Multichannel device utilizing a centralized out-of-band authentication system (COBAS)

DC CAFC

US 7,870,599 B2
Filed: 10/21/2004
Issued: 01/11/2011
Est. Priority Date: 09/05/2000
Status: Expired due to Fees

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A multichannel security system for accessing a host computer comprising:

an access channel comprising;

interception means for receiving and verifying a login identification originating from a demand from an accessor for access to said host computer; and

an authentication channel comprising;

a security computer for receiving from said interception means said demand for access together with said login identification and for communicating access information to said host computer and for communicating with a peripheral device of said accessor;

a database having at least one peripheral address record corresponding to said login identification;

prompt means for instructing said accessor to re-enter predetermined data at and retransmit predetermined data from said peripheral device; and

comparator means for authenticating access demands in response to the retransmission of said predetermined data by verifying a match between said predetermined data and said re-entered and retransmitted data,wherein said security computer outputs an instruction to the host computer to either grant access thereto using said access channel or to deny access thereto.

View all claims

5 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Reexamination

Accused Products

Abstract

A multichannel security system is disclosed, which system is for granting and denying access to a host computer in response to a demand from an access-seeking individual and computer. The access-seeker has a peripheral device operative within an authentication channel to communicate with the security system. The access-seeker initially presents identification and password data over an access channel which is intercepted and transmitted to the security computer. The security computer then communicates with the access-seeker. A biometric analyzer—a voice or fingerprint recognition device—operates upon instructions from the authentication program to analyze the monitored parameter of the individual. In the security computer, a comparator matches the biometric sample with stored data, and, upon obtaining a match, provides authentication. The security computer instructs the host computer to grant access and communicates the same to the access-seeker, whereupon access is initiated over the access channel.

141 Citations

34 Claims

1. A multichannel security system for accessing a host computer comprising:
- an access channel comprising;
  
  interception means for receiving and verifying a login identification originating from a demand from an accessor for access to said host computer; and
  
  an authentication channel comprising;
  
  a security computer for receiving from said interception means said demand for access together with said login identification and for communicating access information to said host computer and for communicating with a peripheral device of said accessor;
  
  a database having at least one peripheral address record corresponding to said login identification;
  
  prompt means for instructing said accessor to re-enter predetermined data at and retransmit predetermined data from said peripheral device; and
  
  comparator means for authenticating access demands in response to the retransmission of said predetermined data by verifying a match between said predetermined data and said re-entered and retransmitted data,wherein said security computer outputs an instruction to the host computer to either grant access thereto using said access channel or to deny access thereto.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. A multichannel security system as described in claim 1 wherein:
    - said peripheral device is a telephone with a tone generating keypad for entering data; and
      
      ,said prompt means is an auditory message describing data to be entered.
  - 3. A multichannel security system as described in claim 2 wherein said security computer further comprises:
    - an announcement database; and
      
      a voice module for selecting a prerecorded auditory message from said announcement database and, for prompting the entry of data by said accessor, playing said prerecorded auditory message over said telephone.
  - 4. A multichannel security system as described in claim 3 wherein upon outputting an instruction to the host computer to grant access, said security computer communicates in said authentication channel the access information to said accessor by selecting and transmitting an access-granted message from said announcement database and sequentially disconnecting from the connection with said telephone prior to use of said access channel.
  - 5. A multichannel security system as described in claim 2 wherein said authentication channel further comprises:
    - a voice module, capable of synthesizing an auditory message, and, for prompting the entry of data by said accessor, playing a synthesized auditory message over said telephone.
  - 6. A multichannel security system as described in claim 5 further comprising:
    - an announcement database, wherein upon outputting an instruction to the host computer to grant access, said security computer communicates in said authentication channel the access information to said accessor by selecting and transmitting an access-granted message from said announcement database and sequentially disconnecting from the connection with said telephone prior to use of said access channel.
  - 7. A multichannel security system as described in claim 1 wherein said security computer further comprises:
    - authentication program means for authenticating access to said host computer;
      
      a biometric analyzer operating in response to instructions from said authentication program means for analyzing a monitored parameter of said accessor; and
      
