Secure data storage and retrieval incorporating human participation
First Claim
1. A computer related security method incorporating human participation, the method comprising:
- receiving a request for data stored in a storage medium;
in response thereto, transmitting from a client agent to a server, a puzzle request and a retrieval tag, wherein the retrieval tag identifies a location of a blob comprising a user secret;
receiving from the server, a puzzle that requires human participation, and a correct solution to the puzzle;
transmitting the puzzle from the client agent to a user;
receiving from the user, a proposed solution to the puzzle;
transmitting to the user, a query seeking identification of a stored secret;
receiving from the user, a response to the query seeking identification of the stored secret;
transmitting to the server, the proposed solution to the puzzle and the response to the query;
using in the server, the retrieval tag received from the client agent to retrieve the blob for verification of the stored secret; and
if the proposed solution to the puzzle and the response to the query is correct, allowing access to the data stored in the storage medium.
2 Assignments
0 Petitions
Accused Products
Abstract
A computer related security mechanism requires that a human participate in an access verification sequence. Upon a request to access secure data, a puzzle is provided to the requester. Proper solution of the puzzle requires human participation. The puzzle is chosen such that its solution is within the capabilities of a human, but beyond the current state of the art for computer systems. The puzzled can be visually and/or audibly rendered to the user. In one configuration, the puzzle is obtained via a library of pluggable puzzle generators. Puzzle generators in the library can be replaced as the state of the art of computing technology improves.
44 Citations
15 Claims
-
1. A computer related security method incorporating human participation, the method comprising:
-
receiving a request for data stored in a storage medium; in response thereto, transmitting from a client agent to a server, a puzzle request and a retrieval tag, wherein the retrieval tag identifies a location of a blob comprising a user secret; receiving from the server, a puzzle that requires human participation, and a correct solution to the puzzle; transmitting the puzzle from the client agent to a user; receiving from the user, a proposed solution to the puzzle; transmitting to the user, a query seeking identification of a stored secret; receiving from the user, a response to the query seeking identification of the stored secret; transmitting to the server, the proposed solution to the puzzle and the response to the query; using in the server, the retrieval tag received from the client agent to retrieve the blob for verification of the stored secret; and if the proposed solution to the puzzle and the response to the query is correct, allowing access to the data stored in the storage medium. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for implementing computer related security incorporating human participation, the system comprising:
-
a memory portion configured to store data; an input/output portion configured to receive a request for accessing the data stored in the memory portion; a first processing portion of a client agent, the first processing portion configured to; transmit from the client agent to a server, a puzzle request and a retrieval tag, wherein the retrieval tag identifies a location of a blob comprising a user secret; receive from the server, a puzzle that requires human participation, and a correct solution to the puzzle; transmit the puzzle from the client agent to a user; receive from the user, a proposed solution to the puzzle; transmit to the user, a query seeking identification of a stored secret; receive from the user, a response to the query seeking identification of the stored secret; and transmit to the server, the proposed solution to the puzzle and the response to the query; and a second processing portion of the server, the second processing portion configured to; use the retrieval tag received from the client agent, to retrieve the blob for verification of the stored secret; determine if the proposed solution to the puzzle and the received response to the query is correct; and if correct, allow access to the data stored in the memory portion. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer-readable storage medium having stored thereon computer-executable instructions for performing computer related security incorporating human participation, by performing the steps of:
-
receiving from a client agent, a puzzle request and a retrieval tag that identifies a location of a blob comprising a user secret; responsive to the request, obtaining a puzzle from a library of pluggable puzzle generators; transmitting to the client agent, the puzzle, wherein human participation is intended to obtain a solution to the puzzle; receiving a user-provided proposed solution to the puzzle; receiving a user-provided response to a query seeking identification of the user secret; using the retrieval tag received from the client agent, to retrieve the blob for verification of the user secret; and if the proposed solution to the puzzle and the response to the query is correct, allowing user access to a stored data. - View Dependent Claims (14, 15)
-
Specification