System and method for restricting access to a computer system to live persons by means of semantic association of images

US 8,707,453 B2
Filed: 01/29/2010
Issued: 04/22/2014
Est. Priority Date: 01/29/2010
Status: Expired due to Fees

First Claim

Patent Images

1. A computer implemented method for restricting access to a computer system, resource, or network to humans via an interface displaying a reverse Turing test that exploits the semantic, symbolic, and contextual associations humans instinctively form between images of objects, by requiring the unknown subject of a test to indicate relationships between objects, the method comprising:

a) managing, at the computing device, a first session when a protected resource is requested by an unknown subject;

b) generating, at the computing device, a unique test for each session, based on a combination of configurable and random parameters, said test comprising the images of a plurality of disparate objects, of which a plurality share a meaningful semantic relationship;

wherein the test comprises one of a associative test, requiring the unknown subject to match two objects that share a semantic relationship, or an exclusive test, requiring the unknown subject to isolate a single object which fails to share a semantic relationship with a plurality of other objects;

c) localizing, at the computing device, instructions to the unknown subject, by generating a translated instruction string;

d) composing, at the computing device, the images which comprise the test into a single flattened composite image;

e) administering the test to the unknown subject;

f) evaluating, at the computing device, the response from the unknown subject and providing a pass or fail result, and allowing or denying access to that resource is based on the result; and

g) repeating steps a) through h) in a second session using the alternate of the exclusive test or the associative test that was used in the first iteration for the same or different unknown subject.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for restricting access to a computer system, resource, or network to live persons, and for preventing the execution of automated scripts via an interface intended for human interaction. When queried for access to a protected resource, computer system, or network, the system will respond with a challenge requiring unknown petitioners to solve a visual puzzle before proceeding, said puzzle consisting of a collection of apparently random objects, and exploiting the natural human impulse to form semantic or symbolic associations between images of objects. The subject of the test must either recognize a semantic or symbolic association between two or more objects, or isolate an object that does not belong with the others, indicating their selection with the pointing device on their local computer. If the subject succeeds in passing the test they are granted access to the requested resource, computer system, or network.

16 Citations

View as Search Results

17 Claims

1. A computer implemented method for restricting access to a computer system, resource, or network to humans via an interface displaying a reverse Turing test that exploits the semantic, symbolic, and contextual associations humans instinctively form between images of objects, by requiring the unknown subject of a test to indicate relationships between objects, the method comprising:
- a) managing, at the computing device, a first session when a protected resource is requested by an unknown subject;
  
  b) generating, at the computing device, a unique test for each session, based on a combination of configurable and random parameters, said test comprising the images of a plurality of disparate objects, of which a plurality share a meaningful semantic relationship;
  
  wherein the test comprises one of a associative test, requiring the unknown subject to match two objects that share a semantic relationship, or an exclusive test, requiring the unknown subject to isolate a single object which fails to share a semantic relationship with a plurality of other objects;
  
  c) localizing, at the computing device, instructions to the unknown subject, by generating a translated instruction string;
  
  d) composing, at the computing device, the images which comprise the test into a single flattened composite image;
  
  e) administering the test to the unknown subject;
  
  f) evaluating, at the computing device, the response from the unknown subject and providing a pass or fail result, and allowing or denying access to that resource is based on the result; and
  
  g) repeating steps a) through h) in a second session using the alternate of the exclusive test or the associative test that was used in the first iteration for the same or different unknown subject.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, wherein the instruction further comprises:
    - a translated instruction string that will guide the user to draw a line joining the images of objects that share a semantic relationship, if the test is an associative test, or to circle the image that does not belong, if the test is an exclusive test.
  - 3. The method of claim 1, further comprising a step in which:
    - a query at an images database for the collection of disparate objects for assembly into the single composite test image, and rendering the translated instruction string on top of the composite test image.
  - 4. The method according to claim 1,wherein the associative test further comprises a query in a semantic context database for an object ID of an object that corresponds to a key image selected from an images database, a single object ID that shares a meaningful semantic association with that key object, and a collection consisting of a plurality of object IDs that do not share any meaningful semantic relationship with the key object;
    - andwherein the exclusive test further comprises a query in a semantic context database for an object ID of an object that corresponds to a key image selected from an Images database, and a collection of a plurality of object IDs that share a meaningful semantic relationship with each other, but share no meaningful semantic relationship with the key object.

