System and method for user authentication

US 20050044382A1
Filed: 08/26/2004
Published: 02/24/2005
Est. Priority Date: 02/23/2000
Status: Abandoned Application

First Claim

Patent Images

1. A method of authenticating a user of an electronic device, the method comprising:

prompting a user to input security information;

receiving in an electronic device the security information from the user;

receiving in the electronic device an authorization pattern, wherein entry of the authorization pattern is non-prompted, and wherein the receiving of the non-prompted authorization pattern occurs after the receiving of the security information;

authenticating the security information;

determining whether the non-prompted authorization pattern matches a stored pattern;

measuring a duration of time between the receiving of the security information and the receiving of the non-prompted authorization pattern; and

granting the user access to the electronic device if the measured duration of time is less than a designated amount and in the event of a satisfactory match between the non-prompted authorization pattern and the stored pattern.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for authenticating a user to access a computer system. The method comprises communicating security information to the computer system, and providing the computer system with an implicit input. The method further comprises determining whether the security information and implicit input match corresponding information associated with the user. The method further comprises granting the user access to the computer system in the event of a satisfactory match. When authenticating the user, the method and system consider the possibility of the user being legitimate but subject to duress or force by a computer hacker.

Citations

46 Claims

1. A method of authenticating a user of an electronic device, the method comprising:
- prompting a user to input security information;
  
  receiving in an electronic device the security information from the user;
  
  receiving in the electronic device an authorization pattern, wherein entry of the authorization pattern is non-prompted, and wherein the receiving of the non-prompted authorization pattern occurs after the receiving of the security information;
  
  authenticating the security information;
  
  determining whether the non-prompted authorization pattern matches a stored pattern;
  
  measuring a duration of time between the receiving of the security information and the receiving of the non-prompted authorization pattern; and
  
  granting the user access to the electronic device if the measured duration of time is less than a designated amount and in the event of a satisfactory match between the non-prompted authorization pattern and the stored pattern.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the non-prompted authorization pattern corresponds to a particular movement of an input device.
  - 3. The method of claim 2, wherein the input device includes at least one of a mouse, a trackball, a keyboard, a touch screen, a microphone, and a scanner.
  - 4. The method of claim 1, additionally comprising denying the user access to the electronic device in the event of an unsatisfactory match between the non-prompted authorization pattern and the stored pattern.
  - 5. The method of claim 1, additionally comprising granting the user partial access to the electronic device in the event of an unsatisfactory match between the non-prompted authorization pattern and the stored pattern.
  - 6. The method of claim 1, additionally comprising denying the user access to the electronic device if the measured duration of time is not less than a designated amount.
  - 7. The method of claim 1, additionally comprising granting the user partial access to the electronic device if the measured duration of time is not less than a designated amount.
  - 8. The method of claim 1, wherein the security information comprises a password.

9. A method of user authentication, the method comprising:
- prompting a user of an electronic device to input authentication information;
  
  receiving authentication information from the user;
  
  receiving an authorization pattern input by the user, wherein the inputting of the authorization pattern is non-prompted;
  
  authenticating the authentication information;
  
  determining whether the authorization pattern matches a stored pattern; and
  
  granting the user access to the electronic device in the event of a satisfactory match.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 10. The method of claim 9, additionally comprising measuring a duration of time between the receiving of the authentication information and the receiving of the authorization pattern.
  - 11. The method of claim 9, wherein the authorization pattern is provided by the user through an input device.
  - 12. The method of claim 11, wherein the input device comprises a mouse.
  - 13. The method of claim 11, wherein the authorization pattern corresponds to a particular movement of the input device.
  - 14. The method of claim 9, wherein the authentication information comprises a user identification.
  - 15. The method of claim 9, wherein the authentication information comprises a password.
  - 16. The method of claim 9, additionally comprising issuing a security alert in the event of an unsatisfactory match between the authorization pattern and the stored pattern.
  - 17. The method of claim 16, wherein the security alert comprises a silent alert.
  - 18. The method of claim 9, additionally comprising limiting the scope of user access to the electronic device in the event of an unsatisfactory match between the authorization pattern and the stored pattern.
  - 19. The method of claim 9, wherein the act of prompting a user is performed by a user interface.

