Question generation in knowledge-based authentication from activity logs
First Claim
Patent Images
1. A method of generating knowledge-based authentication (KBA) questions, the method comprising:
- obtaining, from a user device, an activity log of a user, the activity log including pointers to a set of external fact sources;
deriving external facts from each external fact source of the set of external fact sources; and
generating a set of KBA questions from the external facts;
wherein the activity log of the user includes a web browsing history of the user,wherein the pointers to the set of external fact sources include a list of addresses, within the web browsing history, of websites corresponding to the respective addresses and previously visited by the user, the set of external fact sources including the websites addressed by the list of addresses,wherein deriving the set of external facts includes accessing, over a network, each of the websites addressed by the list of addresses and acquiring the external facts from the websites, andwherein the KBA questions are generated by a KBA server from content of websites distinct from the user device, pointed to by the web browsing history on the user device, and visited by the KBA server connecting to the websites over the network.
9 Assignments
0 Petitions
Accused Products
Abstract
An improved technique involves generating KBA questions based on facts from fact sources pointed to by an activity log. A KBA system obtains an activity log from a computer of a user in an organization. For example, the computer records the user'"'"'s web browsing history. The KBA system then considers each entry in the activity log as a source of facts for deriving KBA questions. In the case of a web browsing history, the KBA system generates facts from web pages that the user visited. The KBA system then derives new KBA questions from the facts so derived.
-
Citations
19 Claims
-
1. A method of generating knowledge-based authentication (KBA) questions, the method comprising:
-
obtaining, from a user device, an activity log of a user, the activity log including pointers to a set of external fact sources; deriving external facts from each external fact source of the set of external fact sources; and generating a set of KBA questions from the external facts; wherein the activity log of the user includes a web browsing history of the user, wherein the pointers to the set of external fact sources include a list of addresses, within the web browsing history, of websites corresponding to the respective addresses and previously visited by the user, the set of external fact sources including the websites addressed by the list of addresses, wherein deriving the set of external facts includes accessing, over a network, each of the websites addressed by the list of addresses and acquiring the external facts from the websites, and wherein the KBA questions are generated by a KBA server from content of websites distinct from the user device, pointed to by the web browsing history on the user device, and visited by the KBA server connecting to the websites over the network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system constructed and arranged to generate knowledge-based authentication (KBA) questions, the system comprising:
-
a network interface; memory; and a controller including controlling circuitry coupled to the memory, the controlling circuitry being constructed and arranged to; obtain, from a user device, an activity log of a user, the activity log including pointers to a set of external fact sources; derive external facts from each external fact source of the set of external fact sources; and generate a set of KBA questions from the external facts, wherein the activity log of the user includes-a web browsing history of the user, wherein the pointers to the set of external fact sources include a list of addresses, within the web browsing history, of websites corresponding to the respective addresses and previously visited by the user, the set of external fact sources including the websites addressed by the list of addresses, wherein controlling circuitry constructed and arranged to derive the set of external facts is further constructed and arranged to access, over a network, each of the websites addressed by the list of addresses and acquiring the external facts from the websites, and wherein the KBA questions are generated by a KBA server from content of websites distinct from the user device, pointed to by the web browsing history on the user device, and visited by the KBA server connecting to the websites over the network. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A computer program product having a non-transitory, computer-readable storage medium which stores code to perform a method of generating knowledge-based authentication (KBA) questions, the method comprising:
-
obtaining, from a user device, an activity log of a user, the activity log including pointers to a set of external fact sources; deriving external facts from each external fact source of the set of external fact sources; and generating a set of KBA questions from the external facts; wherein the activity log of the user includes a web browsing history of the user, wherein the pointers to the set of external fact sources include a list of addresses, within the web browsing history, of websites corresponding to the respective addresses and previously visited by the user, the set of external fact sources including the websites addressed by the list of addresses, wherein deriving the set of external facts includes accessing, over a network, each of the websites addressed by the list of addresses and acquiring the external facts from the websites, and wherein the KBA questions are generated by a KBA server from content of websites distinct from the user device, pointed to by the web browsing history on the user device, and visited by the KBA server connecting to the websites over the network. - View Dependent Claims (18, 19)
-
Specification