APPARATUS SYSTEM AND METHOD FOR VALIDATING USERS BASED ON FUZZY LOGIC
First Claim
1. An apparatus comprising:
- a user interface module configured to provide a plurality of security questions to a user, the plurality of security questions comprising at least one limited response question;
the user interface module further configured to receive a plurality of answers from the user corresponding to the plurality of security questions;
a scoring module configured to compute a similarity score between each answer and a corresponding known correct answer, wherein at least one similarity score is a fuzzy similarity score; and
an access control module configured to reject user access if the similarity score is below a similarity threshold.
1 Assignment
0 Petitions
Accused Products
Abstract
An apparatus, system, and method are disclosed for validating users based on fuzzy logic. An interface with security questions is presented to a user who requires authentication. A typical scenario is authentication for password recovery. The interface comprises security questions for the user to answer. The security questions may be limited or unlimited response questions. The answers to the security questions are either scored using fuzzy logic, which may attribute a value between “1” and “0” based on similarity with the original, correct answer; or scored using digital logic. When fuzzy logic scoring is used, a similarity score is computed for each answer. The similarity score is compared against a similarity score threshold to either grant or deny access. An average similarity score is also computed for all answers and compared against an average similarity score threshold to either grant or deny access.
-
Citations
20 Claims
-
1. An apparatus comprising:
-
a user interface module configured to provide a plurality of security questions to a user, the plurality of security questions comprising at least one limited response question; the user interface module further configured to receive a plurality of answers from the user corresponding to the plurality of security questions; a scoring module configured to compute a similarity score between each answer and a corresponding known correct answer, wherein at least one similarity score is a fuzzy similarity score; and an access control module configured to reject user access if the similarity score is below a similarity threshold. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system comprising:
-
a network interface configured to facilitate communications with a user; an authentication module configured to; provide a plurality of security questions to the user, the plurality of security questions comprising at least one limited response question; receive a plurality of answers from the user corresponding to the plurality of security questions; compute a similarity score between each answer and a corresponding known correct answer, wherein at least one similarity score is a fuzzy similarity score; and reject user access if the similarity score is below a similarity threshold. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer readable medium tangibly embodying a program of machine-readable instructions executable by a digital processing apparatus to perform operations comprising:
-
providing a plurality of security questions to a user, the plurality of security questions comprising at least one limited response question; receiving a plurality of answers from the user corresponding to the plurality of security questions; computing a similarity score between each answer and a corresponding known correct answer, wherein at least one similarity score is a fuzzy similarity score; rejecting user access if the similarity score is below a similarity threshold; computing an average similarity score for the plurality of answers; rejecting user access if the average similarity score is below an average similarity threshold. - View Dependent Claims (14)
-
-
15. A method comprising:
-
providing a plurality of security questions to a user, the plurality of security questions comprising at least one limited response question; receiving a plurality of answers from the user corresponding to the plurality of security questions; computing a similarity score between each answer and a corresponding known correct answer, wherein at least one similarity score is a fuzzy similarity score; and rejecting user access if the similarity score is below a similarity threshold. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification