System and method for user authentication

US 8,732,795 B2
Filed: 05/19/2011
Issued: 05/20/2014
Est. Priority Date: 05/21/2010
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented authentication method, comprising:

(a) receiving an authentication request at an authentication computing system, the request including a resource identifier;

(b) identifying one or more authentication pools associated with the resource identifier, each authentication pool including at least one authentication method selected from the group including a password, passphrase, personal identification number, challenge response, identification card, wristband, security token, software token, cell phone, biometric information, fingerprint, retinal pattern, signature, face, and voice;

(c) executing a pool authentication process for the one or more identified authentication pools, the pool authentication process including a two stage authentication process, including at least one first stage that includes performing an authentication method implementation included in the authentication pool and a second stage dependent on the first stage; and

(d) transmitting a response to the identification authentication request based on the execution of the pool authentication process for the one or more identified authentication pools.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer-implemented authentication method is described. The method includes the steps of (a) receiving an authentication request at an authentication computing system, the request including a resource identifier, (b) identifying one or more authentication pools associated with the resource identifier, each authentication pool including at least one authentication method implementation, (c) executing a pool authentication process for the one or more identified authentication pools, and (d) transmitting a response to the identification authentication request based on the execution of the pool authentication process for the one or more identified authentication pools.

Citations

20 Claims

1. A computer-implemented authentication method, comprising:
- (a) receiving an authentication request at an authentication computing system, the request including a resource identifier;
  
  (b) identifying one or more authentication pools associated with the resource identifier, each authentication pool including at least one authentication method selected from the group including a password, passphrase, personal identification number, challenge response, identification card, wristband, security token, software token, cell phone, biometric information, fingerprint, retinal pattern, signature, face, and voice;
  
  (c) executing a pool authentication process for the one or more identified authentication pools, the pool authentication process including a two stage authentication process, including at least one first stage that includes performing an authentication method implementation included in the authentication pool and a second stage dependent on the first stage; and
  
  (d) transmitting a response to the identification authentication request based on the execution of the pool authentication process for the one or more identified authentication pools.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein executing a pool authentication process includes identifying the one or more authentication method implementations that are to be performed.
  - 3. The method of claim 2, wherein executing a pool authentication process further includes generating an authentication method response, includingtransmitting information to one or more of the identified authentication method implementations;
    - generating a device authentication response based on the transmitted information.
  - 4. The method of claim 2, further including determining whether an authentication method implementation has been used in the current authentication process in any authentication pool.
  - 5. The method of claim 4, further including selecting an alternate method implementation from an authentication pool based on a determination that an authentication method implementation has been used in the current authentication process.
  - 6. The method of claim 1, wherein identifying one or more authentication pools associated with the resource identifier includes accessing an authentication database including a table of resource identifiers and a table of authentication pools, each resource identifier including an association with one or more authentication pools, each authentication pool including an association with one or more authentication method implementations.
  - 7. The method of claim 6, wherein the table includes at least one authentication method implementation associated with more than one authentication pool.
  - 8. The method of claim 1, wherein the authentication request includes a request to identify a patient seeking medical care using a biometric reader as at least one authentication method implementation in the authentication process.
  - 9. The method of claim 1, wherein the authentication request includes a request to identify a medicine to be administered to a patient using a barcode reader as at least one authentication method implementation in the authentication process.

10. A computer-implemented authentication system, comprising:
- an authentication data table, the table includingone or more resource identifiers, andat least one authentication pool associated with each resource identifier, the pool including at least one authentication method selected from the group including a password, passphrase, personal identification number, challenge response, identification card, wristband, security token, software token, cell phone, biometric information, fingerprint, retinal pattern, signature, face, and voice;
  
  an authentication engine configured toreceive an authentication request at an authentication computing system, the request including a resource identifier,identify one or more authentication pools associated with the resource identifier, andexecute a pool authentication process for the one or more identified authentication pools, the pool authentication process including a two stage authentication process, including at least one first stage that includes performing an authentication method implementation included in the authentication pool and a second stage dependent on the first stage; and
  
  an authentication reporting engine configured to provide a response to the identification authentication request based on the execution of the pool authentication process for the one or more identified authentication pools.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The system of claim 10, wherein executing a pool authentication process includes identifying the one or more authentication method implementations that are to be performed.
  - 12. The system of claim 11, wherein executing a pool authentication process further includes generating an authentication method response, includingtransmitting information to one or more of the identified authentication method implementations;
    - generating a device authentication response based on the transmitted information.
  - 13. The system of claim 11, wherein the authentication engine is configured to determine whether an authentication method implementation has been used in the current authentication process in any authentication pool.
  - 14. The system of claim 13, wherein the authentication engine is configured to select an alternate method implementation from an authentication pool based on a determination that an authentication method implementation has been used in the current authentication process.
  - 15. The system of claim 10, wherein the data table includes at least one authentication method implementation associated with more than one authentication pool.
  - 16. The system of claim 10, wherein the authentication request includes a request to identify a patient seeking medical care using a biometric reader as at least one authentication method implementation in the authentication process.
  - 17. The system of claim 10, wherein the authentication request includes a request to identify a medicine to be administered to a patient using a barcode reader as at least one authentication method implementation in the authentication process.

18. A computer-implemented authentication system for use in administering a controlled substance, comprising:
- an authentication data table, the table includingone or more resource identifiers associated with the controlled substance, andat least two authentication pools associated with the one or more resource identifiers, each pool including at least one authentication method selected from the group including a password, passphrase, personal identification number, challenge response, identification card, wristband, security token, software token, cell phone, biometric information, fingerprint, retinal pattern, signature, face, and voice;
  
  an authentication engine configured toreceive an authentication request at an authentication computing system, the request including a resource identifier,identify at least first and second authentication pools associated with the resource identifier,execute a pool authentication process for the first identified authentication pool, including executing a first authentication method implementation, andexecute a pool authentication process for the second identified authentication pool, including executing a second authentication method implementation that is different than the first authentication method; and
  
  an authentication reporting engine configured to provide a response to the identification authentication request based on a determination indicating successful execution of the first and second pool authentication processes for the at least first and second identified authentication pools.
- View Dependent Claims (19, 20)
- - 19. The system of claim 18, wherein the authentication engine is configured to determine whether an authentication method implementation has been used in the current authentication process in any authentication pool.
  - 20. The system of claim 18, wherein first and second authentication pools including authentication methods directed to at least authentication an identity of a healthcare provider authorized to administer the controlled substance.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Epic Systems Corporation
Original Assignee
Epic Systems Corporation
Inventors
Skeel, Trent N., Cooper, Eric W., Keshav, Travis
Primary Examiner(s)
Truong, Thanhnga B

Application Number

US13/111,290
Publication Number

US 20110289572A1
Time in Patent Office

1,097 Days
Field of Search

726 2- 7, 726 17- 21, 726/27, 382/124, 340/5.83, 370/310, 370/328, 370/331, 380/229, 380/232
US Class Current

726/2
CPC Class Codes

H04L 2209/88   Medical equipments

H04L 2463/082   applying multi-factor authe...

H04L 63/08   for authentication of entit...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/083   using passwords cryptograph...

H04L 67/146   Markers for unambiguous ide...

H04L 9/00   Cryptographic mechanisms or...

H04L 9/006   involving public key infras...

H04L 9/32   including means for verifyi...

H04L 9/3271   using challenge-response

System and method for user authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for user authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links