User-centric authentication system and method
First Claim
Patent Images
1. An authentication system for authenticating a user in a network, the authentication system comprising:
- a secure computer resource;
a computer providing dynamic authentication of a user accessing the computer resource; and
a user communication device for communicating between the user and the computer resource;
wherein the computer includes a challenge engine for generating a non-static challenge containing randomly generated data to the user;
wherein the computer stores a pre-determined function known by the user, the pre-determined function being utilized by the user to perform a manipulation of the data within the challenge to formulate a correct response to the computer;
wherein the pre-determined function is established between the user and the computer resource prior to a first authentication session, the pre-determined function remaining constant over a plurality of attempted access sessions;
wherein the computer includes means for receiving the response from the user and determining if the response properly manipulates the challenge based on the pre-determined function;
whereby access is granted by the user to the secure computer resource upon receiving a correct response determined by the computer to properly manipulate the data within the challenge based on the pre-determined function.
1 Assignment
0 Petitions
Accused Products
Abstract
A system for authenticating a user in a network. The authentication system includes a computer resource having secure data, an authentication computing system providing dynamic authentication of a user accessing the computer resource, and a user communication device for communicating between the user and the computer resource. The computing system presents a challenge for which a specified response is required based upon a pre-determined function. Access is then granted by the computing system upon providing the correct response to the presented challenge by the user.
-
Citations
26 Claims
-
1. An authentication system for authenticating a user in a network, the authentication system comprising:
-
a secure computer resource; a computer providing dynamic authentication of a user accessing the computer resource; and a user communication device for communicating between the user and the computer resource; wherein the computer includes a challenge engine for generating a non-static challenge containing randomly generated data to the user; wherein the computer stores a pre-determined function known by the user, the pre-determined function being utilized by the user to perform a manipulation of the data within the challenge to formulate a correct response to the computer; wherein the pre-determined function is established between the user and the computer resource prior to a first authentication session, the pre-determined function remaining constant over a plurality of attempted access sessions; wherein the computer includes means for receiving the response from the user and determining if the response properly manipulates the challenge based on the pre-determined function; whereby access is granted by the user to the secure computer resource upon receiving a correct response determined by the computer to properly manipulate the data within the challenge based on the pre-determined function. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 23, 24, 26)
-
-
20. A method of authentication a user in a network, the method comprising the steps of:
-
securing data in a computer resource; dynamically authenticating a user accessing the computer resource by a computer, wherein the step of dynamically authenticating a user includes the steps of; storing, in the computer, a pre-determined function known by the user, the pre-determined function being utilized by the user to perform a manipulation of data within the challenge to formulate a correct response to the computer; wherein the pre-determined function is established between the user and the computer resource prior to a first authentication session, the pre-determined function remaining constant over a plurality of attempted access sessions; generating and presenting a non-static challenge having randomly generated data, by a challenge engine within the computer, to the user; receiving a response by the user; and determining, by the computer, if the response is correct by determining if the response properly manipulates the data within the challenge based on the pre-determined function; upon determining, by the computer, that a correctly response is received by the user, granting access by the user to the computer resource. - View Dependent Claims (21, 22, 25)
-
Specification