User authentication using personal objects

US 20060272007A1
Filed: 02/06/2006
Published: 11/30/2006
Est. Priority Date: 05/24/2005
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for providing a user secure access to a plurality of applications, the computer-implemented method comprising using in an authentication scheme a personal object that said user already uses for purposes other than said authentication scheme, wherein an object ID associated with said personal object is used as an authentication credential in said authentication scheme associated with accessing one or more of said plurality of applications.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system of authentication for accessing one or more applications by a user by using a personal object belonging to the user. Such a personal object is one that is already in use by the user for purposes other than accessing the one or more applications.

33 Citations

View as Search Results

67 Claims

1. A computer-implemented method for providing a user secure access to a plurality of applications, the computer-implemented method comprising using in an authentication scheme a personal object that said user already uses for purposes other than said authentication scheme, wherein an object ID associated with said personal object is used as an authentication credential in said authentication scheme associated with accessing one or more of said plurality of applications.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
- - 2. The computer-implemented method of claim 1, wherein said personal object is any personal object from a set of personal objects comprising:
    - a watch;
      
      a driver license;
      
      a credit card;
      
      a bank card;
      
      a keychain;
      
      a wallet;
      
      a piece of jewelry;
      
      a thumb drive;
      
      a PDA;
      
      a mobile phone; and
      
      a handheld device.
  - 3. The computer-implemented method of claim 1, wherein said object ID is an embedded ID.
  - 4. The computer-implemented method of claim 1, wherein said object ID is an embedded device serial number.
  - 5. The computer-implemented method of claim 1, wherein said object ID is a UPC bar code.
  - 6. The computer-implemented method of claim 1, wherein said object ID is an optical character recognition code.
  - 7. The computer-implemented method of claim 1, wherein said object ID is an RFID-based electronic product code (EPC).
  - 8. The computer-implemented method of claim 5, wherein said UPC bar code is a linear UPC code.
  - 9. The computer-implemented method of claim 5, wherein said UPC bar code is a two-dimensional UPC code.
  - 10. The computer-implemented method of claim 5, wherein said UPC bar code is a composite UPC code.
  - 11. The computer-implemented method of claim 5, wherein said UPC bar code is a matrix UPC code.
  - 12. The computer-implemented method of claim 1, further comprising electronically obtaining said object ID by querying an electronic object ID reader for said object ID.
  - 13. The computer-implemented method of claim 1, further comprising electronically obtaining said object ID by interfacing with an electronic object ID reader for said object ID.
  - 14. The computer-implemented method of claim 1, further comprising electronically injecting said object ID as a password when queried for said password for accessing said plurality of applications.
  - 15. The computer-implemented method of claim 14, further comprising sending said object ID to a credential directory for verification as said password for accessing said plurality of applications.
  - 16. The computer-implemented method of claim 14, further comprising sending said object ID to an object verifier for verification as said password for accessing said plurality of applications.
  - 17. The computer-implemented method of claim 1, further comprising querying said user for an application password and appending said object ID to said application password to form an extended application password for accessing said plurality of applications.
  - 18. The computer-implemented method of claim 17, further comprising sending said extended application password to a credential directory for verification as a password for accessing said plurality of applications.
  - 19. The computer-implemented method of claim 17, further comprising sending said extended application password to an object verifier for verification as a password for accessing said plurality of applications.
  - 20. The computer-implemented method of claim 1, further comprising querying said user for an enterprise password and appending said object ID to said enterprise password to form an extended enterprise password.
  - 21. The computer-implemented method of claim 20, further comprising sending said extended application password to a credential directory for verification as a password for accessing said plurality of applications.
  - 22. The computer-implemented method of claim 20, further comprising sending said extended application password to an object verifier for verification as a password for accessing said plurality of applications.
  - 23. The computer-implemented method of claim 1, further comprising:
    - sending credential information to an object verifier for authentication;
      
      upon successful authentication by said object verifier then receiving application passwords corresponding to one or more applications of said plurality of applications; and
      
      using said received application passwords from said object verifier to access said one or more applications.
  - 24. The method of claim 23 wherein said credential information is said object ID.
  - 25. The method of claim 23 wherein said credential information is an extended enterprise password comprising said object ID and an enterprise password provided by said user.
  - 26. The computer-implemented method of claim 1, further comprising:
    - sending credential information to a selected application from said plurality of applications that said user wishes to access;
      
      wherein said selected application sends said credential information to an object verifier for authentication; and
      
      allowing user access to said selected application upon successful authentication at said object verifier.
  - 27. The method of claim 26 wherein said credential information is said object ID.
  - 28. The method of claim 26 wherein said credential information is an extended enterprise password comprising said object ID and an enterprise password provided by said user.
  - 29. The computer-implemented method of claim 1, further comprising:
    - sending credential information to an object verifier for authentication;
      
      receiving a dynamically generated single-use password from said object verifier for accessing one or more applications of said plurality of applications upon successful authentication at said object verifier; and
      
      using said dynamically generated single-use password from said object verifier for accessing said one or more applications.
  - 30. The method of claim 29 wherein said credential information is said object ID.
  - 31. The method of claim 29 wherein said credential information is an extended enterprise password comprising said object ID and an enterprise password provided by said user.
  - 32. The computer-implemented method of claim 29, further comprising having said one or more applications verify said dynamically generated single-use password at said object verifier when said one or more applications receives said dynamically generated single-use password for authentication.
  - 33. The computer-implemented method of claim 1, further comprising:
    - sending credential information to an object verifier for authentication;
      
      generating a dynamically generated single-use password for accessing one or more applications of said plurality of applications upon successful authentication at said object verifier; and
      
      using said dynamically generated single-use password for accessing said one or more applications.
  - 34. The method of claim 33 wherein said credential information is said object ID.
  - 35. The method of claim 33 wherein said credential information is an extended enterprise password comprising said object ID and an enterprise password provided by said user.
  - 36. The computer-implemented method of claim 1, further comprising:
    - sending credential information comprising said object ID to an object verifier for authentication;
      
      upon authentication, receiving from said object verifier user profile information of said user; and
      
      using said user profile information for dynamically generating passwords for accessing said plurality of applications.

