Systems and Methods of User Authentication

US 20080016347A1
Filed: 11/02/2004
Published: 01/17/2008
Est. Priority Date: 11/02/2004
Status: Active Grant

First Claim

Patent Images

1. In a computer system, a method of authenticating an entity, the method comprising:

receiving at a computer a request for authentication;

transmitting an authentication code for reception by a stand-alone device;

receiving at the computer a password derived from the authentication code; and

authenticating an entity based on the password.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Various embodiments of the invention provide enhanced authentication solutions, including without limitation methods, systems and software programs for authenticating an entity and/or for facilitating such authentication. In accordance with certain embodiments, an entity (such as a user, a computer, etc.) attempts to authenticate in order to use a resource (such as a server, an application, etc.). Merely by way of example, the entity may provide a username or some other identifier to a computer responsible for authenticating the entity. In response, the authenticating computer may transmit a challenge, such as an authentication code. In particular embodiments, the challenge may be used to derive an authentication reply, which in turn may be used to derive and/or create a password (in one set of embodiments, the authentication reply itself may be the password). The derivation of the authentication reply may also require the user to provide some sort of identification, such as a personal information code (“PIC”), biometric verification, etc. The password then may be supplied to the authenticating computer, which can, in some cases, use the username and the password to authenticate the entity.

Citations

49 Claims

1. In a computer system, a method of authenticating an entity, the method comprising:
- receiving at a computer a request for authentication;
  
  transmitting an authentication code for reception by a stand-alone device;
  
  receiving at the computer a password derived from the authentication code; and
  
  authenticating an entity based on the password.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. A method of authenticating an entity as recited in claim 1, wherein the entity is a user.
  - 3. A method of authenticating an entity as recited in claim 1, wherein the entity is a computer.
  - 4. A method of authenticating an entity as recited in claim 1, wherein the entity is a software application.
  - 5. A method of authenticating an entity as recited in claim 1, the method further comprising:
    - generating the authentication code based on the request for authentication.
  - 6. A method of authenticating an entity as recited in claim 1, the method further comprising:
    - receiving the authentication code at the stand-alone device; and
      
      the stand-alone device deriving an authentication reply from the authentication code, wherein the password is derived from the authentication reply.
  - 7. A method of authenticating an entity as recited in claim 6, wherein the authentication reply is the password.
  - 8. A method of authenticating an entity as recited in claim 6, wherein the password comprises the authentication reply.
  - 9. A method of authenticating an entity as recited in claim 6, wherein the authentication code is received directly from the computer.
  - 10. A method of authenticating an entity as recited in claim 6, wherein the authentication code is received from a user.
  - 11. A method of authenticating an entity as recited in claim 10, wherein the request for authentication is received from a second computer.
  - 12. A method of authenticating an entity as recited in claim 11, wherein transmitting an authorization code for reception by a standalone device comprises:
    - transmitting the authorization code to the second computer; and
      
      providing the authorization code to the user.
  - 13. A method of authenticating an entity as recited in claim 1, wherein providing the authorization code to the user comprises displaying the authorization code on a display.
  - 14. A method of authenticating an entity as recited in claim 1, the method further comprising:
    - generating at the computer a model password based on the authentication code;
      
      wherein authenticating the entity comprises comparing the received password with the model password.
  - 15. A method of authenticating an entity as recited in claim 1, wherein the stand-alone device is a wireless telephone.
  - 16. A method of authenticating an entity as recited in claim 1, wherein the stand-alone device is a personal digital assistant.
  - 17. A method of authenticating an entity as recited in claim 1, wherein the stand-alone device is a personal computer.
  - 18. A method of authenticating an entity as recited in claim 1, wherein the stand-alone device is Java-enabled.

19. In a computer system, a method of authenticating an entity, the method comprising:
- receiving at a first computer a request for authentication from a second computer;
  
  based on the received request for authentication, transmitting an authentication code for reception by a stand-alone device;
  
  receiving from the second computer a password derived from the authentication code; and
  
  authenticating an entity based on the password.

