Authentication system and method

US 20110314524A9
Filed: 05/11/2009
Published: 12/22/2011
Est. Priority Date: 10/30/2006
Status: Active Grant

First Claim

Patent Images

1. An authentication system for authenticating a user, the system comprising:

one or more participant terminals operable to act as a client on a network;

a computer operable to act as a server on the network and to communicate with each of the participant terminals over the network, the computer comprising;

a memory configured to store a set of instructions; and

a processor configured to execute the set of instructions, wherein the set of instructions cause the processor to;

receive user login information from at least one participant terminal, wherein the user login information corresponds to a user profile;

generate an authentication data set comprising;

a plurality of decoy data;

an anchor data, wherein the anchor data is based on information from the user profile; and

at least one target data in a predetermined relationship relative to the anchor data, wherein the predetermined relationship is based on information from the user profile;

generate a decoy data set comprising;

a plurality of second decoy data; and

at least one anchor data, wherein the anchor data is based on information from the user profile;

display the authentication data set and decoy data set at at least one terminal;

determine an authentication result by performing a predetermined manipulation of the at least one target data, wherein the predetermined manipulation is based on information from the user profile;

receive a user response to an authentication prompt; and

compare the authentication result and the user response and authenticating the user if the authentication result and user response are the same.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An authentication system includes one or more terminals in communication with a server on a network. The server is operable to receive user login information; and generate an authentication data set having: a plurality of decoy data; an anchor data, wherein the anchor data is based on information from a user profile; and target data in a predetermined relationship relative to the anchor data. The server is also operable to generate a decoy data set having: a plurality of second decoy data; and at least one anchor data. The server may then display the authentication data set and decoy data set and determine an authentication result by performing a predetermined manipulation of the target data. The server may receive a user response to an authentication prompt; and authenticate the user if the authentication result and user response are the same.

19 Citations

View as Search Results

20 Claims

1. An authentication system for authenticating a user, the system comprising:
- one or more participant terminals operable to act as a client on a network;
  
  a computer operable to act as a server on the network and to communicate with each of the participant terminals over the network, the computer comprising;
  
  a memory configured to store a set of instructions; and
  
  a processor configured to execute the set of instructions, wherein the set of instructions cause the processor to;
  
  receive user login information from at least one participant terminal, wherein the user login information corresponds to a user profile;
  
  generate an authentication data set comprising;
  
  a plurality of decoy data;
  
  an anchor data, wherein the anchor data is based on information from the user profile; and
  
  at least one target data in a predetermined relationship relative to the anchor data, wherein the predetermined relationship is based on information from the user profile;
  
  generate a decoy data set comprising;
  
  a plurality of second decoy data; and
  
  at least one anchor data, wherein the anchor data is based on information from the user profile;
  
  display the authentication data set and decoy data set at at least one terminal;
  
  determine an authentication result by performing a predetermined manipulation of the at least one target data, wherein the predetermined manipulation is based on information from the user profile;
  
  receive a user response to an authentication prompt; and
  
  compare the authentication result and the user response and authenticating the user if the authentication result and user response are the same.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The authentication system of claim 1 wherein the authentication data set comprises at least two target data.
  - 3. The authentication system of claim 2 wherein the predetermined manipulation includes transposing the at least two target data.
  - 4. The authentication system of claim 1 wherein the predetermined manipulation is a mathematical function.
  - 5. The authentication system of claim 1 wherein at least a portion of the decoy data are alphanumeric characters.
  - 6. The authentication system of claim 1 wherein at least one target data is an alphanumeric character.
  - 7. The authentication system of claim 1 wherein the predetermined determined relationship of the at least one target data relative to the anchor data is adjacent to the anchor data.
  - 8. The authentication system of claim 1 wherein the instructions further cause the processor to embed the authentication data set in a digital image.
  - 9. The authentication system of claim 1 wherein the instructions cause the processor to indicate for the user which data set is the authentication data set.
  - 10. The authentication system of claim 9 wherein the authentication data set is displayed in a predetermined color, wherein the predetermined color is based on information from the user profile.
  - 11. The authentication system of claim 10 wherein the decoy data set is displayed in a predetermined decoy color, wherein the predetermined decoy color is based on information from the user profile.
  - 12. The authentication system of claim 1 wherein the set of instructions further cause the processor to:
    - generate an authentication query set comprising;
      
      a plurality of predetermined decoy queries, wherein each of the predetermined decoy queries is based on information from the user profile; and
      
      at least one predetermined target query, wherein each target query is from the user profile;
      
      display the authentication query set at at least one terminal;
      
      determine an authentication result by retrieving a correct response to each target query from the user profile;
      
      receive a user response to an authentication prompt; and
      
      compare the authentication result and the user response and authenticating the user if the authentication result and user response are the same.
  - 13. The authentication system of claim 10 wherein the decoy queries and target query are displayed in random relationship relative to one another.
  - 14. The authentication system of claim 10 wherein the instructions further cause the processor to embed the authentication query set in a digital image.

15. An authentication system for authenticating a user generated event, the system comprising:
- one or more participant terminals operable to act as a client on a network;
  
  a computer operable to act as a server on the network and to communicate with each of the participant terminals over the network, the computer comprising;
  
  a memory configured to store a set of instructions; and
  
  a processor configured to execute the set of instructions, wherein the set of instructions cause the processor to;
  
  generate an event confirmation data set in response to a user generated event, the event confirmation data set comprising;
  
  a plurality of decoy data; and
  
  at least one target data directly related to the event;
  
  display the confirmation data set at at least one terminal;
  
  determine an authentication result by performing a predetermined manipulation of the at least one target data, wherein the predetermined manipulation is based on information from a user profile;
  
  receive a user response to an authentication prompt; and
  
  compare the authentication result and the user response and authenticating the event if the authentication result and user response are the same.
- View Dependent Claims (16, 17, 18, 19)
- - 16. The authentication system of claim 15 wherein the event confirmation data set comprises at least two target data.
  - 17. The authentication system of claim 16 wherein the predetermined manipulation includes transposing the at least two target data.
  - 18. The authentication system of claim 15 wherein the predetermined manipulation is a mathematical function.
  - 19. The authentication system of claim 15 wherein the instructions further cause the processor to embed the event confirmation data set in a digital image.

20. A computer program product, comprising a computer usable medium having a computer readable program code embodied therein, said computer readable program code adapted to be executed to implement a method for authenticating a user, said method comprising:
- receiving user login information, wherein the user login information corresponds to a user profile;
  
  generating an authentication data set comprising;
  
  a plurality of decoy data;
  
  an anchor data, wherein the anchor data is based on information from the user profile; and
  
  at least one target data in a predetermined relationship relative to the anchor data, wherein the predetermined relationship is based on information from the user profile;
  
  generating a decoy data set comprising;
  
  a plurality of second decoy data; and
  
  at least one anchor data, wherein the anchor data is based on information from the user profile;
  
  displaying the authentication data set and decoy data set for the user;
  
  determining an authentication result by performing a predetermined manipulation of the at least one target data, wherein the predetermined manipulation is based on information from the user profile;
  
  receiving a user response to an authentication prompt; and
  
  comparing the authentication result and the user response and authenticating the user if the authentication result and user response are the same.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Truesigna Systems Incorporated
Original Assignee
Truesigna Systems Incorporated
Inventors
Chiruvolu, Girish

Granted Patent

US 8,327,420 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/5
CPC Class Codes

G06F 21/31   User authentication

G06F 21/36   by graphic or iconic repres...

G06F 2221/2103   Challenge-response

Authentication system and method

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

19 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication system and method

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

19 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links