System and method for confidence based incremental access authentication

US 7,039,951 B1
Filed: 06/06/2000
Issued: 05/02/2006
Est. Priority Date: 06/06/2000
Status: Expired due to Term

First Claim

Patent Images

1. A computer implemented method for authenticating a user in a conversational system, comprising the steps of:

receiving an identity claim from a user upon commencement of a dialog session;

computing a confidence score using speech input from the user, wherein the confidence score is a measure of confidence in the validity of the identity claim; and

providing the user access to secured data having varying levels of security, wherein providing access comprises determining a level of secured data that may be accessed by the user based on the computed confidence score,wherein computing a confidence score comprises computing a confidence score upon occurrence of a predetermined event during the dialog session with the user to determine a current measure of confidence in the validity of the identity claim, and changing a level of secured data that may be accessed by the user during the dialog session, if necessary, according to the current measure of confidence in the validity of the identity claim.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for providing continuous confidence-based authentication. The present invention may be implemented in an incremental access authentication system for controlling access to secured data having various levels of security. During the course of a conversational session between user and machine, a confidence-based authentication system according to the present invention will periodically analyze the input speech of a user interacting with the system to compute a “confidence measure” for the validity of an original identity claim i provided by the user at the commencement of the dialog session. The “confidence measure” computation process according to the present invention is seamlessly integrated into the incremental access authentication system so that the system can tailor its interaction with the user based on its confidence in the original identity claim.

217 Citations

28 Claims

1. A computer implemented method for authenticating a user in a conversational system, comprising the steps of:
- receiving an identity claim from a user upon commencement of a dialog session;
  
  computing a confidence score using speech input from the user, wherein the confidence score is a measure of confidence in the validity of the identity claim; and
  
  providing the user access to secured data having varying levels of security, wherein providing access comprises determining a level of secured data that may be accessed by the user based on the computed confidence score,wherein computing a confidence score comprises computing a confidence score upon occurrence of a predetermined event during the dialog session with the user to determine a current measure of confidence in the validity of the identity claim, and changing a level of secured data that may be accessed by the user during the dialog session, if necessary, according to the current measure of confidence in the validity of the identity claim.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The computer implemented method of claim 1, further comprising the step of maintaining the confidence score as part of the system state.
  - 3. The computer implemented method of claim 1, further comprising the steps of:
    - partitioning the secured data into a plurality of data classes;
      
      assigning a security level to each of the data classes; and
      
      constructing an access map based on the security levels for accessing the secured data.
  - 4. The computer implemented method of claim 3, further comprising the steps of:
    - selecting a range of confidence scores;
      
      partitioning the range of confidence scores into a plurality of regions; and
      
      assigning each region to one of the security levels.
  - 5. The computer implemented method of claim 4, wherein the step of providing the user access to secured data based on the computed confidence score comprises the steps of:
    - determining a given region of the plurality of regions which comprises the computed confidence score;
      
      determining the security level assigned to the given region; and
      
      accessing secured data using the access map based on the security level assigned to the given region.
  - 6. The computer implemented method of claim 5, wherein the step of accessing secured data using the access map comprises the step of allowing access to secured data that is assigned to the security level of the given region and secured data assigned to at least one security level that is lower than the security level of the given region.
  - 7. The computer implemented method of claim 1, wherein the predetermined event comprises expiration of a predetermined time period during the dialog session.
  - 8. The computer implemented method of claim 1, wherein the predetermined event is a user query for accessing secured data.
  - 9. The computer implemented method of claim 1, wherein the confidence score is based on a linear function of statistical models that characterize the score under a plurality of conditions.
  - 10. The computer implemented method of claim 9, wherein the confidence score comprises one of (1) a first component for considering a single mode implementation and (2) the first component and a second component for considering a multi-modal implementation.
  - 11. The computer implemented method of claim 10, wherein the confidence score comprises a mixing factor for weighting the first and second component in a multi-modal implementation.

