System and method for user authentication interface
First Claim
1. A graphical user interface for display by a data processing system, the data processing system including a display and one or more user input devices, comprising:
- a graphical input construct adapted for display to a user to support entry of a pattern, the pattern comprising a plurality of data fields having respective field contents, the field contents in at least one of the respective data fields comprising a set of storage units having more than one member, wherein said storage units represent one or more of alpha-numeric characters, images and colors;
said input construct including a plurality of graphical fields for user entry of said storage units for matching with corresponding data fields in the plurality of data fields of the pattern, in which upon entry by a user of one of said storage units in one of said plurality of graphical fields, a corresponding icon is displayed in the graphical field, and wherein at least one of the graphical fields is adapted for user entry of said set of storage units having more than one member; and
wherein said input construct comprises a graphical object indicating status of a login session, including a first state in which a user name has been indicated accepted by an authentication server, a second state in which a user authentication pattern has been indicated as accepted by the remote service, and at least one intermediate state between the first and second states, in which the data processing system is awaiting a reply from the authentication server.
2 Assignments
0 Petitions
Accused Products
Abstract
A graphical user interface supports an interactive client-server authentication based on Random Partial Pattern Recognition algorithm (RPPR). In RPPR, an ordered set of data fields is stored for a client to be authenticated in secure memory on the server side. A graphical user interface presents a clue generated at the server to the client, such positions in the ordered set of a random subset of data fields from the ordered set. The client enters input data in multiple fields of the interface according to the clue, and the server accepts the input data from the client. The input data includes storage units representing alpha-numeric characters, images and colors corresponding to the field contents for the data fields. The interface includes indicators for elapsed time and status of the authentication session.
-
Citations
33 Claims
-
1. A graphical user interface for display by a data processing system, the data processing system including a display and one or more user input devices, comprising:
-
a graphical input construct adapted for display to a user to support entry of a pattern, the pattern comprising a plurality of data fields having respective field contents, the field contents in at least one of the respective data fields comprising a set of storage units having more than one member, wherein said storage units represent one or more of alpha-numeric characters, images and colors; said input construct including a plurality of graphical fields for user entry of said storage units for matching with corresponding data fields in the plurality of data fields of the pattern, in which upon entry by a user of one of said storage units in one of said plurality of graphical fields, a corresponding icon is displayed in the graphical field, and wherein at least one of the graphical fields is adapted for user entry of said set of storage units having more than one member; and wherein said input construct comprises a graphical object indicating status of a login session, including a first state in which a user name has been indicated accepted by an authentication server, a second state in which a user authentication pattern has been indicated as accepted by the remote service, and at least one intermediate state between the first and second states, in which the data processing system is awaiting a reply from the authentication server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A graphical user interface supporting a login session by a user having a user name and a user authentication pattern for accessing protected network resources, the graphical user interface for display by a data processing system, the data processing system including a display and one or more user input devices, comprising:
-
a graphical input construct adapted for display to a user to support entry of the user name and said user authentication pattern, said user name and said user authentication pattern comprising respective data fields having field contents, the field contents in the data fields comprising a set of storage units, wherein said storage units represent one or more of alpha-numeric characters, images and colors; and said input construct including a graphical field including a first graphical window for user entry of storage units representing said user name and a second graphical window for user entry of storage units representing said user authentication pattern, in which upon entry by a user of one of said storage units, a corresponding icon is displayed, wherein said input construct comprises a graphical object indicating status of a login session, including a first state in which a user name has been indicated accepted by an authentication server, a second state in which a user authentication pattern has been indicated as accepted by the remote service, and at least one intermediate state between the first and second states, in which the data processing system is awaiting a reply from the authentication server. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A graphical user interface supporting a login session by a user having a user authentication pattern for access protected network resources, the graphical user interface for display by a data processing system, the data processing system including a display and one or more user input devices, comprising:
-
a graphical input construct adapted for display to a user to support entry of said user authentication pattern, said user authentication pattern including a random subset of data fields from an ordered set of data fields, said data fields in said random subset having respective field contents, the field contents in the data fields comprising a set of storage units having more than one member, wherein said storage units represent one or more of alpha-numeric characters, images and colors; said input construct including a graphical field including a plurality of graphical windows for user entry of said storage units representing respective data fields in said user authentication pattern, in which upon entry by a user of one of said storage units, a corresponding icon is displayed, and a field indicating a clue to a user indicating which fields in said ordered set comprise said random subset; and wherein at least one of the graphical fields is adapted for user entry of said set of storage units having more than one member, wherein said input construct comprises a graphical object indicating status of a login session, including a first state in which a user name has been indicated accepted by an authentication server, a second state in which a user authentication pattern has been indicated as accepted by the remote service, and at least one intermediate state between the first and second states, in which the data processing system is awaiting a reply from the authentication server. - View Dependent Claims (25, 26, 27, 28)
-
-
29. A method for interactive authentication of a user, comprising:
-
presenting a graphical use interface to the user, the graphical user interface prompting the user to enter a user authentication pattern comprising a random subset of data fields from an ordered set of data fields with data entry fields, each of the data fields in the random subset having field contents comprising a set of storage units having more than one member; presenting a clue in the graphical user interface to the user indicating which of data fields in the ordered set are included in the random subset; accepting user input of storage units in said data entry fields, the storage units representing more than one of alpha-numeric characters, images and colors; and displaying icons corresponding to the storage units input by the user in the data entry fields; and wherein said authentication method comprises a graphical object indicating status of a login session, including a first state in which a user name has been indicated accepted by an authentication server, a second state in which a user authentication pattern has been indicated as accepted by the remote service, and at least one intermediate state between the first and second states, in which the data processing system is awaiting a reply from the authentication server. - View Dependent Claims (30, 31, 32, 33)
-
Specification