Systems and methods for securely transferring authentication information between a user and an electronic resource

US 9,172,692 B2
Filed: 03/12/2014
Issued: 10/27/2015
Est. Priority Date: 03/14/2013
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating a user for access to an electronic resource from a user interface, the method comprising:

receiving an authentication query from the user interface, wherein the receiving the authentication query includes receiving a user name from the user interface;

receiving authentication information that corresponds to the user name from the user interface, wherein the receiving the authentication information includes;

providing an authentication image to the user interface, wherein the authentication image is associated with a resource-side coordinate system that uniquely defines a plurality of locations within the authentication image, wherein the authentication image includes a map, and further wherein the providing includes;

(i) encoding the resource-side coordinate system using a session-specific coordinate transformation to generate a user-side coordinate system that is different from the resource-side coordinate system; and

(ii) transmitting the authentication image and the user-side coordinate system to the user interface;

receiving an encoded coordinate set from the user interface, wherein the encoded coordinate set uniquely specifies a single authentication location that is user-selected from the plurality of locations within the authentication image and that is identified in the user-side coordinate system; and

decoding the encoded coordinate set by reversing the session-specific coordinate transformation to generate a decoded coordinate set that uniquely specifies the authentication location and that is identified in the resource-side coordinate system; and

comparing the decoded coordinate set to a previously defined user-specific authentication data set; and

one of;

(i) selectively granting the user access to the electronic resource responsive to determining that the decoded coordinate set corresponds to the user-specific authentication data set; and

(ii) selectively denying the user access to the electronic resource responsive to determining that the decoded coordinate set does not correspond to the user-specific authentication data set.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for securely transferring authentication information between a user and an electronic resource are disclosed herein. The methods include providing an authentication image to a user interface. The authentication image is associated with a resource-side coordinate system and the providing includes encoding the resource-side coordinate system to generate a user-side coordinate system that is different from the resource-side coordinate system and transmitting the authentication image and the user-side coordinate system to the user interface. The methods further include receiving an encoded coordinate set, which uniquely identifies an authentication location in the user-side coordinate set and that is user-selected from the authentication image, from the user interface and decoding the encoded coordinate set to generate a decoded coordinate set that uniquely identifies the authentication location in the resource-side coordinate set. The systems include systems that perform the methods.

Citations

17 Claims

1. A method of authenticating a user for access to an electronic resource from a user interface, the method comprising:
- receiving an authentication query from the user interface, wherein the receiving the authentication query includes receiving a user name from the user interface;
  
  receiving authentication information that corresponds to the user name from the user interface, wherein the receiving the authentication information includes;
  
  providing an authentication image to the user interface, wherein the authentication image is associated with a resource-side coordinate system that uniquely defines a plurality of locations within the authentication image, wherein the authentication image includes a map, and further wherein the providing includes;
  
  (i) encoding the resource-side coordinate system using a session-specific coordinate transformation to generate a user-side coordinate system that is different from the resource-side coordinate system; and
  
  (ii) transmitting the authentication image and the user-side coordinate system to the user interface;
  
  receiving an encoded coordinate set from the user interface, wherein the encoded coordinate set uniquely specifies a single authentication location that is user-selected from the plurality of locations within the authentication image and that is identified in the user-side coordinate system; and
  
  decoding the encoded coordinate set by reversing the session-specific coordinate transformation to generate a decoded coordinate set that uniquely specifies the authentication location and that is identified in the resource-side coordinate system; and
  
  comparing the decoded coordinate set to a previously defined user-specific authentication data set; and
  
  one of;
  
  (i) selectively granting the user access to the electronic resource responsive to determining that the decoded coordinate set corresponds to the user-specific authentication data set; and
  
  (ii) selectively denying the user access to the electronic resource responsive to determining that the decoded coordinate set does not correspond to the user-specific authentication data set.

2. A method of transferring authentication information between a user and an electronic resource, the method comprising:
- providing an authentication image to a user interface, wherein the authentication image is associated with a resource-side coordinate system that uniquely defines a plurality of locations within the authentication image, wherein the authentication image includes a map, and further wherein the providing includes;
  
  (i) encoding the resource-side coordinate system using a session-specific coordinate transformation to generate a user-side coordinate system that is different from the resource-side coordinate system; and
  
  (ii) transmitting the authentication image and the user-side coordinate system to the user interface;
  
  receiving an encoded coordinate set from the user interface, wherein the encoded coordinate set uniquely specifies a single authentication location that is user-selected from the plurality of locations within the authentication image and that is identified in the user-side coordinate system; and
  
  decoding the encoded coordinate set by reversing the session-specific coordinate transformation to generate a decoded coordinate set that uniquely specifies the authentication location and that is identified in the resource-side coordinate system.
- View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 3. The method of claim 2, wherein the authentication information includes a password for gaining access to the electronic resource.
  - 4. The method of claim 2, wherein, prior to the providing the authentication image, the method further includes:
    - (i) providing an initial image to the user interface;
      
