System and method for authentication of users and communications received from computer systems

US 7,730,321 B2
Filed: 02/03/2005
Issued: 06/01/2010
Est. Priority Date: 05/09/2003
Status: Active Grant

First Claim

Patent Images

1. A method of receiving information useful for logging a user into a computer system, comprising:

causing a user identifier to be stored in a persistent file of a client system;

receiving from the user a request to log into the computer system;

responsive to the request received;

receiving the persistent file including the user identifier from the client system;

providing from the computer system to the user a prompt for the user identifier;

receiving a response from the user responsive to the prompt for the user identifier; and

determining if the response received from the user matches the user identifier received in the persistent file; and

responsive to a determination that the response received matches the user identifier received;

providing from the computer system to the user a prompt for confidential information; and

presenting to the user customization information corresponding to the user identifier received that is perceptible to the user and can allow the user to authenticate the computer system if the customization information presented matches customization information expected by the user;

said customization information being presented to the user before or during the providing from the computer system to the user the prompt for confidential information step;

said customization information not being presented to the user between the receiving the request step and the determination that the response received matches the user identifier received; and

the correspondence of the customization information with the user identifier not ordinarily being publicly known.

View all claims

15 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method allows a user to authenticate a communication from a computer system, a computer system to authenticate a user, or both. When a user requests a web page from the web site, customization information that is recognizable to the user is provided to allow the user to authenticate the web site. A signed, encrypted persistent file stored on the user'"'"'s computer system or installed on a different computer system, or a trusted computing subsystem allows the web site to authenticate the user. If the user is using a system that will not allow that user to be authenticated, the user may instruct the system to continue providing information without the user'"'"'s customization information. The system and method may be used to allow the user to authenticate an e-mail message or its source, and Flash movies or other computer code may be used if the user'"'"'s e-mail client does not employ cookies.

Citations

27 Claims

1. A method of receiving information useful for logging a user into a computer system, comprising:
- causing a user identifier to be stored in a persistent file of a client system;
  
  receiving from the user a request to log into the computer system;
  
  responsive to the request received;
  
  receiving the persistent file including the user identifier from the client system;
  
  providing from the computer system to the user a prompt for the user identifier;
  
  receiving a response from the user responsive to the prompt for the user identifier; and
  
  determining if the response received from the user matches the user identifier received in the persistent file; and
  
  responsive to a determination that the response received matches the user identifier received;
  
  providing from the computer system to the user a prompt for confidential information; and
  
  presenting to the user customization information corresponding to the user identifier received that is perceptible to the user and can allow the user to authenticate the computer system if the customization information presented matches customization information expected by the user;
  
  said customization information being presented to the user before or during the providing from the computer system to the user the prompt for confidential information step;
  
  said customization information not being presented to the user between the receiving the request step and the determination that the response received matches the user identifier received; and
  
  the correspondence of the customization information with the user identifier not ordinarily being publicly known.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 wherein the customization information was identified by the user prior to the receiving the request step.
  - 3. The method of claim 2 wherein the customization information was identified by the user providing the customization information to the computer system.
  - 4. The method of claim 1 wherein the customization information for the user may be different from customization information for at least one other user who may log into the computer system.
  - 5. The method of claim 4, wherein the customization information for the user may be different from customization information for all other users who may log into the computer system.
  - 6. The method of claim 1 wherein the presenting to the user customization information step is additionally responsive to at least a portion of the persistent file received from the client system other than the user identifier.
  - 7. The method of claim 1 wherein the presenting to the user customization information step is additionally responsive to at least a portion of an identifier corresponding to the client system.
  - 8. The method of claim 1 wherein the user identifier in the persistent file is encrypted in the persistent file.
  - 9. The method of claim 1 wherein the persistent file comprises a local shared object capable of being used by a Flash movie.

10. A system for receiving information useful for logging a user into a computer system, comprising:
- at least one storage; and
  
  a processor operatively coupled to the at least one storage, the processor being operative to perform the steps of;
  
  causing a user identifier to be stored in a persistent file of a client system;
  
  receiving from the user a request to log into the computer system;
  
  responsive to the request received;
  
  receiving the persistent file including the user identifier from the client system;
  
  providing from the computer system to the user a prompt for the user identifier;
  
  receiving a response from the user responsive to the prompt for the user identifier, anddetermining if the response received from the user matches the user identifier received in the persistent file; and
  
  responsive to a determination that the response received matches the user identifier received;
  
  providing from the computer system to the user a prompt for confidential information; and
  
