Trust inheritance in network authentication
First Claim
1. A computer implemented method for preventing phishing scams so that a user is able to authenticate electronic services through an untrusted electronic terminal, said user being associated with a username and a trusted personal entity, said method comprising the steps of:
- (a) said user providing said username to an authentication interface;
(b) sending said username to at least one validation entity;
(c) identifying said username as an authentication request at said validation entity by an authentication application;
(d) looking up with said username in said validation entity whether said username is already registered in said validation entity;
i. if said username is registered with said validation entity, retrieving a unique identifier of said trusted personal entity associated with said user and generating a one time password, and sending said password to said trusted personal entity using said unique identifier;
ii. if said username is not registered with said validation entity, said authentication application rejecting the authentication attempt;
(e) said user, after retrieving said password from said trusted personal entity, providing said unique identifier and said password to said authentication interface, whereby an application permits access to electronic services through said untrusted electronic terminal and said application recording said electronic services to an account associated with said unique identifier,wherein identifying said username is performed by a processor functionally associated with the computer, and wherein the processor identifies by executing computer-readable instructions embedded on a computer readable storage medium.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method for providing ad hoc controlled user access to wireless and wireline IP communication networks while maintaining privacy for users and traceability for network providers. The method includes an authentication interface accepting user credentials, and a validation entity for credential verification and access authorization. The credentials include a unique identifier and a system generated password. The unique identifier is associated with a personal entity of the user such as a cellular telephone. The password is transmitted to the user through a SMS message to his cellular telephone. The user'"'"'s Internet session is monitored by the system and all records are indexed by his cellular telephone number. The system and method therefore permit fast and traceable access for guest users at networks where they are were not previously known. Alternatively, users do not provide their unique identifiers such as cellular telephone numbers which are instead already stored in the system. A user provides a username and a one time password is generated by the system and sent to the user by SMS. This enables the system to validate the user'"'"'s identity as well as the user to validate the Internet resources'"'"' identity.
-
Citations
70 Claims
-
1. A computer implemented method for preventing phishing scams so that a user is able to authenticate electronic services through an untrusted electronic terminal, said user being associated with a username and a trusted personal entity, said method comprising the steps of:
-
(a) said user providing said username to an authentication interface; (b) sending said username to at least one validation entity; (c) identifying said username as an authentication request at said validation entity by an authentication application; (d) looking up with said username in said validation entity whether said username is already registered in said validation entity; i. if said username is registered with said validation entity, retrieving a unique identifier of said trusted personal entity associated with said user and generating a one time password, and sending said password to said trusted personal entity using said unique identifier; ii. if said username is not registered with said validation entity, said authentication application rejecting the authentication attempt; (e) said user, after retrieving said password from said trusted personal entity, providing said unique identifier and said password to said authentication interface, whereby an application permits access to electronic services through said untrusted electronic terminal and said application recording said electronic services to an account associated with said unique identifier, wherein identifying said username is performed by a processor functionally associated with the computer, and wherein the processor identifies by executing computer-readable instructions embedded on a computer readable storage medium. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
-
29. A computer implemented system for preventing phishing scams so that a user is able to authenticate electronic services through an untrusted electronic terminal, said user being associated with a username and a trusted personal entity, said personal entity having a unique identifier, said system comprising:
-
(a) an authentication interface, said authentication interface being adapted to receive said username and to send said username to at least one validation entity; (b) said validation entity being adapted to retrieve said unique identifier of said trusted personal entity associated with said user and generate a one time password and said validation entity being adapted to send said password to said trusted personal entity using said unique identifier (c) whereby said authentication interface is further adapted to receive said unique identifier and said password and to enable access to said electronic services through said untrusted electronic terminal upon confirmation, wherein the system utilizes a processor of the computer to perform said generation step, and wherein utilizing the processor comprises utilizing the processor to perform the generation step by executing computer-readable instructions on a computer-readable storage medium. - View Dependent Claims (30, 31, 32, 33, 34, 35)
-
-
36. A computer implemented method of performing virus and spyware checks upon authentication of a user attempting to access electronic services through an untrusted electronic terminal said method comprising the steps of:
-
(a) said user accessing an authentication interface through said untrusted electronic terminal and inputting a username associated with said user; (b) sending said username to at least one validation entity; (c) identifying said username as an authentication request at said validation entity; (d) said validation entity prompting said user to accept said virus and spyware checks in said untrusted electronic terminal; (e) said validation entity performing said virus and spyware checks upon acceptance of said user; (f) said validation entity verifying results of said virus and spyware checks and; i. if said results do not indicate the presence of virus or spyware in said untrusted electronic terminal, looking up with said username a unique identifier of a trusted personal entity associated with said user, generating a random confirmation code, and sending said code to said user using said unique identifier of said trusted personal entity; ii. if results indicate the presence of virus or spyware in said untrusted electronic terminal, rejecting the authentication attempt; (g) said user, after retrieving said code from said trusted personal entity, providing said unique identifier and said code to said authentication interface, whereby an application permits access to electronic services through said untrusted electronic terminals, wherein identifying comprises utilizing a processor functionally associated with a computer, and wherein the processor identifies by executing computer-readable instructions embedded on a computer-readable medium. - View Dependent Claims (37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63)
-
-
64. A computer implemented system for performing virus and spyware checks upon authentication of a user attempting to access electronic services through an untrusted electronic terminal, said user being associated with a username, said system comprising:
-
(a) an authentication interface, said authentication interface being adapted to receive said username and to send said username to at least one validation entity; (b) said validation entity being adapted to receive said username and prompt said user to accept said virus and spyware checks in said untrusted electronic terminal; (c) said validation entity being adapted to perform said virus and spyware checks upon acceptance of said user; (d) said validation entity being adapted to verify results of said virus and spyware checks and; i. if said results do not indicate the presence of virus or spyware in said untrusted electronic terminal, said validation entity being adapted to look up with said username a unique identifier of a trusted personal entity associated with said user, generating a random confirmation code, and sending said code to said user using said unique identifier of said trusted personal entity; ii. if results indicate the presence of virus or spyware in said untrusted electronic terminal, said validation entity being adapted to reject the authentication attempt; (e) whereby said authentication interface is further adapted to receive said unique identifier and said code and to enable access to said electronic services through said electronic terminal upon confirmation, wherein the computer implemented system utilizes a processor of a computer to perform said verify step, and wherein utilizing the processor comprises utilizing the processor to perform the verify step by executing computer-readable instructions on a computer-readable storage medium. - View Dependent Claims (65, 66, 67, 68, 69, 70)
-
Specification