System for providing trusted user access of computer systems

US 8,793,778 B2
Filed: 08/31/2012
Issued: 07/29/2014
Est. Priority Date: 08/31/2012
Status: Expired due to Fees

First Claim

Patent Images

1. A system configured to provide trusted user access of computer systems comprising:

a challenge-response database;

a trusted user database; and

,a server computer configured toaccept an IP address of a computer associated with a user or identification of said user;

generate a session identifier and provide said session identifier to said computer associated with said user based on said IP address of said computer associated with said user or identification of said user;

check if said user is logged in based on said trusted user database;

bypass a challenge-response test if said user is logged in and if a number of bypassed challenge-response tests is less than a predefined number of bypasses allowed for said user and optionally if a number of current sessions is less than a predefined session number per time period, to enable said user to bypass said challenge-response test, and otherwise provide a challenge from said challenge-response database to said user and accept a response from said user;

validate a session with said user;

generate a session validation response; and

,send said session validation response to a website computer or other computer system that said user is attempting to access, wherein said session validation response comprises a validity score and enable or disable access to said website computer or other computer based on said validity score;

wherein said server computer is further configured tocharge a fee for said user to create said account in said trusted user database or ensure that said user requires a predefined amount of time to create said account in said trusted user database oraccept an input from an item that said user comprises a finite number of to create said account or wherein said item utilized to create an account costs over a predefined amount or wherein said item is verifiable to create said account oraccept a cell phone number from said user to create said account in said trusted databaseoraccept a code input from said user that was obtained from information sent to a physical address to create said account orallow an invited user referred from a trusted user to create said account if the trusted user has a network-of-trust score that is higher than a predefined value orallow a social network user from a social network site to create said account based on the friend identifiers of the social network user in the trusted database;

wherein said server computer is further configured toaccept a request from said website computer or said other computer system that said user is attempting to access that indicates that said session is associated with undesirable data; and

,decrease said predefined number of bypasses associated with said user and optionally any associated accounts if said user has an account in said trusted user database;

orlock an account in said trusted user database associated with said user if said validity score is above a score thresholdorboth decrease said predefined number of bypasses and lock said account.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Enables trusted user access of computer systems for example that verifies trusted users and may allow trusted users to bypass challenge-response tests, while limiting access by automated processes and unwanted human challenge-response test solvers. Embodiments may implement an account that may be utilized across websites to enable a valid or trusted user to bypass challenge-response tests. Embodiments of the invention cost time, or cost a nominal fee, or require use of something that may be validated as owned by a user such as a physical address or cell phone, or trusted referral or social graph or any combination thereof, but cost large amounts time or money for spammers using cheap third world labor, thus making it expensive to invoke attacks on sites protected by embodiments of the invention.

12 Citations

View as Search Results

16 Claims

1. A system configured to provide trusted user access of computer systems comprising:
- a challenge-response database;
  
  a trusted user database; and
  
  ,a server computer configured toaccept an IP address of a computer associated with a user or identification of said user;
  
  generate a session identifier and provide said session identifier to said computer associated with said user based on said IP address of said computer associated with said user or identification of said user;
  
  check if said user is logged in based on said trusted user database;
  
  bypass a challenge-response test if said user is logged in and if a number of bypassed challenge-response tests is less than a predefined number of bypasses allowed for said user and optionally if a number of current sessions is less than a predefined session number per time period, to enable said user to bypass said challenge-response test, and otherwise provide a challenge from said challenge-response database to said user and accept a response from said user;
  
  validate a session with said user;
  
  generate a session validation response; and
  
  ,send said session validation response to a website computer or other computer system that said user is attempting to access, wherein said session validation response comprises a validity score and enable or disable access to said website computer or other computer based on said validity score;
  
  wherein said server computer is further configured tocharge a fee for said user to create said account in said trusted user database or ensure that said user requires a predefined amount of time to create said account in said trusted user database oraccept an input from an item that said user comprises a finite number of to create said account or wherein said item utilized to create an account costs over a predefined amount or wherein said item is verifiable to create said account oraccept a cell phone number from said user to create said account in said trusted databaseoraccept a code input from said user that was obtained from information sent to a physical address to create said account orallow an invited user referred from a trusted user to create said account if the trusted user has a network-of-trust score that is higher than a predefined value orallow a social network user from a social network site to create said account based on the friend identifiers of the social network user in the trusted database;
  
  wherein said server computer is further configured toaccept a request from said website computer or said other computer system that said user is attempting to access that indicates that said session is associated with undesirable data; and
  