  presenting to the user customization information corresponding to the user identifier received that is perceptible to the user and can allow the user to authenticate the computer system if the customization information presented matches customization information expected by the user;
  
  said customization information being presented to the user before or during the providing from the computer system to the user the prompt for confidential information step;
  
  said customization information not being presented to the user between the receiving the request step and the determination that the response received matches the user identifier received; and
  
  the correspondence of the customization information with the user identifier not ordinarily being publicly known.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The system of claim 10 wherein the processor is further operative to perform the step of:
    - receiving from the user, prior to a time at which the customization information is presented to the user, an identification of the customization information to be presented to the user.
  - 12. The system of claim 11 wherein the customization information is identified by the user providing the customization information.
  - 13. The system of claim 10 wherein the customization information for the user may be different from customization information for at least one other user who may log into the computer system.
  - 14. The system of claim 13, wherein the customization information for the user may be different from customization information for all other users who may log into the computer system.
  - 15. The system of claim 10 wherein the processor is further operative to perform the step ofpresenting the customization information additionally responsive to at least one portion of a persistent file other than the user identifier.
  - 16. The system of claim 10 wherein the customization information is presented to the user additionally responsive to a portion of an identifier corresponding to the client system.
  - 17. The system of claim 10 wherein the user identifier is encrypted in the persistent file.
  - 18. The system of claim 10 wherein the persistent file comprises a local shared object capable of being used by a Flash movie.

19. A computer program product comprising a computer useable medium having computer readable program code embodied therein for receiving information useful for logging a user into a computer system, the computer program product comprising computer readable program code devices configured to cause a computer system to:
- cause a user identifier to be stored in a persistent file of a client system;
  
  receive from the user a request to log into the computer system;
  
  responsive to the request received;
  
  receive the persistent file including the user identifier from the client system;
  
  provide from the computer system to the user a prompt for the user identifier;
  
  receive a response from the user responsive to the prompt for the user identifier; and
  
  determine if the response received from the user matches the user identifier received in the persistent file; and
  
  responsive to a determination that the response received matches the user identifier received;
  
  provide from the computer system to the user a prompt for confidential information; and
  
  present to the user customization information corresponding to the user identifier received that is perceptible to the user and can allow the user to authenticate the computer system if the customization information presented matches customization information expected by the user;
  
  said customization information being presented to the user before or during the providing from the computer system to the user the prompt for confidential information step;
  
  said customization information not being presented to the user between the receiving the request step and the determination that the response received matches the user identifier received; and
  
  the correspondence of the customization information with the user identifier not ordinarily being publicly known.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
- - 20. The computer program product of claim 19 wherein the customization information was identified by the user prior to the receiving the request step.
  - 21. The computer program product of claim 20 wherein the customization information was identified by the user providing the customization information to the computer system.
  - 22. The computer program product of claim 19 wherein the customization information for the user may be different from customization information for at least one other user who may log into the computer system.
  - 23. The computer program product of claim 22, wherein the customization information for the user may be different from customization information for all other users who may log into the computer system.
  - 24. The computer program product of claim 19 wherein the computer readable program code devices configured to cause the computer system to present to the user customization information are additionally responsive to at least a portion of the persistent file received from the client system other than the user identifier.
  - 25. The computer program product of claim 19 wherein the computer readable program code devices configured to cause the computer system to present to the user customization information are additionally responsive to at least a portion of an identifier corresponding to the client system.
  - 26. The computer program product of claim 19 wherein the user identifier in the persistent file is encrypted in the persistent file.
  - 27. The computer program product of claim 19 wherein the persistent file comprises a local shared object capable of being used by a Flash movie.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Emc IP Holding Company LLC (Dell Technologies Inc.)
Original Assignee
EMC Corporation (Dell Technologies Inc.)
Inventors
Gasparini, Louis A, Harris, William H
Primary Examiner(s)
Zand; Kambiz
Assistant Examiner(s)
RAHIM, MONJUR

Application Number

US11/050,549
Publication Number

US 20050177750A1
Time in Patent Office

1,944 Days
Field of Search

709/225, 709/229, 713/170, 713/180, 713/182, 713/202, 713/200, 713/185, 713/273, 715/273, 726/5, 726/23, 726/24, 726/4, 705/39
US Class Current

713/182
CPC Class Codes

G06F 21/31   User authentication

G06F 21/445   by mutual authentication, e...

G06F 21/6263   during internet communicati...

G06F 2221/2119   Authenticating web pages, e...

System and method for authentication of users and communications received from computer systems

First Claim

15 Assignments

0 Petitions

Accused Products

Abstract

Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for authentication of users and communications received from computer systems

First Claim

15 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links