Keyed human interactive proof players

US 8,984,292 B2
Filed: 06/24/2010
Issued: 03/17/2015
Est. Priority Date: 06/24/2010
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented authorization system, comprising:

an authorization component that generates a distinctive key in response to opening an account, the key used to create a correspondingly distinctive player associated with the account that plays an animated puzzle description uniquely associated with the player and to create an executable that builds a data structure;

a requesting component that installs the player and runs the executable that expands during installation to produce the data structure, such that the distinctive player installed with the data structure as expanded takes substantial storage space so that forwarding the player to another machine is costly, wherein the player plays the animated puzzle description as a human-recognizable abstraction for which a distinctive solution associated with the account is input and sent to the authorization component to obtain the account; and

a microprocessor that executes computer-executable instructions associated with at least one of the authorization component or the requesting component.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A human interactive puzzle (HIP) authorization architecture where keyed and animated puzzles are executed by HIP players which are distinct and obfuscated to the point where breaking a single player is a relatively costly operation. A key is created in response to a request for a service, a HIP player is created based on the key, and a small installation executable is created that expands during installation to produce a computationally expensive data structure on the client relative to verification of the solution at the server. Thus, copying of the player or relay of the puzzle to a third system requires more time than allowed to receive the solution at the server.

Citations

20 Claims

1. A computer-implemented authorization system, comprising:
- an authorization component that generates a distinctive key in response to opening an account, the key used to create a correspondingly distinctive player associated with the account that plays an animated puzzle description uniquely associated with the player and to create an executable that builds a data structure;
  
  a requesting component that installs the player and runs the executable that expands during installation to produce the data structure, such that the distinctive player installed with the data structure as expanded takes substantial storage space so that forwarding the player to another machine is costly, wherein the player plays the animated puzzle description as a human-recognizable abstraction for which a distinctive solution associated with the account is input and sent to the authorization component to obtain the account; and
  
  a microprocessor that executes computer-executable instructions associated with at least one of the authorization component or the requesting component.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The system of claim 1, wherein the player is a human interactive proof (HIP) player created specific to the key.
  - 3. The system of claim 1, wherein the key is obfuscated in the player.
  - 4. The system of claim 1, wherein the data structure is permanent or perishable.
  - 5. The system of claim 1, wherein the player is an HIP player as a browser plug-in.
  - 6. The system of claim 1, wherein the key defines the data structure of the executable.
  - 7. The system of claim 1, wherein the authorization component sends the animated puzzle description and a pointer to arbitrary subparts of the data structure to the requesting component to create the animated puzzle description.
  - 8. The system of claim 7, wherein the authorization component verifies the solution based on the animated puzzle description and the pointer.
  - 9. The system of claim 1, wherein the data structure expands according to a time that is greater than a time to utilize the player at a location different than the requesting component.

10. A computer-implemented authorization method performed by a computer system executing machine-readable instructions, the method comprising acts of:
- from a requesting site, requesting a service for opening an account of a server;
  
  sending a player distinctively created for the account to the requesting site in response to the service request;
  
  expanding the player and a data structure during installation at the requesting site such that the distinctive player installed with the data structure as expanded takes substantial storage space so that forwarding the player, as installed, to another machine is costly, wherein;
  
  generating arbitrary subparts of the data structure to create an animated proof uniquely associated with the player;
  
  playing the animated proof at the requesting site using the player to produce a distinctive solution associated with the account;
  
  sending the solution to the animated proof to the server;
  
  conditionally granting access to the service by the requesting site based on the solution; and
  
  configuring at least one processor to perform at least one of the acts of requesting, sending, expanding, generating, playing, or conditionally granting.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The method of claim 10, further comprising imposing a time limit by when the solution must be received at the server to grant access to the service.
  - 12. The method of claim 11, further comprising defining the time condition to be greater than time needed to utilize the player on a site other than the requesting site.
  - 13. The method of claim 10, further comprising encapsulating an obfuscated key in the player and generating random arbitrary subparts from the data structure based on the key.
  - 14. The method of claim 10, wherein the animated proof is a human interactive proof (HIP) and the player plays the HIP to expose a human-recognizable abstraction to which the solution is requested.
  - 15. The method of claim 14, further comprising randomizing the human-recognizable abstraction by adding random translation vectors for each pixel that describes an artifact of the proof.

16. A computer-implemented authorization method performed by a computer system executing machine-readable instructions, the method comprising acts of:
- from a requesting site, requesting a service for opening an account of a server;
  
  sending a distinctive human interactive proof (HIP) player and obfuscated key associated with the account to the requesting site in response to the service request;
  
  expanding the HIP player and a data structure at the requesting site during installation expands during installation to produce an expanded data structure such that the distinctive HIP player installed with the expanded data structure takes substantial storage space so that forwarding the player to another machine is costly;
  
  generating arbitrary subparts of the data structure based on the key to create an animated HIP proof uniquely associated with the player;
  
  playing the animated HIP proof at the requesting site using the HIP player to produce a distinctive solution associated with the account;
  
  sending the solution to the animated proof to the server;
  
  processing access to the service based on a time at which a correct solution is received at the server; and
  
  configuring at least one processor to perform at least one of the acts of requesting, sending, expanding, generating, playing, or processing.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The method of claim 16, further comprising defining time associated with expansion of the data structure to be greater than time to utilize the player on a site other than the requesting site.
  - 18. The method of claim 16, further comprising encapsulating an obfuscated key in the player and generating random arbitrary subparts from the data structure based on the key.
  - 19. The method of claim 16, wherein the HIP player plays the animated HIP proof to expose a human-recognizable abstraction to which the solution is requested.
  - 20. The method of claim 16, wherein the server processes the solution based on the animated HIP proof and a pointer to the arbitrary subparts.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Lind, Jesper B., Kirovski, Darko, Meek, Christopher A.
Primary Examiner(s)
Homayounmehr, Farid
Assistant Examiner(s)
Debnath, Suman

Application Number

US12/822,181
Publication Number

US 20110320822A1
Time in Patent Office

1,727 Days
Field of Search

713/182, 713/186, 713/202, 726/3, 726 5- 7, 726/14, 726/16
US Class Current

713/182
CPC Class Codes

G06F 21/316 by observing the pattern of...

G06F 2221/2103 Challenge-response

Keyed human interactive proof players

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Keyed human interactive proof players

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links