20. In a computer system, a method of facilitating the authentication of an entity, the method comprising:
- receiving at a stand-alone device an authentication code, wherein the authentication code is based on a request for authentication;
  
  deriving from the authentication code an authentication reply; and
  
  providing the authentication reply to an entity, wherein the authentication reply is used to derive a password for authenticating the entity on a computer system.
- View Dependent Claims (21, 22, 23, 24)
- - 21. A method of facilitating the authentication of an entity as recited in claim 20, wherein deriving the authentication reply comprises:
    - receiving a personal information code from the entity;
      
      decrypting a user token;
      
      receiving an authentication code; and
      
      deriving the authentication reply with the user token.
  - 22. A method of facilitating the authentication of an entity as recited in claim 20, wherein deriving the authentication reply with the user token comprises:
    - combining the user token and the authentication code; and
      
      creating a hash value from the combined user token and authentication code;
  - 23. A method of facilitating the authentication of an entity as recited in claim 20, wherein deriving the authentication reply with the user token further comprises:
    - deriving a mask from the user token; and
      
      applying the mask to the hash value to create a masked hash value.
  - 24. A method of facilitating the authentication of an entity as recited in claim 20, wherein providing the authentication reply comprises displaying the authentication reply on a display screen.

25. In a computer system, a method of authenticating an entity, the method comprising:
- receiving at a computer a request for authentication;
  
  generating an authentication code related to the request for authentication;
  
  transmitting the authentication code for reception by a stand-alone device;
  
  receiving the authentication code with the stand-alone device;
  
  deriving at the stand-alone device an authentication reply from the authentication code;
  
  providing the authentication reply to an entity desiring authentication;
  
  receiving at the computer a password derived from the authentication reply; and
  
  authenticating an entity based on the password.

26. A system for authenticating a user, the system comprising:
- a computer comprising a processor and instructions executable by the processor to;
  
  receive a request for authentication; and
  
  transmit an authentication code related to the request for authentication; and
  
  a device configured to;
  
  receive the authentication code;
  
  derive an authentication reply from the authentication code; and
  
  provide the authentication reply to a user, such that the user may use the authentication reply to authenticate with the computer.
- View Dependent Claims (27, 28, 29, 30)
- - 27. A system for authenticating a user as recited in claim 26, wherein the device is a wireless telephone.
  - 28. A system for authenticating a user as recited in claim 26, wherein the device is configured to receive the authentication code via user input.
  - 29. A system for authenticating a user as recited in claim 26, wherein the device is in communication with the computer, and wherein the stand-alone device is configured to receive the authentication code directly from the computer.
  - 30. A system for authenticating a user as recited in claim 26, wherein the instructions are further executable by the processor to:
    - generate an authentication code related to the request for authentication.

31. A system for authenticating a user, the system comprising:
- a first computer comprising a processor and instructions executable by the processor to;
  
  receive a request for authentication;
  
  transmit an authentication code related to the request for authentication;
  
  receive a password related to the request for authentication; and
  
  authenticate a user;
  
  a device configured to;
  
  receive the authentication code;
  
  derive an authentication reply from the authentication code; and
  
  provide the authentication reply to a user; and
  
  a second computer in communication with the first computer, the second computer comprising a second processor and instructions executable by the second processor to;
  
  submit a request for authentication for reception by the first computer;
  
  accept from the user a password derived from the authentication reply; and
  
  submit the password for authentication by the first computer.
- View Dependent Claims (32, 33)
- - 32. A computer system for authenticating a user as recited in claim 31, wherein the device is in electrical communication with the first computer.
  - 33. A computer system for authenticating a user as recited in claim 31, wherein the device is in electrical communication with neither the first computer nor the second computer.

34. A computer system for authenticating a user, the system comprising:
- a processor; and
  
  instructions executable by the processor to;
  
  receive a request for authentication;
  
  transmit an authentication code related to the request for authentication;
  
  receive a password derived from the authentication code; and
  
  authenticate an entity based on the received password.

