Method of Authentication of Users in Data Processing Systems

US 20100275010A1
Filed: 10/30/2007
Published: 10/28/2010
Est. Priority Date: 10/30/2007
Status: Active Grant

First Claim

Patent Images

1. A method of authentication of users in a data processing system, the method comprising:

generating a “

Challenge”

univocally associated with a user to be authenticated;

processing the “

Challenge”

to generate an expected answer code, to be compared to an answer code that the user has to provide for authentication;

encoding the generated “

Challenge”

for obtaining an image displayable through a display device adapted to display the image to the user;

sending the image containing the “

Challenge”

to the user;

displaying to the user the image containing the “

Challenge”

through the display device;

through a user device provided with an image-capturing device, optically capturing the displayed image;

through the user device, processing the captured image for extracting from the captured image the “

Challenge”

, and subsequently processing the obtained “

Challenge”

for generating the answer code;

receiving the answer code from the user and comparing it to the expected answer code; and

in case of positive comparison, authenticating the user,wherein one among said actions of generating a “

Challenge” and

an expected answer code, and said action of processing the captured image to generate said answer code exploit a secret information univocally associated with the user.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of authentication of users in a data processing system is provided. The method includes a “Challenge” univocally associated with a user to be authenticated; processing the “Challenge” to generate an expected answer code, to be compared with an answer code that the user has to provide for authentication; encoding the generated “Challenge” for obtaining an image displayable through a display device; sending the image containing the “Challenge” to the user; displaying the image containing the “Challenge”; through a user device provided with an image-capturing device, optically capturing the displayed image; through the user device, processing the captured image for extracting from the captured image the “Challenge”, and subsequently processing the obtained “Challenge” for generating the answer code; receiving the answer code from the user and comparing it to the expected answer code; and, in case of positive comparison, authenticating the user. One among the actions of generating a “Challenge” and an expected answer code, and the action of processing the captured image that generates the answer code exploit secret information univocally associated with the user.

171 Citations

18 Claims

1. A method of authentication of users in a data processing system, the method comprising:
- generating a “
  
  Challenge”
  
  univocally associated with a user to be authenticated;
  
  processing the “
  
  Challenge”
  
  to generate an expected answer code, to be compared to an answer code that the user has to provide for authentication;
  
  encoding the generated “
  
  Challenge”
  
  for obtaining an image displayable through a display device adapted to display the image to the user;
  
  sending the image containing the “
  
  Challenge”
  
  to the user;
  
  displaying to the user the image containing the “
  
  Challenge”
  
  through the display device;
  
  through a user device provided with an image-capturing device, optically capturing the displayed image;
  
  through the user device, processing the captured image for extracting from the captured image the “
  
  Challenge”
  
  , and subsequently processing the obtained “
  
  Challenge”
  
  for generating the answer code;
  
  receiving the answer code from the user and comparing it to the expected answer code; and
  
  in case of positive comparison, authenticating the user,wherein one among said actions of generating a “
  
  Challenge” and
  
  an expected answer code, and said action of processing the captured image to generate said answer code exploit a secret information univocally associated with the user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1, wherein said generating an expected answer code includes associating with the expected answer code a time validity limit, and receiving the answer code from the user and comparing it with the expected answer code includes assessing if the answer code from the user is received within said time validity limit.
  - 3. The method of claim 1, wherein said generating the “
    - Challenge”
      
      comprises generating a substantially random sequence of bits.
  - 4. The method of claim 3, wherein said generating the “
    - Challenge”
      
      comprises encoding the substantially random sequence of bits into a first string of alphanumeric characters that univocally represents it.
  - 5. The method of claim 4, wherein said encoding the “
    - Challenge”
      
      comprises encoding the first string of alphanumeric characters, and encoding the encoded first string of alphanumeric characters to obtain the image displayable through the display device.
  - 6. The method of claim 5, wherein said generating the expected answer code includes encrypting the substantially random sequence of bits with said secret information or calculating a hash of the substantially random sequence of bits with said secret information.
  - 7. The method of claim 6, wherein said generating the expected answer code includes encoding the encrypted substantially random sequence of bits, or the hash of the substantially random sequence of bits, to obtain a second string of alphanumeric characters and storing the obtained string.
  - 8. The method of claim 7, wherein said processing the captured image for extracting from the captured image the “
    - Challenge” and
      