      ,a biometric parameter database addressable by said biometric analyzer for retrieval of a previously registered sample of said accessor, said sample corresponding to the identification of said accessor.
  - 8. A multichannel security system as described in claim 7 wherein said biometric analyzer is a voice recognition program for operation within said authentication channel.
  - 9. A multichannel security system as described in claim 8 wherein said voice recognition program comprises:
    - a speech database for retrieval of a speech sample of said accessor corresponding to said login identification;
      
      said security computer adapted to provide instructions to connect and disconnect said security computer to and from said peripheral device;
      
      voice sampling means for instructing said accessor to repeat back and transmit a predetermined auditory statement over said peripheral device;
      
      voice recognition means for authenticating at least one access demands in response to transmission of said predetermined auditory statement; and
      
      ,said security computer, upon authenticating a match between the predetermined auditory statement and the transmitted voice data and upon disconnecting from said authentication channel, providing authentication of the accessor and instructing the host computer to grant access along said access channel.
  - 10. A multichannel security system as described in claim 7 wherein said biometric analyzer comprises a fingerprint verification program.

11. A multichannel security system for granting and denying access to a host computer, said access in response to a demand from an accessor for access to the host computer, said accessor having a cellular telephone for providing communications to the security system, said multichannel security system comprising:
- a login identification accompanying said demand from said accessor;
  
  interception means for receiving and verifying said login identification, said interception means in an access channel;
  
  an authentication channel operating independently from said access channel, said authentication channel comprising;
  
  a security computer adapted in an access-channel mode to receive from said interception means said demand for access together with said login identification and to communicate access information to said host computer and in an authentication-channel mode communications with said cellular telephone;
  
  a subscriber database for retrieval of peripheral addresses corresponding to said login identification;
  
  wherein said security computer is adapted to connect to said associated cellular telephone of said accessor;
  
  prompt means for instructing said accessor to re-enter predetermined data at and retransmit predetermined data from said cellular telephone;
  
  comparator means for authenticating access demands in response to retransmission of predetermined data from said cellular telephone;
  
  said security computer, upon verifying a match between said predetermined data and said re-entered and retransmitted data, providing in the access-channel mode instructions to the host computer to grant access thereto along said access channel;
  
  authentication program means, operating independently from said host computer, for authenticating said accessor demanding access to said host computer;
  
  a biometric analyzer operating in response to said instructions from said authentication program means to analyze a monitored parameter of said accessor; and
  
  ,a biometric parameter database addressable by said biometric analyzer for retrieval of a previously registered sample of said accessor, said sample corresponding to the identification of said accessor.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. A multichannel security system as described in claim 11 wherein said security computer further comprises:
    - an announcement database; and
      
      a voice module capable of selecting a prerecorded auditory message from said announcement database and for prompting the entry of data by said accessor, playing said prerecorded auditory message over said telephone.
  - 13. A multichannel security system as described in claim 12 wherein, upon attaining an access-granted condition, said security computer communicates in said authentication channel the access information to said accessor by selecting and transmitting an access-granted message from said announcement database and sequentially disconnecting from the connection with said telephone prior to use of said access channel.
  - 14. A multichannel security system as described in claim 11 wherein said authentication channel further comprises:
    - a voice module capable of synthesizing an auditory message, and, for prompting the entry of data by said accessor, playing a synthesized auditory message over said telephone.
  - 15. A multichannel security system as described in claim 11 wherein said biometric analyzer comprises a voice recognition program for operation within said authentication channel to authenticate said accessor.
  - 16. A multichannel security system as described in claim 15 wherein said voice recognition program comprises:
    - a speech database for retrieval of a speech sample of said accessor corresponding to the login identification of said accessor;
      
      said security computer adapted to provide instructions to connect and disconnect said security computer to and from said cellular telephone;
      
      voice sampling means for instructing said accessor to repeat back and transmit a predetermined auditory statement over said cellular telephone to said security computer;
      
      voice recognition means in said security computer for authenticating access demands in response to transmission of said predetermined auditory statement received over said cellular telephone; and
      
      ,wherein said security computer, upon authenticating a match between the predetermined auditory statement and the transmitted voice data and upon disconnecting from said authentication channel, providing authentication of said accessor and instructing the host computer to grant access along said access channel.
  - 17. A multichannel security system as described in claim 11 wherein said biometric analyzer comprises a fingerprint verification program for operation within said authentication channel to authenticate said accessor.