35. A device for facilitating the authentication of a user by a computer system, the device comprising:
- a processor; and
  
  instructions executable by the processor to;
  
  receive an authentication code;
  
  derive from the authentication code an authentication reply; and
  
  provide the authentication reply to a user, wherein a password derived from the authentication reply is used to authenticate the entity on a computer system.
- View Dependent Claims (36, 37, 38)
- - 36. A device for facilitating the authentication of a user by a computer system as recited in claim 35, wherein the authentication reply is the password.
  - 37. A device for facilitating the authentication of a user by a computer system as recited in claim 35, wherein the device is a wireless telephone.
  - 38. A device for facilitating the authentication of a user by a computer system as recited in claim 35, wherein the instructions to derive the authentication reply are embodied in a Java midlet.

39. A software program embodied on a computer readable medium, the software program comprising instructions executable by a computer to:
- receive a request for authentication;
  
  transmit an authentication code for reception by a stand-alone device;
  
  receive a password derived from the authentication code; and
  
  authenticate an entity based on the password.

40. A software application comprising:
- a first software component embodied on a first computer readable medium, the first software component comprising instructions executable by a first computer to;
  
  receive a request for authentication;
  
  transmit an authentication code for reception by a stand-alone device;
  
  receive a password derived from an authentication reply; and
  
  authenticate an entity based on the password; and
  
  a second software component embodied on a second computer readable medium, the second software component comprising instructions executable by a stand-alone device to;
  
  receive the authentication code;
  
  derive an authentication reply from the authentication code; and
  
  provide the authentication reply to an entity desiring authentication.
- View Dependent Claims (41, 42, 43, 44)
- - 41. A software application as recited in claim 40, wherein the first software component includes further instructions executable by the first processor to generate the authentication code.
  - 42. A software application as recited in claim 40, wherein the second software component is a Java midlet.
  - 43. A software application as recited in claim 40, the software application further comprising;
    - a third software component embodied on a third computer readable medium, the third software component comprising instructions executable by a second computer to;
      
      accept a password from the entity desiring authentication, wherein the password is derived from the authentication reply; and
      
      transmit the password for reception by the first computer.
  - 44. A software application as recited in claim 41, wherein the third software component comprises further instructions executable by the second computer to:
    - transmit a request for authentication for reception by the first computer.

45. A software program embodied on a computer readable medium, the software program comprising instructions executable by a stand-alone device to:
- receive an authentication code, wherein the authentication code is based on a request for authentication;
  
  derive from the authentication code an authentication reply; and
  
  provide the authentication reply to an entity, wherein the authentication reply is used to derive a password for authenticating the entity on a computer system.

46. A system for authenticating an entity, the system comprising. means for receiving a request for authentication;
- means for transmitting an authentication code for reception by a stand-alone device;
  
  means for receiving a password derived from the authentication code; and
  
  means for authenticating an entity based on the password.
- View Dependent Claims (47, 48)
- - 47. A system for authenticating an entity as recited in claim 46, the system further comprising:
    - means for generating the authentication code;
  - 48. A system for authenticating an entity as recited in claim 46, the system further comprising:
    - means for receiving the authentication code;
      
      means for deriving an authentication reply from the authentication code; and
      
      means for providing the authentication reply to an entity desiring authentication.

49. A device for facilitating the authentication of an entity, the device comprising:
- means for receiving an authentication code;
  
  means for deriving an authentication reply from the authentication code; and
  
  means for providing the authentication reply to an entity desiring authentication.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Sztenke, Maciej, Maj, Artur

Granted Patent

US 8,601,264 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/168
CPC Class Codes

G06F 21/34   involving the use of extern...

G06F 21/35   communicating wirelessly

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/80   Wireless

H04L 9/3226   using a predetermined code,...

H04L 9/3273   for mutual authentication n...

Systems and Methods of User Authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

49 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and Methods of User Authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

49 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links