Keyed human interactive proof players
First Claim
Patent Images
1. A computer-implemented authorization system, comprising:
- an authorization component that generates a distinctive key in response to opening an account, the key used to create a correspondingly distinctive player associated with the account that plays an animated puzzle description uniquely associated with the player and to create an executable that builds a data structure;
a requesting component that installs the player and runs the executable that expands during installation to produce the data structure, such that the distinctive player installed with the data structure as expanded takes substantial storage space so that forwarding the player to another machine is costly, wherein the player plays the animated puzzle description as a human-recognizable abstraction for which a distinctive solution associated with the account is input and sent to the authorization component to obtain the account; and
a microprocessor that executes computer-executable instructions associated with at least one of the authorization component or the requesting component.
2 Assignments
0 Petitions
Accused Products
Abstract
A human interactive puzzle (HIP) authorization architecture where keyed and animated puzzles are executed by HIP players which are distinct and obfuscated to the point where breaking a single player is a relatively costly operation. A key is created in response to a request for a service, a HIP player is created based on the key, and a small installation executable is created that expands during installation to produce a computationally expensive data structure on the client relative to verification of the solution at the server. Thus, copying of the player or relay of the puzzle to a third system requires more time than allowed to receive the solution at the server.
-
Citations
20 Claims
-
1. A computer-implemented authorization system, comprising:
-
an authorization component that generates a distinctive key in response to opening an account, the key used to create a correspondingly distinctive player associated with the account that plays an animated puzzle description uniquely associated with the player and to create an executable that builds a data structure; a requesting component that installs the player and runs the executable that expands during installation to produce the data structure, such that the distinctive player installed with the data structure as expanded takes substantial storage space so that forwarding the player to another machine is costly, wherein the player plays the animated puzzle description as a human-recognizable abstraction for which a distinctive solution associated with the account is input and sent to the authorization component to obtain the account; and a microprocessor that executes computer-executable instructions associated with at least one of the authorization component or the requesting component. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer-implemented authorization method performed by a computer system executing machine-readable instructions, the method comprising acts of:
-
from a requesting site, requesting a service for opening an account of a server; sending a player distinctively created for the account to the requesting site in response to the service request; expanding the player and a data structure during installation at the requesting site such that the distinctive player installed with the data structure as expanded takes substantial storage space so that forwarding the player, as installed, to another machine is costly, wherein; generating arbitrary subparts of the data structure to create an animated proof uniquely associated with the player; playing the animated proof at the requesting site using the player to produce a distinctive solution associated with the account; sending the solution to the animated proof to the server; conditionally granting access to the service by the requesting site based on the solution; and configuring at least one processor to perform at least one of the acts of requesting, sending, expanding, generating, playing, or conditionally granting. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A computer-implemented authorization method performed by a computer system executing machine-readable instructions, the method comprising acts of:
-
from a requesting site, requesting a service for opening an account of a server; sending a distinctive human interactive proof (HIP) player and obfuscated key associated with the account to the requesting site in response to the service request; expanding the HIP player and a data structure at the requesting site during installation expands during installation to produce an expanded data structure such that the distinctive HIP player installed with the expanded data structure takes substantial storage space so that forwarding the player to another machine is costly; generating arbitrary subparts of the data structure based on the key to create an animated HIP proof uniquely associated with the player; playing the animated HIP proof at the requesting site using the HIP player to produce a distinctive solution associated with the account; sending the solution to the animated proof to the server; processing access to the service based on a time at which a correct solution is received at the server; and configuring at least one processor to perform at least one of the acts of requesting, sending, expanding, generating, playing, or processing. - View Dependent Claims (17, 18, 19, 20)
-
Specification