  ,decrease said predefined number of bypasses associated with said user and optionally any associated accounts if said user has an account in said trusted user database;
  
  orlock an account in said trusted user database associated with said user if said validity score is above a score thresholdorboth decrease said predefined number of bypasses and lock said account.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The system configured to provide trusted user access of computer systems of claim 1 wherein said predefined number of bypasses is a number of bypasses per time period.
  - 3. The system configured to provide trusted user access of computer systems of claim 1 wherein said server computer is further configured to ensure that said user has logged in before said bypass said challenge-response or said provide said challenge occurs.
  - 4. The system configured to provide trusted user access of computer systems of claim 1 wherein said enable said user to bypass said challenge-response test occurs if a last session authentication has occurred within a session authentication timeout period.
  - 5. The system configured to provide trusted user access of computer systems of claim 1 wherein said server computer is further configured todeliver a proof of work challenge to said computer associated with said user;
    - validate said proof of work challenge; and
      
      ,perform said provide said challenge if said proof of work challenge does not validate.
  - 6. The system configured to provide trusted user access of computer systems of claim 5 wherein said proof of work challenge is a computational problem configured to solve a math, science, medical or other computational problem.
  - 7. The system configured to provide trusted user access of computer systems of claim 1 wherein said user initiates a session authentication for said server computer to validate or wherein said computer associated with said user automatically initiates a session authentication for said server computer to validate.
  - 8. The system configured to provide trusted user access of computer systems of claim 1 wherein said server computer is further configured toaccept a validation request for said validate said session from said website computer wherein said validation request comprisesidentification of said user orsaid IP address of said computer associated with said user and optionally an http referrer value and an account identifier for a website after said user submits a form to said website;
    - and,optionally configuration settings associated with said session.
  - 9. The system configured to provide trusted user access of computer systems of claim 1wherein said validity score is compared against a first threshold that determines whether data provided by said user should be deleted or ignored by said website computer or said other computer system that said user is attempting to access;
    - wherein said validity score is compared against a second threshold that determines whether data provided by said user should be accepted by said website computer or said other computer system that said user is attempting to access;
      
      wherein said validity score is compared against a range of values comprising a first threshold and a second threshold that determines whether data provided by said user should be moderated by said website computer or said other computer system that said user is attempting to access.
  - 10. The system configured to provide trusted user access of computer systems of claim 1 wherein said challenge is a CAPTCHA.
  - 11. The system configured to provide trusted user access of computer systems of claim 1 wherein said server computer is further configured toprevent or mitigate spam orprevent or mitigate distribution of viruses or undesirable data orprevent or mitigate ticket scalping orprevent or mitigate denial of service and distributed denial of service attacks orprevent or mitigate fraudulent voting orprevent or mitigate falsifying surveys orprovide a secure single sign-on.

12. A system configured to provide trusted user access of computer systems comprising:
- a challenge-response database;
  
  a trusted user database;
  
  a server computer configured toaccept an IP address of a computer associated with a user or identification of said user;
  
  generate a session identifier and provide said session identifier to said computer associated with said user based on said IP address of said computer associated with said user or identification of said user;
  
  check if said user is logged in based on said trusted user database;
  
  bypass a challenge-response test if said user is logged in and if a number of bypassed challenge-response tests is less than a predefined number of bypasses allowed for said user and if a last session authentication has occurred within a session authentication timeout period and optionally if a number of current sessions is less than a predefined session number per time period, to enable said user to bypass said challenge-response test, and otherwise provide a challenge from said challenge-response database to said user and accept a response from said user;
  
  validate a session with said user;
  
  generate a session validation response;
  
  send said session validation response to a website computer or other computer system that said user is attempting to access, wherein said session validation response comprises a validity score andwherein said validity score is compared against a first threshold that determines whether data provided by said user should be deleted or ignored by said website computer or said other computer system that said user is attempting to access;
  
  wherein said validity score is compared against a second threshold that determines whether data provided by said user should be accepted by said website computer or said other computer system that said user is attempting to access;
  
  wherein said validity score is compared against a range of values comprising said first threshold and said second threshold that determines whether data provided by said user should be moderated by said website computer or said other computer system that said user is attempting to access;
  
  wherein said server computer is further configured tocharge a fee for said user to create said account in said trusted user database or ensure that said user requires a predefined amount of time to create said account in said trusted user database oraccept an input from an item that said user comprises a finite number of to create said account or wherein said item utilized to create an account costs over a predefined amount or wherein said item is verifiable to create said account oraccept a cell phone number from said user to create said account in said trusted databaseoraccept a code input from said user that was obtained from information sent to a physical address to create said account orallow an invited user referred from a trusted user to create said account if the trusted user has a network-of-trust score that is higher than a predefined value orallow a social network user from a social network site to create said account based on the friend identifiers of the social network user in the trusted database;
  
  wherein said server computer is further configured toaccept a request from said website computer or said other computer system that said user is attempting to access that indicates that said session is associated with undesirable data; and
  
  ,decrease said predefined number of bypasses associated with said user and optionally any associated accounts if said user has an account in said trusted user database;
  
  orlock an account in said trusted user database associated with said user if said validity score is above a score thresholdorboth decrease said predefined number of bypasses and lock said account.
- View Dependent Claims (13, 14, 15)
- - 13. The system configured to provide trusted user access of computer systems of claim 12 wherein said server computer is further configured to ensure that said user has logged in before said bypass said challenge-response or said provide said challenge occurs.
  - 14. The system configured to provide trusted user access of computer systems of claim 12 wherein said server computer is further configured todeliver a proof of work challenge to said computer associated with said user wherein said proof of work challenge is a computational problem configured to solve a math, science, medical or other computational problem;
    - validate said proof of work challenge; and
      
      ,perform said provide said challenge if said proof of work challenge does not validate.
  - 15. The system configured to provide trusted user access of computer systems of claim 12 wherein said challenge is a CAPTCHA.

16. A system configured to provide trusted user access of computer systems comprising:
- a challenge-response database;
  
  a trusted user database;
  
  a server computer configured toaccept an IP address of a computer associated with a user or identification of said user;
  
  generate a session identifier and provide said session identifier to said computer associated with said user based on said IP address of said computer associated with said user or identification of said user;
  
  check if said user is logged in based on said trusted user database;
  
  wherein said server computer is further configured tocharge a fee for said user to create an account in said trusted user database orensure that said user requires a predefined amount of time to create an account in said trusted user database oraccept an input from an item that said user comprises a finite number of to create said account or wherein said item utilized to create an account costs over a predefined amount or wherein said item is verifiable to create said account oraccept a cell phone number from said user to create said account in said trusted databaseoraccept a code input from said user that was obtained from information sent to a physical address to create said account orallow an invited user referred from a trusted user to create said account if the trusted user has a network-of-trust score that is higher than a predefined value orallow a social network user from a social network site to create said account based on the friend identifiers of the social network user in the trusted database;
  
  bypass a challenge-response test if said user is logged in and if a number of bypassed challenge-response tests is less than a predefined number of bypasses allowed for said user and wherein said predefined number of bypasses is a number of bypasses per time period and optionally if a number of current sessions is less than a predefined session number per time period, to enable said user to bypass said challenge-response test, and otherwise provide a challenge from said challenge-response database to said user and accept a response from said user;
  
  wherein when said server computer bypasses said challenge-response test, said server computer is further configured todeliver a proof of work challenge to said computer associated with said user wherein said proof of work challenge is a computational problem configured to solve a math, science, medical or other computational problem;
  
  validate said proof of work challenge;
  
  provide a challenge from said challenge-response database to said user and accept a response from said user if said proof of work challenge does not validate;
  
  oraccept a validation request for said validate said session from said website computer, wherein said validation request comprisessaid IP address of said computer associated with said user; and
  
  , configuration settings associated with a session;
  
  validate said session with said user;
  
  generate a session validation response;
  
  send said session validation response to a website computer or other computer system that said user is attempting to access, wherein said session validation response comprises a validity scoreand wherein said validity score is compared against a first threshold that determines whether data provided by said user should be deleted or ignored by said website computer or said other computer system that said user is attempting to access;
  
  wherein said validity score is compared against a second threshold that determines whether data provided by said user should be accepted by said website computer or said other computer system that said user is attempting to access;
  
  wherein said validity score is compared against a range of values comprising said first threshold and said second threshold that determines whether data provided by said user should be moderated by said website computer or said other computer system that said user is attempting to access;
  
  accept a request from said website computer that indicates that said session is associated with undesirable data; and
  
  ,decrease said predefined number of bypasses associated with said user if said user has an account in said trusted user database;
  
  orlock an account in said trusted user database associated with said user if said validity score is above a score thresholdorboth decrease said predefined number of bypasses and lock said account; and
  
  , optionally ensure that said user has logged in before said bypass said challenge-response or said provide said challenge occurs.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Spamcapthcer Incorporated
Original Assignee
Spamcaptcher Incorporated
Inventors
Marinov, Stefan, Miller, Kieran
Primary Examiner(s)
Nalven, Andrew
Assistant Examiner(s)
FIELDS, COURTNEY D

Application Number

US13/602,046
Publication Number

US 20140068735A1
Time in Patent Office

697 Days
Field of Search

726/7, 726/3, 726/21, 726/23, 726/22, 382/296, 705/14.66
US Class Current

726/7
CPC Class Codes

G06F 21/31   User authentication

G06F 2221/2133   Verifying human interaction...

H04L 63/08   for authentication of entit...

System for providing trusted user access of computer systems

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

12 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

System for providing trusted user access of computer systems

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

12 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links