System and method for authentication of users and communications received from computer systems

US 20050177750A1
Filed: 02/03/2005
Published: 08/11/2005
Est. Priority Date: 05/09/2003
Status: Active Grant

First Claim

Patent Images

1. A method of receiving information useful for logging a user into a computer system, comprising:

providing from the computer system to the user a prompt for a user identifier; and

receiving the user identifier from the user; and

responsive to the user identifier received;

providing from the computer system to the user a prompt for confidential information; and

providing to the user customization information corresponding to the user identifier received that is perceptible to the user and can allow the user to authenticate the computer system if the customization information provided matches customization information expected by the user; and

wherein;

said customization information not being presented to the user between the providing from the computer system to the user the prompt for the user identifier step and the receiving the user identifier step; and

the correspondence of the customization information with the user identifier not ordinarily being publicly known.

View all claims

15 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method allows a user to authenticate a communication from a computer system, a computer system to authenticate a user, or both. When a user requests a web page from the web site, customization information that is recognizable to the user is provided to allow the user to authenticate the web site. A signed, encrypted persistent file stored on the user'"'"'s computer system or installed on a different computer system, or a trusted computing subsystem allows the web site to authenticate the user. If the user is using a system that will not allow that user to be authenticated, the user may instruct the system to continue providing information without the user'"'"'s customization information. The system and method may be used to allow the user to authenticate an e-mail message or its source, and Flash movies or other computer code may be used if the user'"'"'s e-mail client does not employ cookies.

Citations

27 Claims

1. A method of receiving information useful for logging a user into a computer system, comprising:
- providing from the computer system to the user a prompt for a user identifier; and
  
  receiving the user identifier from the user; and
  
  responsive to the user identifier received;
  
  providing from the computer system to the user a prompt for confidential information; and
  
  providing to the user customization information corresponding to the user identifier received that is perceptible to the user and can allow the user to authenticate the computer system if the customization information provided matches customization information expected by the user; and
  
  wherein;
  
  said customization information not being presented to the user between the providing from the computer system to the user the prompt for the user identifier step and the receiving the user identifier step; and
  
  the correspondence of the customization information with the user identifier not ordinarily being publicly known.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 wherein the customization information was identified by the user prior to the providing the user the prompt for the user identifier step.
  - 3. The method of claim 2 wherein the customization information was identified by the user by the user providing the customization information to the computer system.
  - 4. The method of claim 1 wherein the customization information for the user may be different from customization information at least one other user who may log into the computer system.
  - 5. The method of claim 4, wherein the customization information for the user may be different from customization information for all other users who may log into the computer system.
  - 6. The method of claim 1 wherein the providing to the user customization information step is additionally responsive to at least one selected from an identifier and at least a portion of a persistent file received from a computer system used by the user to provide the user identifier received.
  - 7. The method of claim 1 wherein the providing to the user customization information step is additionally responsive to at least a portion of a persistent file received from a computer system used by the user to provide the user identifier received comprises a user identifier corresponding to the user identifier received.
  - 8. The method of claim 7 wherein the user identifier in the persistent file is encrypted in the persistent file.
  - 9. The method of claim 8 wherein the persistent file comprises a local shared object capable of being used by a Flash movie.

10. A system for receiving information useful for logging a user into a computer system, comprising:
- a user identifier prompter for having an input/output for providing from the computer system to the user a prompt for a user identifier and for receiving the user identifier from the user, the user identifier prompter for, providing at an output, the user identifier received; and
  
  a password prompter having an input coupled to the user identifier prompter output, the password prompter for, responsive to the user identifier received, causing via an output the following to be provided to the user;
  
  a prompt for confidential information, and customization information corresponding to the user identifier received that is perceptible to the user and can allow the user to authenticate the computer system if the customization information provided matches customization information expected by the user; and
  
  wherein;
  
  said customization information not being presented to the user between the providing from the computer system to the user the prompt for the user identifier step and the receiving the user identifier step; and
  