18. A multichannel security system for granting and denying access to a host computer, said access in response to a demand over the Internet from an accessor for access to the host computer, said accessor having a personal digital assistant (PDA) for providing communications to the security system, said multichannel security system comprising:
- a login identification accompanying said demand over the internet from said accessor;
  
  interception means for receiving and verifying said login identification, said interception means in an access channel;
  
  an authentication channel operating independently from said access channel and, said authentication channel, in turn, comprising;
  
  a security computer adapted in an access-channel mode to receive from said interception means said demand together with said login identification and to communicate access information to said host computer and in an authentication-channel mode communications with said PDA;
  
  a subscriber database for retrieval of peripheral addresses corresponding to said login identification;
  
  said security computer adapted to connect to said PDA;
  
  prompt means for instructing said accessor to re-enter predetermined data at and retransmit predetermined data from said PDA;
  
  comparator means for authenticating access demands in response to retransmission of predetermined data from said PDA;
  
  said security computer, upon verifying a match between said predetermined data and the re-entered and retransmitted data, providing in the access-channel mode instructions to the host computer to grant access thereto along said access channel;
  
  authentication program means, operating independently from said host computer, for authenticating an accessor demanding access to said host computer;
  
  a biometric analyzer operating in response to instructions from said authentication program means to analyze a monitored parameter of said accessor; and
  
  ,a biometric parameter database addressable by said biometric analyzer for retrieval of a previously registered sample of said accessor, said sample corresponding to the identification of said accessor.
- View Dependent Claims (19, 20)
- - 19. A multichannel security system as described in claim 18 wherein said biometric analyzer comprises a fingerprint verification program for operation within said authentication channel to authenticate the accessor.
  - 20. A multichannel security system as described in claim 19 wherein, upon attaining an access-granted condition, said security computer communicates in said authentication channel the access information to said accessor by selecting and transmitting an access-granted message from said announcement database and sequentially disconnecting from the connection with said telephone prior to use of said access channel.

21. A method for accessing a host computer comprising the steps of:
- in an access channel, receiving at a control module a login identification from an accessor;
  
  in an authentication channel that is separate from the access channel;
  
  providing a security computer comprising a subscriber database, the database having at least one peripheral address of a peripheral device;
  
  receiving in the security computer an intercepted login identification corresponding to the login identification;
  
  retrieving a peripheral address corresponding to the intercepted login identification;
  
  outputting to the peripheral address a first instruction to re-enter predetermined data at and retransmit the predetermined data from the peripheral device;
  
  comparing at the security computer the re-entered and retransmitted data; and
  
  outputting a second instruction to the host computer to either grant access thereto using the access channel or to deny access thereto.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
- - 22. The method according to claim 21, wherein the peripheral device is one of a telephone, a cellular telephone, and a PDA each having an input device for entering data.
  - 23. The method according to claim 21, wherein the outputted first instruction comprises an auditory message describing data to be entered.
  - 24. The method according to claim 21, wherein the security computer further comprises an announcement database.
  - 25. The method according to claim 24, further comprising the steps of:
    - selecting a prerecorded auditory message from the announcement database; and
      
      outputting the prerecorded auditory message at the peripheral device.
  - 26. The method according to claim 25, further comprising the steps of:
    - at said security computer and after outputting the second instruction, communicating in the authentication channel the access information to the accessor by selecting and transmitting an access-granted message from the announcement database; and
      
      disconnecting from the connection with the peripheral device prior to use of the access channel.
  - 27. The method according to claim 21, wherein the authentication channel further comprises a voice module for requesting the entry of data at the peripheral device by outputting a synthesized auditory message at the peripheral device.
  - 28. The method according to claim 21, further comprising the steps of:
    - providing in the authentication channel a biometric analyzer for analyzing a monitored parameter of the accessor;
      
      providing a biometric parameter database addressable by the biometric analyzer for retrieval of a previously registered sample of the accessor, the sample corresponding to the identification of the accessor; and
      
