'"'s selection of one or more icons from the at least one password documents and, based thereon, determining the user'"'"'s authority to access the requested documents.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer program product of claim 8, wherein the code means for providing at least one password document comprises code means for providing a series of password documents to the user, each password document comprising a plurality of icons and code means for prompting the user to select one of the icons from each of the password documents.
  - 10. The computer program product of claim 9, wherein a correct icon on each password document comprises a link to a next password document such that selecting an appropriate sequence of icons produces a corresponding sequence of documents.
  - 11. The computer program product of claim 8, wherein the code means for determining the user'"'"'s authority to access a requested document comprises code means for comparing the sequence of selected icons to a previously stored sequence and granting authority if the selected sequence matches the previously stored sequence.
  - 12. The computer program product of claim 8, further comprising, computer code means for reading user identification information provided with the request and determining authority to access the requested document based on the selected icons and the user identification information.
  - 13. The computer program product of claim 12, wherein the user identification information is provided as a cookie portion of the request.
  - 14. The computer program product of claim 12, wherein the user is provided read only access authority to the requested document if the user identification information matches previously stored user identification information.

15. A data processing system including processor, memory, and input means connected via a bus, the memory containing at least a portion of a computer program product comprising a set of computer executable instructions for authorizing access to restricted information on a data processing network, the instruction stored on a computer readable medium, comprising:
- computer code means for determining whether access to the document is restricted responsive to receiving a request for a document;
  
  computer code means responsive to determining that access to the requested document is restricted for providing at least one password document comprising a plurality of icons to a user for selection by the user;
  
  computer code means for detecting a user'"'"'s selection of one or more icons from the at least one password documents and, based thereon, determining the user'"'"'s authority to access the requested documents.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The data processing system of claim 15, wherein the code means for providing at least one password document comprises code means for providing a series of password documents to the user, each password document comprising a plurality of icons and code means for prompting the user to select one of the icons from each of the password documents.
  - 17. The data processing system of claim 16, wherein a correct icon on each password document comprises a link to a next password document such that selecting an appropriate sequence of icons produces a corresponding sequence of documents.
  - 18. The data processing system of claim 15, wherein the code means for determining the user'"'"'s authority to access a requested document comprises code means for comparing the sequence of selected icons to a previously stored sequence and granting authority if the selected sequence matches the previously stored sequence.
  - 19. The data processing system of claim 15, further comprising, computer code means for reading user identification information provided with the request and determining authority to access the requested document based on the selected icons and the user identification information.
  - 20. The data processing system of claim 19, wherein the user identification information is provided as a cookie portion of the request.
  - 21. The data processing system of claim 19, wherein the user is provided read only access authority to the requested document if the user identification information matches previously stored user identification information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Nguyen, Khanh, Cao, Tai Anh, Banning, Kenneth Ray

Application Number

US09/998,402
Publication Number

US 20030093699A1
Time in Patent Office

Days
Field of Search
US Class Current

726/3
CPC Class Codes

G06F 21/36 by graphic or iconic repres...

Graphical passwords for use in a data processing network

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Graphical passwords for use in a data processing network

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links