5. A system for restricting access to a computer system, resource, or network to humans via an interface displaying a reverse Turing test that exploits the semantic, symbolic, and contextual associations humans instinctively form between images of objects, by requiring the unknown subject of a test to indicate relationships between objects, the system comprising:
- one or more CPUs and one or more memory which comprise instructions that when executed implement;
  
  a) a challenge and response agent that manages a first session when a protected resource is requested by an unknown subject;
  
  b) a test creation engine that generates a unique test for each session, based on a combination of configurable and random parameters, said test comprising the images of a plurality of disparate objects, of which a plurality share a meaningful semantic relationship;
  
  wherein the test comprises one of a associative test, requiring the unknown subject to match two objects that share a semantic relationship, or an exclusive test, requiring the unknown subject to isolate a single object which fails to share a semantic relationship with a plurality of other objects;
  
  c) a localization engine which localizes instructions to the unknown subject, by generating a translated instruction string;
  
  d) an image composition engine that composes the images which comprise the test into a single flattened composite image;
  
  e) a client-side test application that administers the test to the unknown subject;
  
  f) a test evaluation engine that evaluates the results from the client-side test application and provides a pass or fail result to the challenge and response agent;
  
  wherein the challenge and response agent allows or denies access to the resource based on the results; and
  
  g) repeating steps a) through h) in a second session using the alternate of the exclusive test or the associative test that was used in the first session for the same or different unknown subject via the same or different client-side test application.
- View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 6. The system of claim 5, wherein the challenge and response agent will respond to any request from an unknown subject for a protected resource, system or network by creating a test session and invoking the test creation engine.
  - 7. The system of claim 5, wherein the test creation engine will instantiate a new test which can be determined either by configuration or by random selection to be of either associative or exclusive logic, and request a single random key image ID from an images database.
  - 8. The system of claim 5, wherein the test creation engine further queries the localization engine for a translated instruction string that will guide the user to draw a line joining the images of objects that share a semantic relationship, if the test is an associative test, or to circle the image that doesn'"'"'t belong, if the test is an exclusive test.
  - 9. The system of claim 8, wherein the image composition engine further creates an image map that stores in the pixels of the image the placement of the individual image objects contained in the composite test image.
  - 10. The system of claim 5, wherein the test creation engine will the pass a collection of image IDs associated with the objects selected for the test, and the translated instruction string to the image composition engine, which will in turn create a composite test image.
  - 11. The system of claim 5, wherein the challenge and response agent will transmit the composite test image to a client-side test application, which can be embedded in an HTML document and is executed on the client computer operated by the unknown subject.
  - 12. The system of claim 5, wherein the client-side test application will instruct the unknown subject to use the pointing device on their local computing device to complete the instructions embedded in the composite test image.
  - 13. The system of claim 5, wherein the client-side test application will start recording the position of the pointing device on the unknown subject'"'"'s local computing device at intervals of a few milliseconds when it receives a press event from the pointing device, and will stop recording and transmit the collected position data back to the challenge and response agent when it receives a release event from the pointing device.
  - 14. The system of claim 5, wherein the challenge and response agent passes the test data to the test evaluation engine, which will plot the position data collected for the pointing device on the unknown subject'"'"'s computing device, and compare it to positions of the separate test sub-images as recorded in the image map corresponding to the composite test image.
  - 15. The system of claim 14, wherein the test evaluation engine will further make the appropriate examination for an associative or exclusive test;
    - wherein if the test is an associative test, the test evaluation engine will return a pass result if the pointing device data forms a line connecting the images of objects that share a semantic relationship without intersecting any of the other unrelated image objects in the composite test image, and a failure result if these conditions are not met;
      
      wherein if the test is an exclusive test, the test evaluation engine will return a pass result if the pointing device data forms a line that encloses the image object that fails to share a semantic relationship without enclosing or intersecting any of the other image objects in the composite test image, and a failure result if these conditions are not met.
  - 16. The system of claim 5, wherein if the test evaluation engine returns a pass result, the challenge and response agent will return a pass result to allow the unknown subject access to the requested computer system, resource, or network;
    - and if it returns a failure result, the challenge and response agent will transmit a failure notification to the unknown subject.
  - 17. The system of claim 5, wherein if the unknown subject fails to pass a test, the challenge and response agent will allow the unknown subject to request a new test, up to a maximum number of retests;
    - after which, the challenge and response agent will simply refuse all requests from the unknown subject for the duration of a cool-down time;
      
      the maximum number of retests and cool-down interval being configurable by an administrator of the system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Christopher Liam Ivey
Original Assignee
Christopher Liam Ivey
Inventors
Ivey, Christopher Liam
Primary Examiner(s)
CHAO, MICHAEL W

Application Number

US12/696,053
Publication Number

US 20110191820A1
Time in Patent Office

1,544 Days
Field of Search

726/28
US Class Current

726/28
CPC Class Codes

G06F 16/00   Information retrieval; Data...

G06F 21/36   by graphic or iconic repres...

G06F 2221/2133   Verifying human interaction...

G06V 10/20   Image preprocessing

System and method for restricting access to a computer system to live persons by means of semantic association of images

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

16 Citations

17 Claims

Specification

Use Cases

Quick Links

Others

System and method for restricting access to a computer system to live persons by means of semantic association of images

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

16 Citations

17 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others