      ,authenticating access to the host computer using the biometric analyzer.
  - 29. The method according to claim 28, wherein the biometric analyzer comprises a voice recognition device.
  - 30. The method according to claim 29, wherein the voice recognition program comprises:
    - a speech database for retrieval of a speech sample of the accessor corresponding to the intercepted login identification;
      
      voice sampling means for instructing the accessor to repeat back and transmit a predetermined auditory statement over the peripheral device; and
      
      voice recognition means for authenticating at least one access demand in response to transmission of the predetermined auditory statement.
  - 31. The method according to claim 28, wherein the biometric analyzer comprises a fingerprint verification device.

32. An out-of-band computer security system comprising:
- a security computer in an authentication channel for communicating with a telephonic device and for receiving an intercepted demand for access to a host computer together with a login identification from an accessor in an access channel that is separate from the authentication channel;
  
  a subscriber database addressable by the security computer having at least one telephone number corresponding to the intercepted login identification;
  
  a device operable in response to a first instruction from the security computer to call the at least one telephone number and connect the telephonic device to the security computer;
  
  prompt means for outputting a second instruction at the telephonic device to re-enter predetermined data at and retransmit predetermined data from the telephonic device; and
  
  comparator means in said security computer for authenticating the access demand in response to the retransmission of the predetermined data from the telephonic device;
  
  wherein the security computer, upon verifying a match between the predetermined data and the re-entered and retransmitted data, authenticates the accessor and instructs the host computer to grant access thereto in the access channel.
- View Dependent Claims (33, 34)
- - 33. An out-of-band security system as described in claim 32, further comprising:
    - a biometric analyzer for analyzing a monitored parameter of the accessor;
      
      a biometric parameter database addressable by the biometric analyzer for retrieval of a previously registered sample of the accessor, the sample corresponding to the identification of the accessor;
      
      sampling means for instructing the accessor to provide and transmit a predetermined entry of the monitored parameter using the telephonic device; and
      
      second comparator means for providing authentication to the security computer in response to a matching analysis between the characteristics of the sample and of the transmission of the predetermined entry of the accessor,wherein the security computer, upon verifying a match between the predetermined entry and the sample, authenticates the accessor and instructs the host computer to grant access thereto in the access channel.
  - 34. An out-of-band security system as described in claim 32, further comprising:
    - an auditory message prompting the accessor to enter predetermined data at and retransmit predetermined data from the telephonic device; and
      
      second comparator means for authenticating the access demand in response to retransmission of predetermined data from the telephonic device,wherein the security computer, upon verifying a match between the predetermined data and the entered and retransmitted data, authenticates the accessor and instructs the host computer to grant access thereto in the access channel.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Strickforce Technologies Incorporated
Original Assignee
Netlabs.com, Inc.
Inventors
Pemmaraju, Ram
Primary Examiner(s)
Zand; Kambiz
Assistant Examiner(s)
Powers; William S

Application Number

US10/970,559
Publication Number

US 20060041755A1
Time in Patent Office

2,273 Days
Field of Search

726/2, 726/5, 713/186, 713168-170, 340 85- 584
US Class Current

726/2
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/42   using separate channels for...

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

H04L 63/0861   using biometrical features,...

H04L 63/102   Entity profiles

H04L 63/18   using different networks or...

H04L 9/3215   using a plurality of channe...

H04L 9/3231   Biological data, e.g. finge...

Multichannel device utilizing a centralized out-of-band authentication system (COBAS)

First Claim

5 Assignments

Litigations

0 Petitions

Reexamination

Accused Products

Abstract

141 Citations

34 Claims

Specification

Solutions

Use Cases

Quick Links

Multichannel device utilizing a centralized out-of-band authentication system (COBAS)

First Claim

5 Assignments

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Reexamination

Accused Products

Subscription Required

Abstract

141 Citations

34 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links