USER AUTHENTICATION RELYING ON RECURRING PUBLIC EVENTS FOR SHARED SECRETS

US 20170054704A1
Filed: 11/04/2016
Published: 02/23/2017
Est. Priority Date: 01/15/2015
Status: Active Grant

First Claim

Patent Images

1. A method for managing access to a resource by an access manager, the method comprising:

designating, at a first time, a variable attribute of a recurring public event as a shared secret between the access manager and a user, wherein the recurring public event is not associated with the resource;

receiving, at a second time occurring after the first time, a shared key from the user, the shared key based on a value of the variable attribute of the recurring public event at a most recent recurrence of the recurring public event relative to the second time;

evaluating the shared key; and

granting, in response to the evaluating, the user access to the resource.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An access manager manages access to a resource. At a first time, the access manager designates a variable attribute associated with a recurring public event as a shared secret between the access manager and a user. At a second time occurring after the first time, the access manager receives a shared key from the user. As received, the shared key is based on a value of the variable attribute associated with the recurring public event at a most recent recurrence of the recurring public event relative to the second time. The access manager evaluates the shared key. In response to the evaluation, the access manager grants or denies the user access to the resource.

7 Citations

View as Search Results

20 Claims

1. A method for managing access to a resource by an access manager, the method comprising:
- designating, at a first time, a variable attribute of a recurring public event as a shared secret between the access manager and a user, wherein the recurring public event is not associated with the resource;
  
  receiving, at a second time occurring after the first time, a shared key from the user, the shared key based on a value of the variable attribute of the recurring public event at a most recent recurrence of the recurring public event relative to the second time;
  
  evaluating the shared key; and
  
  granting, in response to the evaluating, the user access to the resource.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein the most recent recurrence of the recurring public event relative to the second time occurred after the first time and before the second time.
  - 3. The method of claim 1, wherein the recurring public event is independent of influence by the user and the access manager.
  - 4. The method of claim 1, wherein a particular value of the variable attribute of the recurring public event at a particular recurrence of the recurring public event is, prior to the particular recurrence, unknowable by the access manager and the user.
  - 5. The method of claim 1, wherein the shared key is a hash of the value of the variable attribute of the recurring public event at the most recent recurrence of the recurring public event.
  - 6. The method of claim 1, wherein each recurrence of the recurring public event is publicly disseminated by at least one third party during that recurrence.
  - 7. The method of claim 1, wherein the evaluating the shared key comprises:
    - obtaining, from a third party information source, the value of the variable attribute of the recurring public event at the most recent recurrence of the recurring public event;
      
      generating, based on the value of the variable attribute of the recurring public event at the most recent recurrence of the recurring public event, a duplicate of the shared key; and
      
      comparing the shared key to the duplicate of the shared key.
  - 8. The method of claim 1 further comprising:
    - receiving, at a third time occurring after the second time, a second shared key from the user, the second shared key based on a value of the variable attribute of the recurring public event at a most recent recurrence of the recurring public event relative to the third time, wherein the most recent recurrence of the recurring public event relative to the third time occurred after the most recent recurrence of the recurring public event relative to the second time, and wherein the second shared key is different from the first shared key;
      
      evaluating the second shared key; and
      
      granting, in response to the evaluating, the user re-access to the resource.
  - 9. The method of claim 1 further comprising:
    - re-receiving, at a third time occurring after the second time, the shared key, wherein a most recent recurrence of the recurring public event relative to the third time occurred after the most recent recurrence of the recurring public event relative to the second time;
      
      reevaluating the shared key; and
      
      denying, in response to the reevaluating, re-access to the resource.
  - 10. The method of claim 1 further comprising:
    - designating, at the first time, a second variable attribute of a second recurring public event as a second shared secret between the access manager and a second user;
      
      receiving, at a third time occurring after the first time, a second shared key from the second user, the second shared key based on a value of the second variable attribute of the second recurring public event at a most recent recurrence of the second recurring public event relative to the third time;
      
      evaluating the second shared key; and
      
      granting, in response to the evaluating the second shared key, the second user access to the resource.
  - 11. The method of claim 1 further comprising:
    - monitoring, subsequent to the designating, each recurrence of the recurring public event;
      
