Method of and apparatus for combining artificial intelligence (AI) concepts with event-driven security architectures and ideas

US 20100036783A1
Filed: 08/06/2008
Published: 02/11/2010
Est. Priority Date: 08/06/2008
Status: Active Grant

First Claim

Patent Images

1. A method of providing additional security to a user'"'"'s accessing of a secure information system, by password, ID and dynamic biometric inputting characteristics of the user, that comprises,incorporating an artificial intelligence (AI) architecture feature wherein highly personal questions are asked of the user that only the owner of the password and ID would be able to answer instantaneously from the subconscious mind, as distinguished from a user other than the owner who would require a finite response time;

establishing access-authorization confidence levels in accordance with such response times;

measuring the time for the user to commence responding to such personal questions; and

assigning a level of confidence for access in accordance with such measured response times.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

User authentication apparatus controlling access to systems, inputs owner'"'"'s login name and password and then extracts the owner'"'"'s timing vectors from keystroke characteristics with which the owner forms a training set. A semantic network uses multiple links to indicate that different pattern components of user'"'"'s behavioral access create different kinds of relationships and “symbolic representations”. A neural network is trained by using each of the owner'"'"'s timing vectors in the training set as an input. When a user inputs the owner'"'"'s login name and password, it'"'"'s checked and the user'"'"'s timing vector is extracted to type the user'"'"'s password if checked and demoted in confidence level if otherwise. The user'"'"'s timing vector is applied to neural network and difference between the input/output is compared with a predetermined threshold; and if the difference is greater than the threshold, is prohibited. Preferably this is aided by response time to personal questions.

Citations

21 Claims

1. A method of providing additional security to a user'"'"'s accessing of a secure information system, by password, ID and dynamic biometric inputting characteristics of the user, that comprises,incorporating an artificial intelligence (AI) architecture feature wherein highly personal questions are asked of the user that only the owner of the password and ID would be able to answer instantaneously from the subconscious mind, as distinguished from a user other than the owner who would require a finite response time;
- establishing access-authorization confidence levels in accordance with such response times;
  
  measuring the time for the user to commence responding to such personal questions; and
  
  assigning a level of confidence for access in accordance with such measured response times.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, wherein repeated questioning of the user on said personal questions is effected to attempt to promote the confidence level of access authorization.
  - 3. The method of claim 2, wherein the system uses neural networks to monitor the environment for weighting the network nodes, and an executable semantic network is used for monitoring the behavior of the user.
  - 4. The method of claim 3, wherein, once said system access has been given to the user, the activity of the user in the system is continually monitored to adjust the confidence level in security as determined by subsequent behavior of the user in the system.

5. Apparatus for providing additional security to a user'"'"'s accessing of a secure information system, by password, ID and dynamic biometric inputting characteristics of the user having, in combination,an artificial intelligence (AI) engine architecture wherein highly personal questions are generated and asked of the user that only the owner of the password and ID would be able to answer instantaneously from the subconscious mind, as distinguished from another user other than the owner who would require a finite response time for responding;
- an access-authorization confidence level list established in accordance with such response times;
  
  a timer for measuring the time for the user to commence responding to such personal questions; and
  
  a confidence level rater for assigning a level of confidence for access in accordance with such measured response times.
- View Dependent Claims (6, 7, 8)
- - 6. The apparatus of claim 5, wherein a feedback loop repeatedly questioning the user on said personal questions is effected to attempt to promote the confidence level of access authorization.
  - 7. The apparatus of claim 6, wherein the system uses a neural network to monitor the environment and weighting the network nodes and an executable semantic network for monitoring the behavior of the user.
  - 8. The apparatus of claim 7, where once said system access has been given to the user, the activity of the user in the system is continually monitored to adjust the confidence level in security as determined by subsequent behavior of the user in the system.

9. A user authentication method for use in controlling user access to a data information system having an input, that comprises,inputting at such input the owner'"'"'s log-in name and password;
- extracting the owner'"'"'s timing vectors from biometric inputting characteristics with which the owner repeatedly inputs the owner'"'"'s password to form a training set;
  
  setting up a semantic network using multiple links to indicate that different pattern components of a user'"'"'s behavioral access to the input create different kinds of symbolic representations rather than just simple connections or links;
  
  setting up neural network training by using each of the owner'"'"'s timing vectors in the training set as the input thereto;
  
  checking if the user'"'"'s password is identical to the owner'"'"'s password when a user thereafter inputs the owner'"'"'s log-in name and password;
  
  extracting the user'"'"'s timing vector from said user'"'"'s inputting characteristics to derive the user'"'"'s password if user-checking is affirmative;
  
  otherwise, demoting the user in confidence level for accessing the system;
  
  applying the user'"'"'s timing vector to the training neural network as an input;
  
  comparing the difference between such input and an output of the neural network with a predetermined threshold; and
  
  permitting user access to the system if the difference is not greater than such threshold, while demoting the confidence level or totally prohibiting access to the system, if otherwise.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The method claimed in claim 9, wherein artificial intelligence (AI) architecture features are added to the system wherein highly personal questions are asked of the user that only the owner of the password and ID would be able to answer instantaneously from the subconscious mind, as distinguished from another user other than the owner that who require a finite response time for responding;
    - establishing access authorization confidence levels in accordance with such response times;
      
