Authenticating users based upon an identity footprint

US 9,160,546 B2
Filed: 10/13/2014
Issued: 10/13/2015
Est. Priority Date: 06/05/2012
Status: Active Grant

First Claim

Patent Images

1. A device comprising:

at least one processor circuit configured to;

identify a first behavioral pattern of a user over a first period of time based at least in part on a first plurality of data items generated by at least one sensor device over the first period of time, wherein the first plurality of data items relate to physical behaviors of the user that are external to the device, and a user signature is generated based at least in part on the first behavioral pattern of the user;

receive a request for authentication of the user, the request specifying an authentication level, wherein the authentication level is associated with a behavior deviation level;

identify a second behavioral pattern over a second period of time based at least in part on a second plurality of data items generated by the at least one sensor device over the second period of time;

determine a degree of deviation of the second behavioral pattern with respect to the user signature;

determine whether the degree of deviation satisfies the behavior deviation level associated with the authentication level, wherein different behavior deviation levels are satisfied by different degrees of deviation between the second behavioral pattern and the user signature, the behavior deviation level decreases as the authentication level with which the behavior deviation level is associated increases, and the behavior deviation level increases as the authentication level with which the behavior deviation level is associated decreases; and

provide an authentication success indication when the degree of deviation satisfies the behavior deviation level, otherwise providing an authentication failure indication.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed are various embodiments of generating a user signature associated with a user and authenticating a user. At least one behavior associated with at least one sensor in a computing device is identified. A timestamp is generated and associated with the behavior. A user signature corresponding to a user based at least in part upon the behavior and the timestamp is generated and stored.

Citations

20 Claims

1. A device comprising:
- at least one processor circuit configured to;
  
  identify a first behavioral pattern of a user over a first period of time based at least in part on a first plurality of data items generated by at least one sensor device over the first period of time, wherein the first plurality of data items relate to physical behaviors of the user that are external to the device, and a user signature is generated based at least in part on the first behavioral pattern of the user;
  
  receive a request for authentication of the user, the request specifying an authentication level, wherein the authentication level is associated with a behavior deviation level;
  
  identify a second behavioral pattern over a second period of time based at least in part on a second plurality of data items generated by the at least one sensor device over the second period of time;
  
  determine a degree of deviation of the second behavioral pattern with respect to the user signature;
  
  determine whether the degree of deviation satisfies the behavior deviation level associated with the authentication level, wherein different behavior deviation levels are satisfied by different degrees of deviation between the second behavioral pattern and the user signature, the behavior deviation level decreases as the authentication level with which the behavior deviation level is associated increases, and the behavior deviation level increases as the authentication level with which the behavior deviation level is associated decreases; and
  
  provide an authentication success indication when the degree of deviation satisfies the behavior deviation level, otherwise providing an authentication failure indication.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The device of claim 1, wherein the at least one processor circuit is further configured to:
    - receive the request for authentication from another device that is external to the device, andprovide the authentication success indication and the authentication failure indication to the another device.
  - 3. The device of claim 1, wherein the request comprises a field that specifies the authentication level.
  - 4. The device of claim 1, wherein the first behavioral pattern of the user comprises a daily routine of the user that is described by a sequence of movements of the user, each movement of the sequence being identified by at least a velocity and a location of the user.
  - 5. The device of claim 1, wherein the second period of time is subsequent to the first period of time and the second period of time immediately precedes, or is immediately subsequent to, receipt of the request.
  - 6. The device of claim 1, wherein the at least one processor circuit is further configured to:
    - encrypt the first behavioral pattern; and
      
      transmit the first behavioral pattern that is encrypted to a remote server, wherein the user signature is generated by the remote server.
  - 7. The device of claim 6, wherein the at least one processor circuit is further configured to:
    - encrypt the second behavioral pattern;
      
      transmit the second behavioral pattern that is encrypted to the remote server; and
      
      receive the degree of deviation from the remote server.
  - 8. The device of claim 1, wherein the at least one sensor device is separate from the device.
  - 9. The device of claim 1, wherein the device comprises the at least one sensor device.
  - 10. The device of claim 1, wherein the at least one processor circuit is further configured to:
    - receive a password from the user;
      
      verify the password of the user; and
      
      provide the authentication success indication when the degree of deviation satisfies the behavior deviation level and the password is verified.

