Prevention of unauthorized scripts
First Claim
1. A method of preventing automated access to a service provided by a server coupled to a data communication network, said method comprising:
- delivering a first test to a client coupled to the data communication network for rendering to a user in response to the user requesting access to the service via the client, said first test being a human interaction proof test;
delivering a second test to the client as an alternative to the first test, said second test being a human interaction proof test;
delivering a third test to the client as an alternative to the first and second tests, said third test including a computational puzzle to be solved by the client, said first, second, and third tests each having a different correct solution, at least one of said first, second, and third tests being elected by the user;
receiving, via the client, a response to the at least one of the tests elected by the user; and
granting access to the service via the client if the received response is the correct solution to the at least one of the tests elected by the user.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods and system of preventing unauthorized scripting. The invention includes providing one or more tests to a user for distinguishing the user from a machine when the user requests access to the server. By storing information on a correct solution to the test in a block of data and sending the block of data together with the test, the invention provides stateless operation. Moreover, maintaining a database of previously used correct responses prevents replay attacks. The invention also includes providing combinations of alternative tests, such as visually altered textual character strings, audible character strings, and computational puzzles. Other aspects of the invention are directed to computer-readable media for use with the methods and system.
-
Citations
60 Claims
-
1. A method of preventing automated access to a service provided by a server coupled to a data communication network, said method comprising:
-
delivering a first test to a client coupled to the data communication network for rendering to a user in response to the user requesting access to the service via the client, said first test being a human interaction proof test; delivering a second test to the client as an alternative to the first test, said second test being a human interaction proof test; delivering a third test to the client as an alternative to the first and second tests, said third test including a computational puzzle to be solved by the client, said first, second, and third tests each having a different correct solution, at least one of said first, second, and third tests being elected by the user; receiving, via the client, a response to the at least one of the tests elected by the user; and granting access to the service via the client if the received response is the correct solution to the at least one of the tests elected by the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A method of conducting a Turing test for a user requesting access to a service provided by a server coupled to a data communication network, said user requesting the service via a client computer system also coupled to the data communication network, said method comprising:
-
delivering a first test to the client computer system, said first test comprising a human-readable textual string of characters to be read by the user, said textual string of characters being visually altered to inhibit computerized character recognition; delivering a second test to the client computer system as an alternative to the first test, said second test comprising an audible string of characters to be heard by the user; delivering a third test to the client computer system as an alternative to the first and second tests, said third test comprising a computational puzzle configured to be executed by the client computer system in a manner requiring a pre-defined minimum amount of time, said first, second, and third tests each having different correct solutions; enabling the user to elect between the first, second, and third tests; receiving a response to the elected test and providing access based on the received response. - View Dependent Claims (24, 25, 26, 27, 28)
-
-
29. A method of preventing automated access to a service, said method comprising:
-
delivering a first human interaction proof challenge and a second human interaction proof challenge to a client coupled to a data communication network in response to a user requesting a service to be provided via the network, said first and second challenges each having a different correct solution; requesting that the user elect the first or the second challenge; enabling the user to elect a third challenge as an alternative to the first and second challenges, said third challenge including a computational puzzle to be solved by the client; receiving via the client a response to the elected challenge; storing information representative of one or more previously used challenges; comparing the received response to the stored information; and granting access to the service via the client if the received response is the correct solution to the challenge elected by the user unless the received response corresponds to the stored information. - View Dependent Claims (30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43)
-
-
44. A method of preventing automated access to a service provided by a server coupled to a data communication network, said method comprising:
-
delivering at least three tests for identifying unauthorized scripts, said tests being delivered to a client coupled to the data communication network in response to a user requesting access to the service via the network, said tests each having different correct solutions, and at least one of said tests being elected by the user, said tests being selected from a group consisting of;
a human-readable textual string of characters to be read by the user, wherein the textual string of characters is visually altered to inhibit computerized character recognition;
an audible string of characters to be heard by the user; and
a computational puzzle to be solved by the client;sending, to the client, a block of data representative of the correct solutions to the tests together with the tests, said block of data being returned with a response to the elected test from the user; receiving the response and the block of data via the network; determining whether the received response is valid based on the received response and the received block of data; and granting access to the service if the received response is valid. - View Dependent Claims (45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59)
-
-
60. A system for preventing unauthorized access to a service provided via a data communication network comprising:
-
a first server coupled to the network, said first server delivering at least three challenges each having different correct solutions to a client also coupled to the network in response to the client requesting access to the service, said tests being selected from a group consisting of;
a human-readable textual string of characters to be read by a user, wherein the textual string of characters is visually altered to inhibit computerized character recognition;
an audible string of characters to be heard by the user; and
a computational puzzle to be solved by the client, said first server sending a block of data to the client together with each of the challenges, said block of data containing information representative of the correct solutions to the challenges; anda second server coupled to the network, said second server receiving, from the client, a response to at least one of the challenges elected by the client, said second server further receiving the block of data via the client for determining whether the received response is valid before granting access by the client to the service.
-
Specification