      measuring the time for the user to commence responding to such personal questions; and
      
      assigning a level of confidence for access in accordance with such measured response times.
  - 11. The method of claim 10, wherein repeated questioning of the user on such personal questions is effected to attempt to promote the confidence level of access authorization.
  - 12. The method of claim 11, wherein the system uses a neural network to monitor the environment for weighting the network nodes and an executable semantic network for monitoring the behavior of the user.
  - 13. The method claim 10, wherein once said system access has been given to the user, the activity of the user in the system is continually monitored to adjust the confidence level in security as determined by subsequent behavior of the user in the system.

14. A user authentication method for use in controlling access to a computer system having a keyboard, that comprises,inputting at such keyboard the owner'"'"'s log-in name and password;
- extracting the owner'"'"'s timing vectors from keyboard stroke characteristics with which the owner repeatedly has typed the owner'"'"'s password to form a training set;
  
  setting up a semantic network using multiple links to indicate that different pattern components of a user'"'"'s behavioral access create different kinds of symbolic representations rather than just simple connections or links;
  
  setting up neural network training by using each of the owner'"'"'s timing vectors in the training set as input thereto;
  
  thereafter when a user inputs the owner'"'"'s log-in name and password, checking if the user'"'"'s password is identical to the owner'"'"'s password;
  
  extracting the user'"'"'s timing vector from a keystroke characteristic to type the user'"'"'s password if the checked result is affirmative;
  
  otherwise, demoting the user in confidence level for accessing the system;
  
  applying the user'"'"'s timing vector to the trained neural network as in input;
  
  comparing the difference between such input and an output of the neural network with a predetermined threshold; and
  
  permitting user access to the system if the difference is not greater than such threshold, while demoting the confidence level or prohibiting access to the system, if otherwise.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The method of claim 14 wherein there is further provided the step of monitoring the user'"'"'s response time to questions personal to the owner to adjust the setting of the confidence level.
  - 17. The method claimed in claim 14 wherein artificial intelligence architecture features are added to the system in which highly personal questions are asked of the user that only the owner of the password and ID would be able to answer instantaneously from the unconscious mind, as distinguished from another user other than the owner who would require a finite response time for responding;
    - establishing excess authorization confidence levels in accordance with such response times;
      
      measuring the time for the user to commence responding to such personal questions;
      
      and assigning a level of confidence for access in accordance with such measured response times.
  - 18. The method of claim 14 wherein repeated questioning of the user on such personal questions is effected to attempt to promote the confidence level of access authorization.
  - 19. The method of claim 14 wherein the system uses a neural network to monitor the environment for the weighted network nodes, and an executable semantic network for monitoring the behavior of the user.
  - 20. The method of claim 14 wherein once said system access has been given to the user, the activity of the user in the system is continually monitored to adjust the confidence level in security as determined by the subsequent behavior of the user in the system.
  - 21. The method of claim 20 wherein the continual monitoring is carried out by an activity monitoring database and a business process/work flow management rules entered.

15. A user authentication apparatus for use in controlling access to a data information system having an input, that comprises,an input device to log-in the owner'"'"'s name and password;
- an output extractor of the owner'"'"'s timing vectors from inputting characteristics with which the owner repeatedly has inputted the owner'"'"'s password to form a training set;
  
  a semantic network using multiple links to indicate that different pattern components of a user'"'"'s behavioral access to the input device create different kinds of symbolic representations rather than just simple connections or links;
  
  a neural network training set created by using each of the owner'"'"'s timing vectors in the training as the input thereto;
  
  a comparer for checking if the user'"'"'s password is identical to the owner'"'"'s password when a user thereafter inputs the owner'"'"'s log-in name and password;
  
  an extractor of the user'"'"'s timing vector from said user'"'"'s inputting characteristics to derive the user'"'"'s password if said checking is affirmative; and
  
  otherwise, demoting the user in confidence level for accessing the system;
  
  connections applying the user'"'"'s timing vector to the trained neural network as an input;
  
  a further comparator for comparing the difference between such input and an output of the neural network with a predetermined threshold; and
  
  means for permitting user access to the system if the difference is not greater than such threshold, while demoting the confidence level or totally prohibiting access to the system, if otherwise.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Delfigo Corp. (International Business Machines Corporation)
Original Assignee
Delfigo Corp. (International Business Machines Corporation)
Inventors
Rodriguez, Ralph A.

Granted Patent

US 8,583,574 B2
Time in Patent Office

Days
Field of Search
US Class Current

706/15
CPC Class Codes

G06F 21/316   by observing the pattern of...

H04L 2209/80   Wireless

H04L 9/3226   using a predetermined code,...

H04L 9/3231   Biological data, e.g. finge...

Method of and apparatus for combining artificial intelligence (AI) concepts with event-driven security architectures and ideas

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Method of and apparatus for combining artificial intelligence (AI) concepts with event-driven security architectures and ideas

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links