      (ii) receiving an image display modification instruction from the user interface; and
      
      (iii) modifying the initial image based, at least in part, on the image display modification instruction to generate the authentication image.
  - 5. The method of claim 4, wherein the image display modification instruction includes at least one of a pan instruction, a zoom instruction, and a navigation instruction.
  - 6. The method of claim 4, wherein the initial image is a subset of an image data set that defines an overall image, and further wherein the method includes randomly selecting a portion of the image data set that comprises the initial image.
  - 7. The method of claim 6, wherein the initial image is a subset of the map, and further wherein the method includes randomly selecting a portion of the map that comprises the initial image.
  - 8. The method of claim 2, wherein the encoding includes performing at least one mathematical operation on the resource-side coordinate system to generate the user-side coordinate system.
  - 9. The method of claim 8, wherein the mathematical operation includes at least one of:
    - (i) adding a first constant to the resource-side coordinate system;
      
      (ii) multiplying the resource-side coordinate system by a second constant; and
      
      (iii) applying a mathematical function to the resource-side coordinate system.
  - 10. The method of claim 2, wherein the receiving the encoded coordinate set includes receiving an encoded coordinate set that was input into the user interface by the user without the user inputting keystrokes on a keyboard.
  - 11. The method of claim 2, wherein the decoding includes reversing the session-specific coordinate transformation to define the authentication location within the resource-side coordinate system.
  - 12. The method of claim 2, wherein the method includes performing the method without transferring the decoded coordinate set between the user interface and the electronic resource.
  - 13. The method of claim 2, wherein the providing the authentication image includes providing the authentication image without storing the authentication image within the user interface.
  - 14. A method of defining authentication information to authenticate a user for access to an electronic resource from a user interface, the method comprising:
    - determining a decoded coordinate set by performing the method of claim 2; and
      
      defining a user-specific authentication data set, wherein the user-specific authentication data set is based, at least in part, on the decoded coordinate set.
  - 15. The method of claim 14, wherein the method further includes receiving a user name from the user interface, and further wherein the method includes at least one of:
    - (i) associating the user name with the authentication data set; and
      
      (ii) associating the user name with the authentication image.

16. Non-transitory computer readable storage media including computer-executable instructions that, when executed, direct an electronic resource to transfer authentication information between a user and the electronic resource by:
- providing an authentication image to a user interface, wherein the authentication image is associated with a resource-side coordinate system that uniquely defines a plurality of locations within the authentication image, wherein the authentication image includes a map, and further wherein the providing includes;
  
  (i) encoding the resource-side coordinate system using a session-specific coordinate transformation to generate a user-side coordinate system that is different from the resource-side coordinate system; and
  
  (ii) transmitting the authentication image and the user-side coordinate system to the user interface;
  
  receiving an encoded coordinate set from the user interface, wherein the encoded coordinate set uniquely specifies a single authentication location that is user-selected from the plurality of locations within the authentication image and that is identified in the user-side coordinate system; and
  
  decoding the encoded coordinate set by reversing the session-specific coordinate transformation to generate a decoded coordinate set that uniquely specifies the authentication location and that is identified in the resource-side coordinate system.

17. An information transfer system, comprising:
- a user interface;
  
  an electronic resource including a memory device including computer-executable instructions that, when executed, direct the electronic resource to receive authentication information from the user interface by;
  
  providing an authentication image to the user interface, wherein the authentication image is associated with a resource-side coordinate system that uniquely defines a plurality of locations within the authentication image, wherein the authentication image includes a map, and further wherein the providing includes;
  
  (i) encoding the resource-side coordinate system using a session-specific coordinate transformation to generate a user-side coordinate system that is different from the resource-side coordinate system; and
  
  (ii) transmitting the authentication image and the user-side coordinate system to the user interface;
  
  receiving an encoded coordinate set from the user interface, wherein the encoded coordinate set uniquely specifies a single authentication location that is user-selected from the plurality of locations within the authentication image and that is identified in the user-side coordinate system; and
  
  decoding the encoded coordinate set by reversing the session-specific coordinate transformation to generate a decoded coordinate set that uniquely specifies the authentication location and that is identified in the resource-side coordinate system; and
  
  an information transfer mechanism that is configured to transfer information between the user interface and the electronic resource.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
William M. Langley
Original Assignee
William M. Langley
Inventors
Langley, William M.
Primary Examiner(s)
ZAIDI, SYED A

Application Number

US14/207,065
Publication Number

US 20140282973A1
Time in Patent Office

594 Days
Field of Search

726/7
US Class Current

1/1
CPC Class Codes

G06F 21/36   by graphic or iconic repres...

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

Systems and methods for securely transferring authentication information between a user and an electronic resource

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for securely transferring authentication information between a user and an electronic resource

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links