  the correspondence of the customization information with the user identifier not ordinarily being publicly known.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The system of claim 10:
    - additionally comprising a registration manager having an input/output for receiving from the user, prior to a time at which the password prompter provides the customization information, an identification of the customization information to be provided by the password prompter.
  - 12. The system of claim 11 wherein the customization information identified by the user by the user providing the customization information at the registration manager input/output.
  - 13. The system of claim 10 wherein the customization information for the user may be different from customization information at least one other user who may log into the computer system.
  - 14. The system of claim 13, wherein the customization information for the user may be different from customization information for all other users who may log into the computer system.
  - 15. The system of claim 10 wherein at least one selected from the user identifier prompter and the password prompter additionally receives at least one selected from a persistent file and an identifier, and the password prompter provides the customization information additionally responsive to at least one selected from at least a portion of a persistent file and the identifier.
  - 16. The system of claim 10 wherein the password prompter provides the customization information additionally responsive to at least one selected from:
    - at least one selected from an identifier and at least a portion of a persistent file received by at least one selected from;
      
      the user identifier prompter; and
      
      the password prompter from a computer system used by the user to provide the user identifier received corresponds to the user identifier received.
  - 17. The system of claim 16 wherein the user identifier is encrypted in the persistent file.
  - 18. The system of claim 17 wherein the persistent file comprises a local shared object capable of being used by a Flash movie.

19. A computer program product comprising a computer useable medium having computer readable program code embodied therein for receiving information useful for logging a user into a computer system, the computer program product comprising computer readable program code devices configured to cause a computer system to:
- provide from the computer system to the user a prompt for a user identifier; and
  
  receive the user identifier from the user; and
  
  responsive to the user identifier received;
  
  provide from the computer system to the user a prompt for confidential information; and
  
  provide to the user customization information corresponding to the user identifier received that is perceptible to the user and can allow the user to authenticate the computer system if the customization information provided matches customization information expected by the user; and
  
  wherein;
  
  said customization information not being presented to the user between the providing from the computer system to the user the prompt for the user identifier step and the receiving the user identifier step; and
  
  the correspondence of the customization information with the user identifier not ordinarily being publicly known.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
- - 20. The method of claim 19 wherein the customization information was identified by the user prior to the providing the user the prompt for the user identifier step.
  - 21. The method of claim 20 wherein the customization information was identified by the user by the user providing the customization information to the computer system.
  - 22. The method of claim 19 wherein the customization information for the user may be different from customization information at least one other user who may log into the computer system.
  - 23. The method of claim 22, wherein the customization information for the user may be different from customization information for all other users who may log into the computer system.
  - 24. The method of claim 19 wherein the computer readable program code devices configured to cause the computer system to provide to the user customization information are additionally responsive to at least one selected from an identifier and at least a portion of a persistent file received from a computer system used by the user to provide the user identifier received.
  - 25. The method of claim 19 wherein the computer readable program code devices configured to cause the computer system to provide to the user customization information are additionally responsive to at least a portion of a persistent file received from a computer system used by the user to provide the user identifier received comprises a user identifier corresponding to the user identifier received.
  - 26. The method of claim 25 wherein the user identifier in the persistent file is encrypted in the persistent file.
  - 27. The method of claim 26 wherein the persistent file comprises a local shared object capable of being used by a Flash movie.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Emc IP Holding Company LLC (Dell Technologies Inc.)
Original Assignee
EMC Corporation (Dell Technologies Inc.)
Inventors
Gasparini, Louis A., Harris, William H.

Granted Patent

US 7,730,321 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/5
CPC Class Codes

G06F 21/31   User authentication

G06F 21/445   by mutual authentication, e...

G06F 21/6263   during internet communicati...

G06F 2221/2119   Authenticating web pages, e...

System and method for authentication of users and communications received from computer systems

First Claim

15 Assignments

0 Petitions

Accused Products

Abstract

Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for authentication of users and communications received from computer systems

First Claim

15 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links