20. A system for authenticating a user of an electronic device, the system comprising:
- at least one input device coupled to an electronic device;
  
  a user interface configured to prompt a user to provide authentication information with the at least one input device;
  
  a processor coupled to the at least one input device and configured to receive said authentication information from the at least one input device, said processor being further configured to receive from the at least one input device a non-prompted authorization pattern;
  
  a timer configured to measure a duration of time between the receiving of the authentication information and the receiving of the non-prompted authorization pattern;
  
  a memory configured to store a predetermined pattern; and
  
  a compare circuit coupled to the processor and to the memory, wherein the compare circuit is configured to compare at least the non-prompted authorization pattern with the predetermined pattern, and wherein the compare circuit is configured to grant the user access to the electronic device in the event of a satisfactory match.
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
- - 21. The system of claim 20, wherein the compare circuit is configured to deny the user access to the electronic device if the measured duration exceeds a designated duration.
  - 22. The system of claim 20, wherein the compare circuit is configured to grant the user partial access to the electronic device if the measured duration exceeds a designated amount.
  - 23. The system of claim 22, wherein the partial access does not allow the user to electronically copy information stored on the electronic device.
  - 24. The system of claim 20, wherein the at least one input device comprises a mouse.
  - 25. The system of claim 24, wherein the at least one input device further comprises a keyboard.
  - 26. The system of claim 25, wherein the non-prompted authorization pattern corresponds to particular movement of the mouse.
  - 27. The system of claim 26, wherein the authentication information is input through the keyboard.
  - 28. The system of claim 26, wherein the non-prompted authorization pattern corresponds to an implicit act.
  - 29. The system of claim 28, wherein the implicit act is a passive act.
  - 30. The system of claim 20, wherein the at least one input device includes at least one of a mouse, a trackball, a keyboard, a touch screen, a microphone, and a scanner.
  - 31. The system of claim 20, wherein the non-prompted authorization pattern corresponds to movement of the at least one input device.

32. A system for authenticating a user of an electronic device, the system comprising:
- a user interface configured to instruct a user to provide security information to an electronic device; and
  
  process circuitry coupled to the user interface and configured to receive a first input signal representing said security information, wherein said process circuitry is further configured to receive a second input signal representing a non-prompted authorization pattern, and wherein said process circuitry in further configured to determine the authenticity of said security information and of said non-prompted authorization pattern.
- View Dependent Claims (33, 34, 35, 36, 37, 38, 39, 40)
- - 33. The system of claim 32, further comprising a memory configured to store a predetermined pattern.
  - 34. The system of claim 33, wherein the process circuitry comprises a compare circuit configured to compare the non-prompted authorization pattern with the predetermined pattern.
  - 35. The system of claim 34, wherein the process circuitry is configured to grant the user access to the electronic device in the event of a satisfactory match between the non-prompted authorization pattern and the predetermined pattern.
  - 36. The system of claim 32, wherein the non-prompted authorization pattern corresponds to particular movement of an input device.
  - 37. The system of claim 36, wherein the input device comprises a mouse.
  - 38. The system of claim 32, further comprising a timer coupled to the process circuitry and configured to measure a duration of time between the receiving of the first input signal and the receiving of the second input signal.
  - 39. The system of claim 38, wherein the process circuitry is further configured to deny the user access to the electronic device if the measured duration exceeds a predetermined amount.
  - 40. The system of claim 32, wherein said second input signal comprises a sequence of electrical signals.

41. A system for authenticating a user of an electronic device, the system comprising:
- means for prompting the input of security information by a user;
  
  means for inputting the security information;
  
  means for inputting an authorization pattern, wherein the input of the authorization pattern is non-prompted; and
  
  means for comparing the security information and the non-prompted authorization pattern with respective information associated with the user, wherein said means for comparing is configured to grant the user access to an electronic device in the event of a satisfactory match between the security information and non-prompted authorization pattern and the respective information associated with the user.
- View Dependent Claims (42, 43, 44, 45, 46)
- - 42. The system of claim 41, further comprising means for measuring a duration of time between the input of the security information and the input of the non-prompted authorization pattern.
  - 43. The system of claim 42, wherein further user access to the electronic device is denied if the measured duration exceeds a threshold amount.
  - 44. The system of claim 41, wherein the security information comprises at least one of a user identification and a password.
  - 45. The system of claim 41, further comprising means for generating an alert signal in the event of an unsatisfactory match between the non-prompted authorization pattern and the respective information associated with the user.
  - 46. The system of claim 41, wherein the means for comparing is configured to grant the user a limited scope of access to the electronic device in the event of an unsatisfactory match between the non-prompted authorization pattern and the respective information associated with the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Micron Technology, Inc.
Original Assignee
Micron Technology, Inc.
Inventors
McKeeth, James

Application Number

US10/927,385
Publication Number

US 20050044382A1
Time in Patent Office

Days
Field of Search
US Class Current

713/182
CPC Class Codes

G06F 21/31   User authentication

G06F 21/32   using biometric data, e.g. ...

G06F 21/36   by graphic or iconic repres...

G06F 21/40   by quorum, i.e. whereby two...

G06F 21/6218   to a system of files or obj...

G06F 3/041   Digitisers, e.g. for touch ...

G06F 3/0488   using a touch-screen or dig...

G06V 40/12   Fingerprints or palmprints

System and method for user authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

46 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for user authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

46 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links