12. A program storage device readable by a machine, tangibly embodying a program of instructions executable by the machine to perform method steps for authenticating a user in a conversational system, the method comprising the steps of:
- receiving an identity claim from a user upon commencement of a dialog session;
  
  computing a confidence score using speech input from the user, wherein the confidence score is a measure of confidence in the validity of the identity claim; and
  
  providing the user access to secured data having varying levels of security, wherein providing access comprises determining a level of secured data that may be accessed by the user based on the computed confidence score,wherein computing a confidence score comprises computing a confidence score upon occurrence of a predetermined event during the dialog session with the user to determine a current measure of confidence in the validity of the identity claim, and changing a level of secured data that may be accessed by the user during the dialog session, if necessary, according to the current measure of confidence in the validity of the identity claim.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 13. The program storage device of claim 12, further comprising instructions for performing the step of maintaining the confidence score as part of the system state.
  - 14. The program storage device of claim 12, further comprising instructions for performing the steps of:
    - partitioning the secured data into a plurality of data classes;
      
      assigning a security level to each of the data classes; and
      
      constructing an access map based on the security levels for accessing the secured data.
  - 15. The program storage device of claim 14, further comprising instructions for performing the steps of:
    - selecting a range of confidence scores;
      
      partitioning the range of confidence scores into a plurality of regions; and
      
      assigning each region to one of the security levels.
  - 16. The program storage device of claim 15, wherein the instructions for performing the step of providing the user access to secured data based on the computed confidence score comprise instructions for performing the steps of:
    - determining a given region of the plurality of regions which comprises the computed confidence score;
      
      determining the security level assigned to the given region; and
      
      accessing secured data using the access map based on the security level assigned to the given region.
  - 17. The program storage device of claim 16, wherein the instructions for performing the step of accessing secured data using the access map comprise instructions for performing the step of allowing access to secured data that is assigned to the security level of the given region and secured data assigned to at least one security level that is lower than the security level of the given region.
  - 18. The program storage device of claim 12, wherein the predetermined event comprises expiration of a predetermined time period during the dialog session.
  - 19. The program storage device of claim 12, wherein the predetermined event is a user query for accessing secured data.
  - 20. The program storage device of claim 12, wherein the confidence score is based on a linear function of statistical models that characterize the score under a plurality of conditions.
  - 21. The program storage device of claim 20, wherein the confidence score comprises one of (1) a first component for considering a single mode implementation and (2) the first component and a second component for considering multi-modal implementation.
  - 22. The program storage device of claim 21, wherein the confidence score comprises a mixing factor for weighting the first and second component in a multi-modal implementation.

23. A computer system to control incremental access authentication to secured data, the computer systems comprising:
- a database that is partitioned into a plurality of data classes, wherein each data class is assigned a range of confidence scores based on a security level of the data class;
  
  a computation module that computes a confidence score using speech input from a user, wherein the confidence score is a measure of confidence in the validity of an identity claim input by the user upon commencement of a dialog session, wherein the computation module computes a confidence score upon occurrence of a predetermined event during the dialog session with the user to determine a current measure of confidence in the validity of the identity claim; and
  
  a dialog manager for controlling access to data in the database during the dialog session, wherein a level of access to the data classes is limited to a data class in which a current confidence score meets or exceeds a confidence score assigned to that data class, and wherein the level of access to the data classes can be changed during the dialog session, if necessary, according to the current measure of confidence in the validity of the identity claim.
- View Dependent Claims (24, 25, 26, 27, 28)
- - 24. The system of claim 23, further comprising an access map for mapping each data class with the corresponding range of confidence scores, wherein the access map is utilized by the dialog manager to provide access to data based on the current confidence score.
  - 25. The system of claim 23, further comprising means for maintaining the current confidence score as part of the system state.
  - 26. The system of claim 23, wherein the confidence score is based on a linear function of statistical models that characterize the score under a plurality of conditions.
  - 27. The system of claim 26, wherein the confidence score comprises one of (1) a first component for considering a single mode implementation and (2) the first component and a second component for considering a multi-modal implementation.
  - 28. The system of claim 27, wherein the confidence score comprises a mixing factor for weighting the first and second component in a multi-modal implementation.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nuance Communications, Inc. (Microsoft Corporation)
Original Assignee
International Business Machines Corporation
Inventors
Ramaswamy, Ganesh N., Chaudhari, Upendra V.
Primary Examiner(s)
REVAK, CHRISTOPHER A

Application Number

US09/588,521
Time in Patent Office

2,156 Days
Field of Search

713182-186, 713200-202, 713/155, 704/246, 379/88.02, 340/5.1, 340/5.82, 340/5.84, 340/5.52, 382/115
US Class Current

726/7
CPC Class Codes

G10L 17/06 Decision making techniques;...

System and method for confidence based incremental access authentication

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

217 Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for confidence based incremental access authentication

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

217 Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links