37. A method for allowing secure access of a plurality of applications by a user, the method comprising:
- selecting a personal object belonging to said user, wherein said personal object is already in use by said user for purposes other than said secure access;
  
  electronically reading an electronic object ID of said personal object; and
  
  using said electronic object ID to access one or more of said plurality of applications.

38. An authentication system for authenticating a user who wishes to access a plurality of enterprise applications, said authentication system comprising an object ID reader for reading an object ID, wherein said object ID is associated with a personal object belonging to said user and wherein said personal object is already in use by said user for purposes other than accessing said plurality of enterprise applications, an agent for communicating said object ID to one or more of:
- an application server associated with said plurality of enterprise applications, and an object verifier.
- View Dependent Claims (39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66)
- - 39. The authentication system of claim 38, wherein said agent interfaces with said object ID reader to obtain said object ID.
  - 40. The authentication system of claim 38, wherein said object ID reader is implemented as a combination of software and hardware.
  - 41. The authentication system of claim 38, wherein said object ID reader is implemented in software.
  - 42. The authentication system of claim 38, wherein said object ID reader is implemented in hardware.
  - 43. The authentication system of claim 38, wherein said agent is implemented as a combination of software and hardware.
  - 44. The authentication system of claim 38, wherein said agent is a software implementation.
  - 45. The authentication system of claim 38, wherein said agent is a hardware implementation.
  - 46. The authentication system of claim 38, wherein said agent is adapted for electronically injecting said object ID as a password as a response to a query for said password for accessing said plurality of enterprise applications.
  - 47. The authentication system of claim 38, wherein said agent is adapted for sending said object ID to a credential directory for verification as a password for accessing said plurality of enterprise applications.
  - 48. The authentication system of claim 38, wherein said agent is adapted for sending said object ID to said object verifier for verification as a password for accessing said plurality of enterprise applications.
  - 49. The authentication system of claim 38, wherein said agent is adapted for querying said user for an application password and appending said object ID to said application password to form an extended application password for accessing said plurality of enterprise applications.
  - 50. The authentication system of claim 49, wherein said agent is adapted for sending said extended application password to a credential directory for verification as a password for accessing said plurality of enterprise applications.
  - 51. The authentication system of claim 49, wherein said agent is adapted for sending said extended application password to said object verifier for verification as a password for accessing said plurality of enterprise applications.
  - 52. The authentication system of claim 38, wherein said agent is adapted for querying said user for an enterprise password and appending said object ID to said enterprise password to form an extended enterprise password.
  - 53. The authentication system of claim 38, wherein said agent is adapted for:
    - sending credential information to said object verifier for authentication;
      
      upon successful authentication by said object verifier then receiving from said object verifier application passwords corresponding to one or more applications of said plurality of enterprise applications; and
      
      using said received application passwords from said object verifier to access said one or more applications.
  - 54. The method of claim 38 wherein said credential information is said object ID.
  - 55. The method of claim 38 wherein said credential information is an extended enterprise password comprising said object ID and an enterprise password provided by said user.
  - 56. The authentication system of claim 38, wherein said agent is adapted for:
    - sending credential information comprising said object ID to said object verifier for authentication;
      
      upon authentication, receiving from said object verifier user profile information of said user; and
      
      using said user profile information for dynamically generating passwords for accessing said plurality of enterprise applications.
  - 57. The authentication system of claim 38, wherein said personal object is any personal object from a set of personal objects comprising:
    - a watch;
      
      a driver license;
      
      a keychain;
      
      a wallet;
      
      a credit card;
      
      a bank card;
      
      a piece of jewelry;
      
      a thumb drive;
      
      a PDA;
      
      a mobile phone; and
      
      a handheld device.
  - 58. The authentication system of claim 38, wherein said object ID is an embedded ID.
  - 59. The authentication system of claim 38, wherein said object ID is an embedded device serial number.
  - 60. The authentication system of claim 38, wherein said object ID is a universal product code (UPC) bar code.
  - 61. The authentication system of claim 38, wherein said object ID is an optical character recognition code.
  - 62. The authentication system of claim 38, wherein said object ID is an RFID-based electronic product code (EPC).
  - 63. The authentication system of claim 60, wherein said UPC bar code is a linear UPC code.
  - 64. The authentication system of claim 60, wherein said UPC bar code is a two-dimensional UPC code.
  - 65. The authentication system of claim 60, wherein said UPC bar code is a composite UPC code.
  - 66. The authentication system of claim 60, wherein said UPC bar code is a matrix UPC code.

67. An authentication system, the authentication system comprising:
- means for reading an object ID for accessing one or more applications in at least one enterprise application system;
  
  means for employing said object ID in formulating authentication credentials for accessing said one or more applications;
  
  means for interfacing with said at least one enterprise application system for purposes of accessing said at least one or more enterprise applications; and
  
  means for remotely verifying said authentication credentials, if verification is desired.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Chua, Teck Joo, Sweeley, Bryan, Koh, Eng-Kiat

Granted Patent

US 8,621,560 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/2
CPC Class Codes

G07C 9/28 the pass enabling tracking ...

H04W 12/068 using credential vaults, e....

User authentication using personal objects

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

33 Citations

67 Claims

Specification

Use Cases

Quick Links

Others

User authentication using personal objects

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

33 Citations

67 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others