Authentication using transient event data
First Claim
1. A non-transitory computer readable storage medium configured to store instructions that, when executed by a processor included in a computing device, cause the computing device to authenticate a remote user, by carrying out steps that include:
- receiving a notification that the remote user is unable to provide correct authentication information for accessing a set of application servers, wherein the correct authentication information comprises a valid digital certificate;
generating authentication questions for the remote user using transient event data regarding previous interactions of the remote user with the set of application servers, the authentication questions for presentation to the remote user, wherein;
generating comprises selecting the authentication questions randomly from a pool of authentication questions such that authentication questions based on recently-generated transient event data are more likely to be selected than authentication questions based on older transient event data,a difficulty of the authentication questions is proportional to a confidentiality level of data to which the set of application servers grant access, andthe transient event data comprises at least one of a current desktop remote image of the remote user, a current screensaver, or a list of other devices recently connected to a portable device of the remote user; and
validating the remote user based on answers to the authentication questions.
1 Assignment
0 Petitions
Accused Products
Abstract
Some embodiments provide a method for authenticating a user to access computing resources that uses transient event data regarding previous interactions of the user with the computing resources. The method receives a notification that a user is unable to provide a correct user identifier and password. The method generates authentication questions for the remote user using the transient event data. The authentication questions are presented to the user. The method authenticates the user based on answers to the password recovery questions. The user may be a remote user and the computing resources are a set of application servers to which the user has forgotten a password. The computing resources may be a portable device that the user wishes to access remotely in order to delete data from the portable device.
-
Citations
26 Claims
-
1. A non-transitory computer readable storage medium configured to store instructions that, when executed by a processor included in a computing device, cause the computing device to authenticate a remote user, by carrying out steps that include:
-
receiving a notification that the remote user is unable to provide correct authentication information for accessing a set of application servers, wherein the correct authentication information comprises a valid digital certificate; generating authentication questions for the remote user using transient event data regarding previous interactions of the remote user with the set of application servers, the authentication questions for presentation to the remote user, wherein; generating comprises selecting the authentication questions randomly from a pool of authentication questions such that authentication questions based on recently-generated transient event data are more likely to be selected than authentication questions based on older transient event data, a difficulty of the authentication questions is proportional to a confidentiality level of data to which the set of application servers grant access, and the transient event data comprises at least one of a current desktop remote image of the remote user, a current screensaver, or a list of other devices recently connected to a portable device of the remote user; and validating the remote user based on answers to the authentication questions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer readable storage medium configured to store instructions that, when executed by a processor included in a server computer system, cause the server computer system to carry out steps that include:
-
receiving, from a portable device, a notification that a user of the portable device is requesting to remove personal data from the portable device; connecting remotely to the portable device and retrieving transient event data from the portable device in response to receiving the notification, the transient event data regarding previous interactions of the user with the portable device; generating authentication questions for the user based on the retrieved transient event data in response to retrieving the transient event data, the authentication questions for presentation to the user, wherein; generating comprises selecting the authentication questions randomly from a pool of authentication questions such that authentication questions based on recently-generated transient event data are more likely to be selected than authentication questions based on older transient event data, a difficulty of the authentication questions is proportional to a confidentiality level of the personal data to which the server grants access, and the transient event data comprises a current desktop image of the user, a current screensaver, or a list of other devices recently connected to the portable device; sending the authentication questions to the portable device in response to generating the authentication questions; and in response to receiving, from the portable device, a sufficient number of correct answers provided by the user; initiating a procedure on the portable device to remove the personal data from the portable device. - View Dependent Claims (16, 17, 18, 19, 26)
-
-
20. A method, comprising:
-
at a server computer system; receiving, from a portable device, an indication that a user of the portable device is unable to provide correct authentication information for accessing the portable device, wherein the correct authentication information comprises a valid digital certificate; connecting remotely to the portable device and retrieving transient event data from the portable device in response to receiving the indication, the transient event data regarding previous interactions of the user with the portable device; generating authentication questions for the user based on the retrieved transient event data in response to retrieving the transient event data, the authentication questions for presentation to the user, wherein; generating comprises selecting the authentication questions randomly from a pool of authentication questions such that authentication questions based on recently-generated transient event data are more likely to be selected than authentication questions based on older transient event data, a difficulty of the authentication questions is proportional to a confidentiality level of data to which the server grants access, and the transient event data comprises a current desktop image of the user, a current screensaver, or a list of other devices recently connected to the portable device; sending the authentication questions to the portable device in response to generating the authentication questions; and in response to receiving, from the portable device, a sufficient number of correct answers provided by the user; providing access to the portable device to the user. - View Dependent Claims (21, 22, 23, 24, 25)
-
Specification