Authentication system
First Claim
1. An authentication system for authenticating the identity of a requester of access to a secured resource, said authentication system comprising:
- a client gateway having a first set of instructions embodied in a computer readable medium, said first set of instructions operable to receive from a service client a request for access to a secured resource, said request for access having been submitted to said service client by a requester purporting to be an authorized user of said secured resource;
a server in secure communication with said client gateway, said server having a second set of instructions embodied in a computer readable medium operable to generate a challenge string, said challenge string being a random string having a plurality of symbols, wherein at least one of the symbols of said challenge string is a specially designated symbol;
a messaging gateway in secure communication with said server and connected to at least one other communication channel, said messaging gateway having a third set of instructions embodied in a computer readable medium operable to communicate said challenge string to said authorized user that said requester purports to be;
wherein said first set of instructions is further operable to receive from said service client a response string corresponding to said challenge string; and
wherein said second set of instructions is further operable to evaluate said response string to authenticate the identity of said requester;
wherein;
said secured resource comprises a common identifier by which said secured resource may be generally identified outside of said authentication system; and
said request for access comprises insufficient content for said service client to determine said common identifier.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method whereby the identity of a person, entity, device or the like attempting to gain access to a secured resource may be securely authenticated includes a means for receiving from a service client a request for access to a secured resource; means for generating and communicating to the purported authorized user a challenge string adapted to provide a basis for authenticating the identity of the requester; a means for receiving from the service client a response string corresponding to the challenge string; and a means for evaluating the response string to authenticate the identity of the requester. The secured resource has a common identifier by which it may be generally identified outside of the authentication system, but the request for access lacks sufficient information content for the service client to be able to determine the common identifier.
-
Citations
17 Claims
-
1. An authentication system for authenticating the identity of a requester of access to a secured resource, said authentication system comprising:
-
a client gateway having a first set of instructions embodied in a computer readable medium, said first set of instructions operable to receive from a service client a request for access to a secured resource, said request for access having been submitted to said service client by a requester purporting to be an authorized user of said secured resource; a server in secure communication with said client gateway, said server having a second set of instructions embodied in a computer readable medium operable to generate a challenge string, said challenge string being a random string having a plurality of symbols, wherein at least one of the symbols of said challenge string is a specially designated symbol; a messaging gateway in secure communication with said server and connected to at least one other communication channel, said messaging gateway having a third set of instructions embodied in a computer readable medium operable to communicate said challenge string to said authorized user that said requester purports to be; wherein said first set of instructions is further operable to receive from said service client a response string corresponding to said challenge string; and wherein said second set of instructions is further operable to evaluate said response string to authenticate the identity of said requester;
wherein;said secured resource comprises a common identifier by which said secured resource may be generally identified outside of said authentication system; and said request for access comprises insufficient content for said service client to determine said common identifier. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
Specification