APPARATUS SYSTEM AND METHOD FOR VALIDATING USERS BASED ON FUZZY LOGIC

US 20090089876A1
Filed: 09/28/2007
Published: 04/02/2009
Est. Priority Date: 09/28/2007
Status: Abandoned Application

First Claim

Patent Images

1. An apparatus comprising:

a user interface module configured to provide a plurality of security questions to a user, the plurality of security questions comprising at least one limited response question;

the user interface module further configured to receive a plurality of answers from the user corresponding to the plurality of security questions;

a scoring module configured to compute a similarity score between each answer and a corresponding known correct answer, wherein at least one similarity score is a fuzzy similarity score; and

an access control module configured to reject user access if the similarity score is below a similarity threshold.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus, system, and method are disclosed for validating users based on fuzzy logic. An interface with security questions is presented to a user who requires authentication. A typical scenario is authentication for password recovery. The interface comprises security questions for the user to answer. The security questions may be limited or unlimited response questions. The answers to the security questions are either scored using fuzzy logic, which may attribute a value between “1” and “0” based on similarity with the original, correct answer; or scored using digital logic. When fuzzy logic scoring is used, a similarity score is computed for each answer. The similarity score is compared against a similarity score threshold to either grant or deny access. An average similarity score is also computed for all answers and compared against an average similarity score threshold to either grant or deny access.

Citations

20 Claims

1. An apparatus comprising:
- a user interface module configured to provide a plurality of security questions to a user, the plurality of security questions comprising at least one limited response question;
  
  the user interface module further configured to receive a plurality of answers from the user corresponding to the plurality of security questions;
  
  a scoring module configured to compute a similarity score between each answer and a corresponding known correct answer, wherein at least one similarity score is a fuzzy similarity score; and
  
  an access control module configured to reject user access if the similarity score is below a similarity threshold.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The apparatus of claim 1, wherein the scoring module is further configured to compute an average similarity score for the plurality of answers and reject user access if the average similarity score is below an average similarity threshold.
  - 3. The apparatus of claim 1, wherein the user interface module is further configured to prompt a user to supply the known correct answers for the plurality of security questions.
  - 4. The apparatus of claim 1, wherein at least one security score is a digital security score.
  - 5. The apparatus of claim 1, wherein each limited response question has less than one hundred legitimate responses.
  - 6. The apparatus of claim 1, wherein the user interface module is further configured to provide the user with each legitimate response for a limited response question.

7. A system comprising:
- a network interface configured to facilitate communications with a user;
  
  an authentication module configured to;
  
  provide a plurality of security questions to the user, the plurality of security questions comprising at least one limited response question;
  
  receive a plurality of answers from the user corresponding to the plurality of security questions;
  
  compute a similarity score between each answer and a corresponding known correct answer, wherein at least one similarity score is a fuzzy similarity score; and
  
  reject user access if the similarity score is below a similarity threshold.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The system of claim 7, wherein the authentication module is further configured to compute an average similarity score for the plurality of answers and reject user access if the average similarity score is below an average similarity threshold.
  - 9. The system of claim 7, wherein the authentication module is further configured to prompt a user to supply the known correct answers for the plurality of security questions.
  - 10. The system of claim 7, wherein at least one security score is a digital security score.
  - 11. The system of claim 7, wherein each limited response question has less than one hundred legitimate responses.
  - 12. The system of claim 7, further comprising a display interface, a storage interface, and an operating system.

13. A computer readable medium tangibly embodying a program of machine-readable instructions executable by a digital processing apparatus to perform operations comprising:
- providing a plurality of security questions to a user, the plurality of security questions comprising at least one limited response question;
  
  receiving a plurality of answers from the user corresponding to the plurality of security questions;
  
  computing a similarity score between each answer and a corresponding known correct answer, wherein at least one similarity score is a fuzzy similarity score;
  
  rejecting user access if the similarity score is below a similarity threshold;
  
  computing an average similarity score for the plurality of answers;
  
  rejecting user access if the average similarity score is below an average similarity threshold.
- View Dependent Claims (14)
- - 14. The computer readable medium of claim 13, wherein the operations further comprise providing the user with each possible response for a limited response question.

15. A method comprising:
- providing a plurality of security questions to a user, the plurality of security questions comprising at least one limited response question;
  
  receiving a plurality of answers from the user corresponding to the plurality of security questions;
  
  computing a similarity score between each answer and a corresponding known correct answer, wherein at least one similarity score is a fuzzy similarity score; and
  
  rejecting user access if the similarity score is below a similarity threshold.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method of claim 15, further comprising computing an average similarity score for the plurality of answers and rejecting user access if the average similarity score is below an average similarity threshold.
  - 17. The method of claim 15, further comprising prompting a user to supply the known correct answer for the plurality of security questions.
  - 18. The method of claim 15, wherein at least one security score is a digital security score.
  - 19. The method of claim 15, wherein each limited response question has less than one hundred legitimate responses.
  - 20. The method of claim 15, further comprising providing the user with each legitimate response for a limited response question.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lenovo Singapore Pte Limited (Lenovo Group Ltd.)
Original Assignee
Lenovo Singapore Pte Limited (Lenovo Group Ltd.)
Inventors
Stewart, Aaron Michael, Neil Ganey, Harriss Christopher, Finamore, Jamie Lynn

Application Number

US11/864,077
Publication Number

US 20090089876A1
Time in Patent Office

Days
Field of Search
US Class Current

726/21
CPC Class Codes

G06F 21/40   by quorum, i.e. whereby two...

G06F 2221/2103   Challenge-response

G06F 2221/2131   Lost password, e.g. recover...

APPARATUS SYSTEM AND METHOD FOR VALIDATING USERS BASED ON FUZZY LOGIC

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

APPARATUS SYSTEM AND METHOD FOR VALIDATING USERS BASED ON FUZZY LOGIC

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links