Generating challenge response sets utilizing semantic web technology

US 9,497,178 B2
Filed: 12/31/2013
Issued: 11/15/2016
Est. Priority Date: 12/31/2013
Status: Active Grant

First Claim

Patent Images

1. A computer program product for authenticating a user, the computer program product comprising a non-transitory computer readable storage medium having program code embodied therewith, the program code executable by a processor to:

generate a first question for the user, with the first question requesting the user to select a secret entity;

receive, from the user, an original response identifying the secret entity selected by the user, with the original response corresponding to a valid ontology object included in an ontology database;

query the ontology database to determine a plurality of properties and classes of the valid ontology object corresponding to the secret entity; and

generate, based upon a data generalization strategy using the plurality of properties and classes of the valid ontology object, a generated challenge and response set through the use of semantic web technology so that the generated challenge and response set is related semantically to the original user response and does not directly translate back to the original user response.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the present invention relate to generating challenge response sets utilizing semantic web technology. In response to detecting an authentication session for a user, a computing device generates a first challenge question that is semantically related to a second challenge question previously responded to by the user, wherein the authentication session seeks to validate an identification of the user. The computing device determines whether a response to the challenge question by the user is valid. In response to determining that the response to the challenge question by the user was valid, the computing device generates a third challenge question or a notification that the response to the challenge question validates the identification of the user.

38 Citations

6 Claims

1. A computer program product for authenticating a user, the computer program product comprising a non-transitory computer readable storage medium having program code embodied therewith, the program code executable by a processor to:
- generate a first question for the user, with the first question requesting the user to select a secret entity;
  
  receive, from the user, an original response identifying the secret entity selected by the user, with the original response corresponding to a valid ontology object included in an ontology database;
  
  query the ontology database to determine a plurality of properties and classes of the valid ontology object corresponding to the secret entity; and
  
  generate, based upon a data generalization strategy using the plurality of properties and classes of the valid ontology object, a generated challenge and response set through the use of semantic web technology so that the generated challenge and response set is related semantically to the original user response and does not directly translate back to the original user response.
- View Dependent Claims (3, 4)
- - 3. The computer program product of claim 1 wherein the program code is further executable by a processor to:
    - communicate the a challenge portion of the generated challenge and response set to the user;
      
      receive a secondary response from the user;
      
      compare the secondary response to a response portion of the generated challenge and response set to determine whether there is a match; and
      
      taking an authentication-related action based upon whether there is a match.
  - 4. The computer program product of claim 3 wherein:
    - the comparison of the secondary response to the response portion of the generated challenge and response set determines that there is a match; and
      
      the authentication-related action is successful authentication of the user.

2. A computer system for authenticating a user, the computer system comprising:
- one or more computer processors;
  
  one or more non-transitory computer-readable storage media;
  
  program instructions stored on the computer-readable storage media for execution by at least one of the one or more processors to;
  
  generate a first question for the user, with the first question requesting the user to select a secret entity,receive, from the user, an original response identifying the secret entity selected by the user, with the original response corresponding to a valid ontology object included in an ontology database,query the ontology database to determine a plurality of properties and classes of the valid ontology object corresponding to the secret entity, andgenerate, based upon a data generalization strategy using the plurality of properties and classes of the valid ontology object, a generated challenge and response set through the use of semantic web technology so that the generated challenge and response set is related semantically to the original user response and does not directly translate back to the original user response.
- View Dependent Claims (5, 6)
- - 5. The computer system of claim 2 wherein the program instructions stored on the computer-readable storage media are further executable by at least one of the one or more processors to:
    - communicate the a challenge portion of the generated challenge and response set to the user;
      
      receive a secondary response from the user;
      
      compare the secondary response to a response portion of the generated challenge and response set to determine whether there is a match; and
      
      taking an authentication-related action based upon whether there is a match.
  - 6. The computer system of claim 5 wherein:
    - the comparison of the secondary response to the response portion of the generated challenge and response set determines that there is a match; and
      
      the authentication-related action is successful authentication of the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Chow, Ken Y., Tang, Weng S., Xu, Liang
Primary Examiner(s)
Armouche, Hadi
Assistant Examiner(s)
STEINLE, ANDREW J

Application Number

US14/144,781
Publication Number

US 20150188898A1
Time in Patent Office

1,050 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/31   User authentication

G06F 21/316   by observing the pattern of...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2103   Challenge-response

H04L 63/08   for authentication of entit...

Generating challenge response sets utilizing semantic web technology

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

38 Citations

6 Claims

Specification

Solutions

Use Cases

Quick Links

Generating challenge response sets utilizing semantic web technology

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

38 Citations

6 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links