Performing an authentication operation during user access to a computerized resource

US 9,119,539 B1
Filed: 03/28/2012
Issued: 09/01/2015
Est. Priority Date: 12/23/2011
Status: Active Grant

First Claim

Patent Images

1. A method for use in authentication, comprising:

performing a first authentication operation in connection with a user;

based on the first authentication operation, generating an authentication result, the authentication result being constructed and arranged to control user access to a computerized resource;

after the user has accessed the computerized resource in response to the authentication result indicating successful user authentication, performing a second authentication operation based on a first biometric;

based on the second authentication operation, generating a new authentication result;

wherein generating the new authentication result includes;

in response to the new authentication result indicating successful user authentication, providing the user with continued access to the computerized resource, andin response to the new authentication result indicating unsuccessful user authentication, requesting input of a second biometric different to the first biometric in order to facilitate continued user access to the computerized resource.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method, electronic apparatus and computer program product for performing authentication operation is disclosed. An authentication request is received from user of computerized resource. The request comprises user identifier identifying user. The authenticity of user is verified based on user identifier. An access session is established in which user can access resource in response to successfully verifying user. An electronic input signal is received from electronic input device during session. The device is configured to take a biometric measurement from the user. Biometric data is derived from signal. A comparison is performed between biometric data and expected biometric data. An authentication result is generated based on comparison between biometric data and expected biometric data, wherein result can be used for further authentication of user during session.

Citations

17 Claims

1. A method for use in authentication, comprising:
- performing a first authentication operation in connection with a user;
  
  based on the first authentication operation, generating an authentication result, the authentication result being constructed and arranged to control user access to a computerized resource;
  
  after the user has accessed the computerized resource in response to the authentication result indicating successful user authentication, performing a second authentication operation based on a first biometric;
  
  based on the second authentication operation, generating a new authentication result;
  
  wherein generating the new authentication result includes;
  
  in response to the new authentication result indicating successful user authentication, providing the user with continued access to the computerized resource, andin response to the new authentication result indicating unsuccessful user authentication, requesting input of a second biometric different to the first biometric in order to facilitate continued user access to the computerized resource.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method as claimed in claim 1, wherein generating the new authentication result comprises outputting, as an authentication signal, a risk score based on at least one risk factor, wherein the result of the comparison between first biometric and expected biometric data is one risk factor.
  - 3. The method as claimed in claim 2, further comprising:
    - granting access to the computerized resource when the risk score is within a predefined threshold of certainty.
  - 4. The method as claimed in claim 2, further comprising:
    - denying access to the computerized resource when the risk score is outside a predefined threshold of certainty.
  - 5. The method as claimed in claim 1, wherein biometric data is received during user access to the computerized resource.
  - 6. The method as claimed in claim 5, wherein the biometric data is video data.
  - 7. The method as claimed in claim 6, wherein the video data is of the user'"'"'s face.
  - 8. The method as claimed in claim 7, wherein performing the second authentication operation comprises performing a set of computational operations on the video data to identify, as at least part of the biometric data, a current cardiac pulse waveform of the user from the user'"'"'s face.
  - 9. The method as claimed in claim 8, wherein performing the second authentication operation comprises computing measurements of an expected cardiac pulse waveform for the user based on previously obtained biometric data for the user and comparing the current pulse waveform and the expected pulse waveform.

10. An electronic apparatus for use in authentication, comprising:
- an interface;
  
  a memory; and
  
  a controller coupled to the interface and the memory, the controller being constructed and arranged to;
  
  perform a first authentication operation in connection with a user;
  
  based on the first authentication operation, generate an authentication result, the authentication result being constructed and arranged to control user access to a computerized resource;
  
  after the user has accessed the computerized resource in response to the authentication result indicating successful user authentication, perform a second authentication operation based on a first biometric;
  
  based on the second authentication operation, generate a new authentication result;
  
  wherein the controller, when generating the new authentication result, is constructed and arranged to;
  
  in response to the new authentication result indicating successful user authentication, provide the user with continued access to the computerized resource, andin response to the new authentication result indicating unsuccessful user authentication, request input of a second biometric different to the first biometric in order to facilitate continued user access to the computerized resource.
- View Dependent Claims (11, 12, 13)
- - 11. The electronic apparatus as claimed in claim 10, whereingenerating the new authentication result comprises outputting, as an authentication signal, a risk score based on at least one risk factor, wherein the result of the comparison between first biometric and expected biometric data is one risk factor.
  - 12. The electronic apparatus as claimed in claim 11, wherein the controller is constructed and arranged to:
    - grant access to the computerized resource when the risk score is within a predefined threshold of certainty.
  - 13. The electronic apparatus as claimed in claim 11, wherein the controller is constructed and arranged to:
    - deny access to the computerized resource when the risk score is outside a predefined threshold of certainty.

14. A computer program product having a non-transitory computer readable medium which stores a set of instructions for use in authentication, the set of instructions causing a computer to perform a method of:
- performing a first authentication operation in connection with a user;
  
  based on the first authentication operation, generating an authentication result, the authentication result being constructed and arranged to control user access to a computerized resource;
  
  after the user has accessed the computerized resource in response to the authentication result indicating successful user authentication, performing a second authentication operation based on a first biometric;
  
  based on the second authentication operation, generating a new authentication result;
  
  wherein generating the new authentication result includes;
  
  in response to the new authentication result indicating successful user authentication, providing the user with continued access to the computerized resource, andin response to the new authentication result indicating unsuccessful user authentication, requesting input of a second biometric different to the first biometric in order to facilitate continued user access to the computerized resource.
- View Dependent Claims (15, 16, 17)
- - 15. The computer program product as claimed in claim 14, wherein generating the new authentication result comprises outputting, as an authentication signal, a risk score based on at least one risk factor, wherein the result of the comparison between first biometric and expected biometric data is one risk factor.
  - 16. The computer program product as claimed in claim 15, wherein the set of instructions causing a computer to perform a further step of:
    - granting access to the computerized resource when the risk score is within a predefined threshold of certainty.
  - 17. The computer program product as claimed in claim 15, wherein the set of instructions causing a computer to perform a further step of:
    - denying access to the computerized resource when the risk score is outside a predefined threshold of certainty.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Emc IP Holding Company LLC (Dell Technologies Inc.)
Original Assignee
EMC Corporation (Dell Technologies Inc.)
Inventors
Friedman, Lawrence N., Duane, William M., Dotan, Yedidya
Primary Examiner(s)
RUSHING, MARK S

Application Number

US13/432,732
Time in Patent Office

1,252 Days
Field of Search

340/5.52, 340/5.53, 340/5.8, 340/5.81, 340/5.82, 340/5.83, 382/115, 382/173, 707/100
US Class Current

1/1
CPC Class Codes

A61B 5/02438   with portable devices, e.g....

G06F 21/32   using biometric data, e.g. ...

H04L 63/0861   using biometrical features,...

H04L 67/04   specially adapted for termi...

H04L 67/14   Session management for real...

H04W 12/065   Continuous authentication

H04W 12/068   using credential vaults, e....

Performing an authentication operation during user access to a computerized resource

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Performing an authentication operation during user access to a computerized resource

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links