Authenticating a user of a system via an authentication image mechanism
First Claim
Patent Images
1. A system comprising:
- a display;
a processor to execute instructions;
a security processor coupled to the display via a trusted channel to authenticate a user of the system, the trusted channel inaccessible to an operating system of the system; and
a trusted storage coupled to the security processor to store an authentication image and at least one authentication gesture associated with the authentication image, wherein the security processor is to generate a display frame image having the authentication image included within a portion of the display frame image according to a set of random coordinates, provide the display frame image to the display via the trusted channel, receive at least one gesture input value from the user via an untrusted channel, and determine whether the user is authenticated based on the at least one gesture input value and the at least one authentication gesture.
1 Assignment
0 Petitions
Accused Products
Abstract
In an embodiment, the present invention includes a method for receiving a request for user authentication of a system, displaying an authentication image on a display of the system using a set of random coordinates, receiving a plurality of gesture input values from the user, and determining whether to authenticate the user based at least in part on the plurality of gesture input values. Other embodiments are described and claimed.
-
Citations
20 Claims
-
1. A system comprising:
-
a display; a processor to execute instructions; a security processor coupled to the display via a trusted channel to authenticate a user of the system, the trusted channel inaccessible to an operating system of the system; and a trusted storage coupled to the security processor to store an authentication image and at least one authentication gesture associated with the authentication image, wherein the security processor is to generate a display frame image having the authentication image included within a portion of the display frame image according to a set of random coordinates, provide the display frame image to the display via the trusted channel, receive at least one gesture input value from the user via an untrusted channel, and determine whether the user is authenticated based on the at least one gesture input value and the at least one authentication gesture. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. At least one non-transitory machine-readable storage medium including instructions that when executed enable a system to perform a method comprising:
-
receiving, in a security engine of the system, a request for user authentication; preparing, in the security engine, a display frame image including an authentication image, the display frame image larger than the authentication image and the authentication image having an anchor location identified by a set of random coordinates; providing the display frame image including the authentication image within a portion of the display frame image from the security engine to a display of the system via a trusted channel for display of the display frame image on the display of the system, the trusted channel inaccessible to an operating system of the system; and receiving a plurality of gesture input values from the user in the security engine via an untrusted channel of the system, and determining whether to authenticate the user based at least in part on the plurality of gesture input values. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method comprising:
-
preparing, in a security engine of a system, an authentication image according to a first set of coordinates for display of the authentication image on a display of the system to obtain at least one authentication gesture from a user viewing the authentication image; storing the authentication image and the at least one authentication gesture associated with the authentication image in a trusted storage of the system, wherein the authentication image is to be displayed on the display during an authorization challenge; and generating, in the security engine of the system, a display frame image including the authentication image within a portion of the display frame image and anchored to a randomized set of coordinates within the display frame image, providing the display frame image via a trusted channel to the display of the system for display, the trusted channel inaccessible to an operating system of the system, receiving at least one gesture input value from the user based on the display frame image, and determining whether the user is authenticated based on the at least one gesture input value and the at least one authentication gesture. - View Dependent Claims (20)
-
Specification