Authentication method
First Claim
1. A method for authenticating the identity of a requester of access to a secured resource, said method for authenticating comprising the steps of:
- receiving with at least one server a request for access by an unauthorized user to a secured resource from a requester purporting to be an authorized user of said secured resource;
generating a challenge string with said at least one server, said challenge string being a random string having a plurality of symbols, wherein at least one of the symbols of the challenge string is a null character, each null character being a specially designated symbol indicating the absence from said random string of a single symbol;
communicating said challenge string to said authorized user that said requester purports to be;
receiving from said unauthorized user a response string corresponding to said challenge string;
evaluating said response string to authenticate the identity of said requester; and
wherein said at least one server comprises at least one processor coupled to at least one processor-readable medium, said at least one processor-readable medium containing a request handler component and an authenticator component.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method whereby the identity of a person, entity, device or the like attempting to gain access to a secured resource may be securely authenticated includes a means for receiving from a requester purporting to be an authorized user of a secured resource a request for access by an unauthorized user (such as, for example, a retail store, a service station, an on-line service provider or merchandiser, a healthcare provider, a medical insurer, an information consumer or the like) to the secured resource; a means for generating and communicating to the purported authorized user a challenge string adapted to provide a basis for authenticating the identity of the requester; a means for receiving a response string corresponding to the challenge string; and a means for evaluating the response string to authenticate the identity of the requester.
-
Citations
20 Claims
-
1. A method for authenticating the identity of a requester of access to a secured resource, said method for authenticating comprising the steps of:
-
receiving with at least one server a request for access by an unauthorized user to a secured resource from a requester purporting to be an authorized user of said secured resource; generating a challenge string with said at least one server, said challenge string being a random string having a plurality of symbols, wherein at least one of the symbols of the challenge string is a null character, each null character being a specially designated symbol indicating the absence from said random string of a single symbol; communicating said challenge string to said authorized user that said requester purports to be; receiving from said unauthorized user a response string corresponding to said challenge string; evaluating said response string to authenticate the identity of said requester; and wherein said at least one server comprises at least one processor coupled to at least one processor-readable medium, said at least one processor-readable medium containing a request handler component and an authenticator component. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification