Authenticating users based upon an identity footprint

US 8,863,307 B2
Filed: 06/29/2012
Issued: 10/14/2014
Est. Priority Date: 06/05/2012
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

at least one sensor configured to determine at least one of a position or movement of the system; and

circuitry in communication with the at least one sensor, the circuitry being configured to;

identify, using the at least one sensor, at least one behavior associated with use of the system over a first period of time;

generate at least one timestamp associated with the at least one behavior and the first period of time;

generate a user signature corresponding to the use of the system over the first period of time based at least in part upon the at least one behavior and the at least one timestamp,obtain a request to authenticate a user of the system from a system requesting authentication, wherein the request to authenticate the user indicates one of a higher level of authentication or a lower level of authentication,in response to the request, determine whether use of the system over a second period of time other than the first period of time corresponds to the user signature and identify a deviation between the use of the computing device over the second period of time and the use of the computing device over the first period of time;

when the request to authenticate the user indicates the higher level of authentication, comparing the deviation against a lower level of deviation permitted for authentication of the user;

and when the request to authenticate the user indicates the lower level of authentication, comparing the deviation against a higher level of deviation permitted for authentication of the user; and

authenticating the user when the use of the computing device over the second period of time corresponds to the use of the computing device over the first period of time in accordance with the user signature.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed are various embodiments of generating a user signature associated with a user and authenticating a user. At least one behavior associated with at least one sensor in a computing device is identified. A timestamp is generated and associated with the behavior. A user signature corresponding to a user based at least in part upon the behavior and the timestamp is generated and stored.

Citations

18 Claims

1. A system, comprising:
- at least one sensor configured to determine at least one of a position or movement of the system; and
  
  circuitry in communication with the at least one sensor, the circuitry being configured to;
  
  identify, using the at least one sensor, at least one behavior associated with use of the system over a first period of time;
  
  generate at least one timestamp associated with the at least one behavior and the first period of time;
  
  generate a user signature corresponding to the use of the system over the first period of time based at least in part upon the at least one behavior and the at least one timestamp,obtain a request to authenticate a user of the system from a system requesting authentication, wherein the request to authenticate the user indicates one of a higher level of authentication or a lower level of authentication,in response to the request, determine whether use of the system over a second period of time other than the first period of time corresponds to the user signature and identify a deviation between the use of the computing device over the second period of time and the use of the computing device over the first period of time;
  
  when the request to authenticate the user indicates the higher level of authentication, comparing the deviation against a lower level of deviation permitted for authentication of the user;
  
  and when the request to authenticate the user indicates the lower level of authentication, comparing the deviation against a higher level of deviation permitted for authentication of the user; and
  
  authenticating the user when the use of the computing device over the second period of time corresponds to the use of the computing device over the first period of time in accordance with the user signature.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The system of claim 1, wherein:
    - the at least one sensor comprises an accelerometer, and the circuitry is further configured to;
      
      identify an acceleration of the system using data from the accelerometer; and
      
      associate the acceleration with the at least one timestamp in the user signature.
  - 3. The system of claim 1, wherein:
    - the at least one sensor comprises a global navigation satellite system (GNSS) chipset, and the circuitry is further configured to;
      
      identify a location of the system using data from the GNSS chipset; and
      
      associate the location with the at least one timestamp in the user signature.
  - 4. The system of claim 1, wherein:
    - the at least one sensor comprises an accelerometer and a global navigation satellite system (GNSS) chipset, and the circuitry is further configured to;
      
      identify a velocity of the system using data from at least one of the accelerometer or the GNSS chipset; and
      
      associate the velocity with the at least one timestamp in the user signature.
  - 5. The system of claim 1, wherein the circuitry is further configured to:
    - identify at least one network to which a wireless network interface of the system is within communication range; and
      
      associate the at least one network with the timestamp in the user signature.

6. A method, comprising:
- identifying, with at least one circuit, at least one behavior associated with use of a computing device over a first period of time using data from at least one sensor;
  
  generating, with the at least one circuit, at least one timestamp associated with the at least one behavior and the first period of time;
  
  generating, with the at least one circuit, a user signature corresponding to the use of the computing device over the first period of time based at least in part upon the at least one behavior and the at least one timestamp,obtaining a request to authenticate a user of the computing device from a system requesting authentication, wherein the request to authenticate the user indicates one of a higher level of authentication or a lower level of authentication;
  
  in response to the request, determining whether use of the computing device over a second period of time other than the first period of time corresponds to the user signature and identifying a deviation between the use of the computing device over the second period of time and the use of the computing device over the first period of time;
  
  when the request to authenticate the user indicates the higher level of authentication, comparing the deviation against a lower level of deviation permitted for authentication of the user;
  
  and when the request to authenticate the user indicates the lower level of authentication, comparing the deviation against a higher level of deviation permitted for authentication of the user; and
  
  authenticating the user when the use of the computing device over the second period of time corresponds to the use of the computing device over the first period of time in accordance with the user signature.
- View Dependent Claims (7, 8, 9, 10, 11)
- - 7. The method of claim 6, wherein:
    - the at least one sensor comprises an accelerometer, and identifying the at least one behavior further comprises;
      
      identifying an acceleration of the computing device using data from the accelerometer; and
      
      associating the acceleration with the at least one timestamp in the user signature.
  - 8. The method of claim 6, wherein:
    - the at least one sensor comprises a global navigation satellite system (GNSS) chipset, and identifying the at least one behavior further comprises;
      
      identifying a location of the computing device using data from the GNSS chipset; and
      
      associating the location with the at least one timestamp in the user signature.
  - 9. The method of claim 6, wherein:
    - the at least one sensor further comprises an accelerometer and a global navigation satellite system (GNSS) chipset, and identifying the at least one behavior further comprises;
      
      identifying a velocity of the computing device using data from at least one of the accelerometer or the GNSS chipset; and
      
      associating the velocity with the at least one timestamp in the user signature.
  - 10. The method of claim 6, further comprising:
    - identifying at least one network to which a wireless network interface of the computing device is within communication range; and
      
      associating the at least one network with the at least one timestamp in the user signature.
  - 11. The method of claim 6, wherein the request to authenticate the user indicates a level of authentication, and the method further comprises:
    - in response to the request, identifying a deviation between the use of the computing device over the second period of time and the use of the computing device over the first period of time; and
      
      comparing the deviation against a level of deviation permitted for authentication of the user according to the level of authentication.

12. A non-transitory computer-readable medium embodying a software program thereon, the software program, when executed by a computing device, directing the computing device to perform a method, comprising:
- identifying, with the computing device, a behavior associated with use of the computing device over a first period of time using data from at least one sensor;
  
  generating, with the computing device, at least one timestamp associated with the behavior and the first period of time;
  
  generating, with the computing device, a user signature corresponding to the use of the computing device over the first period of time based at least in part upon the behavior and the at least one timestamp;
  
  obtaining a request to authenticate a user of the computing device from a system requesting authentication, wherein the request to authenticate the user indicates one of a higher level of authentication or a lower level of authentication;
  
  in response to the request, determining whether use of the computing device over a second period of time other than the first period of time corresponds to the user signature and identifying a deviation between the use of the computing device over the second period of time and the use of the computing device over the first period of time; and
  
  when the request to authenticate the user indicates the higher level of authentication, comparing the deviation against a lower level of deviation permitted for authentication of the user;
  
  and when the request to authenticate the user indicates the lower level of authentication, comparing the deviation against a higher level of deviation permitted for authentication of the user; and
  
  authenticating the user when the use of the computing device over the second period of time corresponds to the use of the computing device over the first period of time in accordance with the user signature.
- View Dependent Claims (13, 14, 15, 16, 17, 18)
- - 13. The non-transitory computer-readable medium of claim 12, wherein:
    - the at least one sensor comprises an accelerometer, and identifying the behavior further comprises;
      
      identifying an acceleration of the computing device using data from the accelerometer; and
      
      associating the acceleration with the use of the computing device over the first period of time in the user signature.
  - 14. The non-transitory computer-readable medium of claim 12, wherein:
    - the at least one sensor comprises a global navigation satellite system (GNSS) chipset, and identifying the behavior further comprises;
      
      identifying a location of the computing device using data from the GNSS chipset; and
      
      associating the location with the use of the computing device over the first period of time in the user signature.
  - 15. The non-transitory computer-readable medium of claim 12, wherein the request to authenticate the user indicates a level of authentication, and the method further comprises:
    - in response to the request, identifying a deviation between the use of the computing device over the second period of time and the use of the computing device over the first period of time; and
      
      comparing the deviation against a level of deviation permitted for authentication of the user according to the level of authentication.
  - 16. The non-transitory computer-readable medium of claim 12, wherein the behavior associated with use of the computing device over the first period of time comprises at least one of an angular orientation of the computing device at a time during the first period of time, an acceleration of the system at a time during the first period of time, network access of the computing device during the first period of time, or user input patterns during the first period of time.
  - 17. The non-transitory computer-readable medium of claim 12, further comprising failing to authenticate the user when the use of the computing device over the second period of time does not correspond to the use of the computing device over the first period of time in accordance with the user signature.
  - 18. The non-transitory computer-readable medium of claim 12, further comprising failing to authenticate the user when the use of the computing device over the second period of time indicates a pattern of use and the use of the computing device over the first period of time, in accordance with the user signature, does not indicate a pattern of use.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avago Technologies International Sales Pte Limited (Broadcom, Inc.)
Original Assignee
Broadcom Corporation (Broadcom, Inc.)
Inventors
Sorek, Noam
Primary Examiner(s)
Mehedi, Morshed
Assistant Examiner(s)
LYNCH, SHARON S

Application Number

US13/537,672
Publication Number

US 20130326600A1
Time in Patent Office

837 Days
Field of Search
US Class Current

726/28
CPC Class Codes

G06Q 20/4016   involving fraud or risk lev...

H04L 63/0492   by using a location-limited...

H04L 63/0815   providing single-sign-on or...

H04L 63/107   wherein the security polici...

H04L 9/3297   involving time stamps, e.g....

H04W 12/06   Authentication

H04W 12/12   Detection or prevention of ...

H04W 12/126   Anti-theft arrangements, e....

H04W 12/68   Gesture-dependent or behavi...

H04W 4/021   Services related to particu...

Authenticating users based upon an identity footprint

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Authenticating users based upon an identity footprint

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links