      maintaining, based on the monitoring, an updated list including a value of the variable attribute of the recurring public event at each of a predetermined number of recent recurrences of the recurring public event;
      
      receiving, at a third time occurring after the second time, a second shared key from the user, the second shared key based on a value of the variable attribute of the recurring public event at a one of the predetermined number of recent recurrences of the recurring public event relative to the third time, wherein the one of the predetermined number of most recent recurrences of the recurring public event relative to the third time is not the most recent recurrence of the recurrence of the recurring public event relative to the third time;
      
      evaluating, based on the updated list, the second shared key; and
      
      granting, in response to the evaluating, the user re-access to the resource.

12. A computer program product for managing access to a resource by an access manager, the computer program product comprising a computer readable storage medium having program instructions embodied therewith, the program instructions executable by a computer to cause the computer to perform a method comprising:
- designating, at a first time, a variable attribute of a recurring public event as a shared secret between the access manager and a user, wherein the recurring public event is not associated with the resource;
  
  receiving, at a second time occurring after the first time, a shared key from the user, the shared key based on a value of the variable attribute of the recurring public event at a most recent recurrence of the recurring public event relative to the second time;
  
  evaluating the shared key; and
  
  granting, in response to the evaluating, the user access to the resource.
- View Dependent Claims (13, 14, 15, 16)
- - 13. The computer program product of claim 12, wherein the method further comprises:
    - monitoring the variable attribute of the recurring public event;
      
      determining, based on the monitoring, that the variable attribute of the recurring public event fails to achieve a variability threshold; and
      
      designating, based on the determining and in place of the variable attribute of the recurring public event, a second variable attribute of a second recurring public event as the shared secret between the access manager and the user.
  - 14. The computer program product of claim 12, wherein the most recent recurrence of the recurring public event relative to the second time occurred after the first time.
  - 15. The computer program product of claim 12, wherein the recurring public event is independent of influence by the user and the access manager.
  - 16. The computer program product of claim 12, wherein a particular value of the variable attribute of the recurring public event at a particular recurrence of the recurring public event is, prior to the particular recurrence, unknowable by the access manager and the user.

17. A system for managing access to a resource by an access manager, the system comprising:
- a memory; and
  
  at least one processor circuit in communication with the memory, wherein the at least one processor circuit is configured to perform a method comprising;
  
  designating, at a first time, a variable attribute of a recurring public event as a shared secret between the access manager and a user, wherein the recurring public event is not associated with the resource;
  
  receiving, at a second time occurring after the first time, a shared key from the user, the shared key based on a value of the variable attribute of the recurring public event at a most recent recurrence of the recurring public event relative to the second time;
  
  evaluating the shared key; and
  
  granting, in response to the evaluating, the user access to the resource.
- View Dependent Claims (18, 19, 20)
- - 18. The system of claim 17, wherein the most recent recurrence of the recurring public event relative to the second time occurred after the first time.
  - 19. The system of claim 17, wherein the method further comprises:
    - monitoring the variable attribute of the recurring public event;
      
      determining, based on the monitoring, that the variable attribute of the recurring public event fails to achieve a variability threshold; and
      
      designating, based on the determining and in place of the variable attribute of the recurring public event, a second variable attribute of a second recurring public event as the shared secret between the access manager and the user.
  - 20. The system of claim 17, wherein a particular value of the variable attribute of the recurring public event at a particular recurrence of the recurring public event is, prior to the particular recurrence, unknowable by the access manager and the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Barkie, Eric J., Fletcher, Benjamin L., Wyskida, Andrew P.

Granted Patent

US 10,298,558 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/065   for group communications cr...

H04L 63/067   using one-time keys cryptog...

H04L 63/083   using passwords cryptograph...

H04L 63/10   for controlling access to d...

USER AUTHENTICATION RELYING ON RECURRING PUBLIC EVENTS FOR SHARED SECRETS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

7 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

USER AUTHENTICATION RELYING ON RECURRING PUBLIC EVENTS FOR SHARED SECRETS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

7 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links