User authentication without prior user enrollment
First Claim
1. A method for authenticating a user, comprising;
- obtaining authorized access to a data source;
identifying a plurality of fields in the data source, wherein each field stores a value known to the user;
for each identified field, generating at least one question whose correct answer is the value stored in the field;
wherein none of the questions is password related;
for each generated question associating the generated question with the identified field and with the data source;
in response to receiving a request from the user to access a protected resource, presenting to the user at least one generated questions; and
granting access to the protected resource if the user correctly answers each of the at least one generated questions presented, whereby a user'"'"'s identity is authenticated without requiring the user to provide a password or biometric data, and without requiring the user to enroll prior to access.
1 Assignment
0 Petitions
Accused Products
Abstract
Authenticating a user includes providing a plurality of questions based on user related information stored in at least one data source, wherein none of the plurality of questions is password related. At least one of the plurality of questions is presented to the user in response to receiving a request from the user to access one or more protected resources. Access is granted to the authorized set of protected resources if the user correctly answers each of the at least one questions presented. According to the present invention, the user'"'"'s identity is authenticated without requiring the user to provide a password or biometric data, and without requiring the user to enroll prior to access.
-
Citations
34 Claims
-
1. A method for authenticating a user, comprising;
-
obtaining authorized access to a data source;
identifying a plurality of fields in the data source, wherein each field stores a value known to the user;
for each identified field, generating at least one question whose correct answer is the value stored in the field;
wherein none of the questions is password related;
for each generated question associating the generated question with the identified field and with the data source;
in response to receiving a request from the user to access a protected resource, presenting to the user at least one generated questions; and
granting access to the protected resource if the user correctly answers each of the at least one generated questions presented, whereby a user'"'"'s identity is authenticated without requiring the user to provide a password or biometric data, and without requiring the user to enroll prior to access. - View Dependent Claims (2, 5, 6, 7, 8, 9, 10)
-
-
3. (canceled)
-
4. (canceled)
-
11. An identity management system for authenticating a user comprising:
-
at least one data source for storing user related information, wherein the at least one data source is either a private database a public database with restricted access; and
a server coupled to the at least one data source, wherein the server includes;
a processor for executing an identity management service (“
IMS”
) application, wherein the IMS application includes;
means for obtaining authorized access to the at least one data source, means for identifying a plurality of fields in the at least one data source wherein each field stores a value known to the user;
means for generating, for each identified field, at least one question whose correct answer is the value stored in the field; and
means for associating the least one generated question for each identified field with the identified field and with the data source; and
memory for storing the generated questions, wherein, in response to receiving a request from the user to access a protected resource, the server authenticates the user without requiring a password or biometric data, and without requiring the user to enroll by presenting to the user at least one of the generated questions and granting access to the protected resource if the user correctly answers the at least one generated questions presented. - View Dependent Claims (12, 15, 16, 17, 18, 19, 20)
-
-
13. (canceled)
-
14. (canceled)
-
21. A computer readable medium containing programming instructions for authenticating a user comprising instructions for:
-
obtaining authorized access to a data source;
identifying a plurality of fields in the data source, wherein each field stores a value known to the user;
for each identified field, generating at least one question whose correct answer is the value stored in the field;
for each generated question, associating the generated question with the identified field and with the data source;
in response to receiving a request from the user to access a protected resource, presenting to the user at least one generated questions; and
granting access to the protected resource if the user correctly answers each of the at least one generated questions presented, whereby a user'"'"'s identity is authenticated without requiring the user to provide a password or biometric data, and without requiring the user to enroll prior to access. - View Dependent Claims (22, 25, 26, 27, 28, 29, 30)
-
-
23. (canceled)
-
24. (canceled)
-
31. An authentication server for authenticating a user comprising:
-
a processor for executing an identity management service (IMS) application, wherein the IMS application obtains authorized access to an external data source, identifies a plurality of fields in the external data source, wherein each field stores a value known to the user generates, for each identified field, at least one challenge question whose correct answer is the value stored in the field, and associates each challenge question with the identified field and with the external data source;
memory for storing the challenge questions; and
a communication interface for receiving a request from the user to access a protected resource, for transmitting at least one challenge questions to the user; and
for receiving from the user an answer to the at least one challenge questions;
wherein the IMS application determines whether the user'"'"'s answer is correct, and authenticates the user if the user correctly answers the at least one challenge questions. - View Dependent Claims (32, 33, 34)
-
Specification