      generating the answer code includes;
      
      decoding the first string of alphanumeric characters to obtain the substantially random sequence of bits;
      
      encrypting the substantially random sequence of bits with said secret information to obtain a further encrypted substantially random sequence of bits, or calculating a hash of the substantially random sequence of bits with said secret information;
      
      encoding the further encrypted substantially random sequence of bits, or the hash of the substantially sequence random of bits, to obtain the second string of alphanumeric characters, said second string of alphanumeric characters constituting the answer code.
  - 9. The method of claim 3, wherein said generating the “
    - Challenge”
      
      comprises encrypting the substantially random sequence of bits with said secret information.
  - 10. The method of claim 9, wherein said generating the “
    - Challenge”
      
      comprises encoding the encrypted substantially random sequence of bits into a first string of alphanumeric characters, and encoding the first string of alphanumeric characters to obtain the image displayable through the display device.
  - 11. The method of claim 10, wherein said generating the expected answer code includes encoding the substantially random sequence of bits into a second string of alphanumeric characters and storing the obtained second string.
  - 12. The method of claim 11, wherein said processing the captured image for extracting from the captured image the “
    - Challenge” and
      
      generating the answer code includes;
      
      decoding the first string of alphanumeric characters to obtain the encrypted substantially random sequence of bits;
      
      decrypting the encrypted substantially random sequence of bits with said secret information to obtain the substantially random sequence of bits;
      
      encoding the substantially random sequence of bits to obtain the second string of alphanumeric characters, said second string of alphanumeric characters constituting the answer code.
  - 13. The method of claim 1, wherein said encoding the generated “
    - Challenge”
      
      for obtaining an image comprises generating a bidimensional barcode.
  - 14. The method of claim 1, wherein said authenticating the user includes to enable the user accessing, through a user data processing terminal connected to a data network, a service made available by a server connected to said network.
  - 15. The method of claim 1, wherein said encoding the generated “
    - Challenge”
      
      for obtaining an image comprises including in the image summary information adapted to identify a transaction performed by the user.
  - 16. The method of claim 1, wherein said sending the image containing the “
    - Challenge”
      
      to the user comprises including the image in an electronic mail message, and sending the electronic mail message to the user.
  - 17. The method of claim 16, wherein said authenticating the user includes allowing the user to display an electronic document attached to the electronic mail message.

18. A system for the authentication of users in a data processing system, the authentication system comprising:
- a) an authentication server, said authentication server being in used adapted to;
  
  generating a “
  
  Challenge”
  
  univocally associated with a user to be authenticated;
  
  processing the “
  
  Challenge”
  
  to generate an expected answer code, to be compared to an answer code that the user has to provide for his/her authentication;
  
  encoding the generated “
  
  Challenge”
  
  for obtaining an image;
  
  sending the image containing the “
  
  Challenge”
  
  to a data processing terminal of the user through a data network;
  
  wherein the user data processing terminal comprises a display device adapted to display to the user the image containing the “
  
  Challenge”
  
  ;
  
  b) a user device provided with an image-capturing device, adapted to optically capture the visualized image, the user device being adapted in use to process the captured image for extracting from the captured image the “
  
  Challenge” and
  
  to process the “
  
  Challenge”
  
  to generate an answer code to be compare to the expected answer code for the authentication of the user,wherein one among said actions of generating a “
  
  Challenge” and
  
  generating an expected answer code, and said action of processing the captured image to generate the answer code exploits secret information univocally associated with the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Telecom Italia S.p.A.
Original Assignee
Telecom Italia S.p.A.
Inventors
Ghirardi, Maurizio

Granted Patent

US 8,407,463 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/155
CPC Class Codes

G06F 21/35   communicating wirelessly

G06F 21/36   by graphic or iconic repres...

G06F 2221/2103   Challenge-response

H04L 63/0838   using one-time-passwords

H04L 63/0853   using an additional device,...

H04W 12/77   Graphical identity

Method of Authentication of Users in Data Processing Systems

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

171 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Method of Authentication of Users in Data Processing Systems

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

171 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links