11. A method implemented by at least one device, the method comprising:
- obtaining a first plurality of data items generated by at least one sensor device over a first period of time, wherein the first plurality of data items relate to behaviors of a user;
  
  identifying, based at least in part on the first plurality of data items, a first behavioral pattern of the user over the first period of time, wherein a user signature is generated based at least in part on the first behavioral pattern of the user;
  
  receiving a request for authentication of the user, the request specifying an authentication level for the request, wherein the authentication level is associated with a behavior deviation level;
  
  obtaining a second plurality of data items, the second plurality of data items having been generated by the at least one sensor device over a second period of time that immediately preceded receiving the request for authentication;
  
  identifying, based at least in part on the second plurality of data items, a second behavioral pattern of the user over the second period of time;
  
  determining a degree of deviation of the second behavioral pattern of the user with respect to the user signature;
  
  determining whether the degree of deviation satisfies the behavior deviation level associated with the authentication level, wherein different behavior deviation levels are satisfied by different degrees of deviation between the second behavioral pattern and the user signature, the behavior deviation level decreases as the authentication level with which the behavior deviation level is associated increases, and the behavior deviation level increases as the authentication level with which the behavior deviation level is associated decreases; and
  
  providing an authentication success indication when the degree of deviation satisfies the behavior deviation level, otherwise providing an authentication failure indication.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The method of claim 11, wherein the request for authentication is received over a network from another device that is external to the at least one device, and the authentication success indication and the authentication failure indication are provided to the another device over the network.
  - 13. The method of claim 11, wherein the behaviors of the user comprise physical actions performed by the user that do not involve the at least one device.
  - 14. The method of claim 11, wherein the request comprises a field that specifies the authentication level.
  - 15. The method of claim 11, wherein the first behavioral pattern of the user comprises a daily routine of the user that is described by a sequence of movements of the user, each movement of the sequence being identified by at least a velocity and a location of the user.
  - 16. The method of claim 11, further comprising:
    - encrypting the first behavioral pattern; and
      
      transmitting the first behavioral pattern to a remote server.
  - 17. The method of claim 16, wherein determining the degree of deviation of the second behavioral pattern of the user with respect to the first behavioral pattern of the user comprises:
    - encrypting the second behavioral pattern;
      
      transmitting the second behavioral pattern to the remote server; and
      
      receiving the degree of deviation from the remote server.

18. A computer program product comprising instructions stored in a tangible non-transitory computer-readable storage medium executed by a computing device, the instructions comprising:
- instructions to identify a first behavioral pattern of a user for a first period of time based at least in part on monitored behaviors of the user over the first period of time and generate a user signature based at least in part on the first behavioral pattern of the user;
  
  instructions to receive a request for authentication of the user, the request specifying an authentication level for the request, wherein the authentication level is associated with a behavior deviation level;
  
  instructions to generate a second behavioral pattern of the user for a second period of time based at least in part on monitored behaviors of the user over the second period of time, wherein the second period of time immediately preceded receipt of the request;
  
  instructions to determine a degree of deviation of the second behavioral pattern of the user with respect to the user signature;
  
  instructions to determine whether the degree of deviation satisfies the behavior deviation level associated with the authentication level, wherein different behavior deviation levels are satisfied by different degrees of deviation between the second behavioral pattern and the user signature, the behavior deviation level decreases as the authentication level with which the behavior deviation level is associated increases, and the behavior deviation level increases as the authentication level with which the behavior deviation level is associated decreases; and
  
  instructions to provide an authentication success indication when the degree of deviation satisfies the behavior deviation level, otherwise providing an authentication failure indication.
- View Dependent Claims (19, 20)
- - 19. The computer program product of claim 18, the instructions further comprising:
    - instructions to generate the user signature based at least in part on monitored behaviors of the user over at least two non-consecutive periods of time.
  - 20. The computer program product of claim 19, wherein the monitored behaviors of the user occur in a physical environment of the user outside of the computing device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avago Technologies International Sales Pte Limited (Broadcom, Inc.)
Original Assignee
Broadcom Corporation (Broadcom, Inc.)
Inventors
Sorek, Noam
Primary Examiner(s)
Arani, Taghi
Assistant Examiner(s)
LYNCH, SHARON S

Application Number

US14/513,175
Publication Number

US 20150058961A1
Time in Patent Office

365 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06Q 20/4016   involving fraud or risk lev...

H04L 63/0492   by using a location-limited...

H04L 63/0815   providing single-sign-on or...

H04L 63/107   wherein the security polici...

H04L 9/3297   involving time stamps, e.g....

H04W 12/06   Authentication

H04W 12/12   Detection or prevention of ...

H04W 12/126   Anti-theft arrangements, e....

H04W 12/68   Gesture-dependent or behavi...

H04W 4/021   Services related to particu...

Authenticating users based upon an identity footprint

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Authenticating users based upon an identity footprint

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links