WO2004042540A3 - Methods and apparatus for dynamic user authentication - Google Patents

Methods and apparatus for dynamic user authentication Download PDF

Info

Publication number
WO2004042540A3
WO2004042540A3 PCT/US2003/022686 US0322686W WO2004042540A3 WO 2004042540 A3 WO2004042540 A3 WO 2004042540A3 US 0322686 W US0322686 W US 0322686W WO 2004042540 A3 WO2004042540 A3 WO 2004042540A3
Authority
WO
WIPO (PCT)
Prior art keywords
verification
user
user authentication
authentication
objects
Prior art date
Application number
PCT/US2003/022686
Other languages
French (fr)
Other versions
WO2004042540A2 (en
Inventor
Ganesh N Ramaswamy
Ran Zilca
Oleg Alecksandrovich
Original Assignee
Ibm
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ibm filed Critical Ibm
Priority to AU2003261199A priority Critical patent/AU2003261199A1/en
Priority to JP2004549922A priority patent/JP2006505051A/en
Priority to CA2498603A priority patent/CA2498603C/en
Priority to EP03810747A priority patent/EP1563363A2/en
Publication of WO2004042540A2 publication Critical patent/WO2004042540A2/en
Publication of WO2004042540A3 publication Critical patent/WO2004042540A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F1/00Details not covered by groups G06F3/00 - G06F13/00 and G06F21/00
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan

Abstract

An authentication framework is provided which enables dynamic user authentication that combines multiple authentication objects using a shared context and that permits customizable interaction design to suit varying user preferences and transaction/application requirements. Such a framework provides a high degree of flexibility, accuracy, convenience and robustness. In one illustrative aspect of the invention, an automated technique for user authentication comprises the following steps/operations. First, user input is obtained. At least a portion of the user input is associated with two or more verification objects. Then, the user is verified based on the two or more verification objects in accordance with at least one verification policy operating on a context shared across the two or more verification objects. The user authentication technique of the invention may preferably be implemented in a flexible, distributed architecture comprising at least one client device coupled to at least one verification server. The client device and the verification server may operate together to perform the user authentication techniques of the invention.
PCT/US2003/022686 2002-10-30 2003-07-21 Methods and apparatus for dynamic user authentication WO2004042540A2 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
AU2003261199A AU2003261199A1 (en) 2002-10-30 2003-07-21 Methods and apparatus for dynamic user authentication
JP2004549922A JP2006505051A (en) 2002-10-30 2003-07-21 Apparatus, method and system for use in executing user authentication
CA2498603A CA2498603C (en) 2002-10-30 2003-07-21 Methods and apparatus for dynamic user authentication using customizable context-dependent interaction across multiple verification objects
EP03810747A EP1563363A2 (en) 2002-10-30 2003-07-21 Methods and apparatus for dynamic user authentication

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/283,729 US8171298B2 (en) 2002-10-30 2002-10-30 Methods and apparatus for dynamic user authentication using customizable context-dependent interaction across multiple verification objects
US10/283,729 2002-10-30

Publications (2)

Publication Number Publication Date
WO2004042540A2 WO2004042540A2 (en) 2004-05-21
WO2004042540A3 true WO2004042540A3 (en) 2004-07-22

Family

ID=32174729

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2003/022686 WO2004042540A2 (en) 2002-10-30 2003-07-21 Methods and apparatus for dynamic user authentication

Country Status (9)

Country Link
US (3) US8171298B2 (en)
EP (1) EP1563363A2 (en)
JP (1) JP2006505051A (en)
KR (1) KR100901238B1 (en)
CN (1) CN100380271C (en)
AU (1) AU2003261199A1 (en)
CA (1) CA2498603C (en)
TW (1) TWI233288B (en)
WO (1) WO2004042540A2 (en)

Families Citing this family (76)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6214875B1 (en) 1998-04-14 2001-04-10 Zhenhua Yang Anticancer effects of specific branched-chain fatty acids and related production process
US7372482B2 (en) * 2003-03-28 2008-05-13 Hewlett-Packard Development Company, L.P. System and method of capturing and providing supplemental data associated with a digital image
US7363487B2 (en) * 2003-07-01 2008-04-22 International Business Machines Corporation Method and system for dynamic client authentication in support of JAAS programming model
EP1679627A4 (en) * 2003-10-31 2009-07-22 Fujitsu Microelectronics Ltd Verification support device, verification support method, verification support program, and recording medium
US7533407B2 (en) 2003-12-16 2009-05-12 Microsoft Corporation System and methods for providing network quarantine
US20050182925A1 (en) * 2004-02-12 2005-08-18 Yoshihiro Tsukamura Multi-mode token
US20050267954A1 (en) * 2004-04-27 2005-12-01 Microsoft Corporation System and methods for providing network quarantine
US8842887B2 (en) * 2004-06-14 2014-09-23 Rodney Beatson Method and system for combining a PIN and a biometric sample to provide template encryption and a trusted stand-alone computing device
US9286457B2 (en) 2004-06-14 2016-03-15 Rodney Beatson Method and system for providing password-free, hardware-rooted, ASIC-based authentication of a human to a mobile device using biometrics with a protected, local template to release trusted credentials to relying parties
JP2006011768A (en) * 2004-06-25 2006-01-12 Toshiba Corp Authentication system and apparatus
US7657923B2 (en) * 2004-07-23 2010-02-02 Microsoft Corporation Framework for a security system
US20060130150A1 (en) * 2004-12-09 2006-06-15 Garza-Gonzalez Daniel C Context-sensitive authorization
US20060294390A1 (en) 2005-06-23 2006-12-28 International Business Machines Corporation Method and apparatus for sequential authentication using one or more error rates characterizing each security challenge
FI20050770A (en) * 2005-07-19 2007-01-20 Ssh Comm Security Corp Verification in the context of security policy
JP2007149066A (en) * 2005-10-25 2007-06-14 Toshiba Corp Authentication system, device and program
US7526677B2 (en) 2005-10-31 2009-04-28 Microsoft Corporation Fragility handling
US7827545B2 (en) 2005-12-15 2010-11-02 Microsoft Corporation Dynamic remediation of a client computer seeking access to a network with a quarantine enforcement policy
CN1992596A (en) * 2005-12-27 2007-07-04 国际商业机器公司 User authentication device and method
US20070214364A1 (en) * 2006-03-07 2007-09-13 Roberts Nicole A Dual layer authentication system for securing user access to remote systems and associated methods
US7793096B2 (en) 2006-03-31 2010-09-07 Microsoft Corporation Network access protection
US7818264B2 (en) 2006-06-19 2010-10-19 Visa U.S.A. Inc. Track data encryption
US8364120B2 (en) * 2006-08-02 2013-01-29 Motorola Mobility Llc Identity verification using location over time information
US20080155239A1 (en) * 2006-10-10 2008-06-26 Honeywell International Inc. Automata based storage and execution of application logic in smart card like devices
US8166532B2 (en) * 2006-10-10 2012-04-24 Honeywell International Inc. Decentralized access control framework
US7853987B2 (en) * 2006-10-10 2010-12-14 Honeywell International Inc. Policy language and state machine model for dynamic authorization in physical access control
US8347403B2 (en) * 2006-12-19 2013-01-01 Canon Kabushiki Kaisha Single point authentication for web service policy definition
US8171535B2 (en) * 2006-12-19 2012-05-01 Canon Kabushiki Kaisha Dynamic web service policy broadcasting/enforcement for applications
US20080172715A1 (en) * 2007-01-12 2008-07-17 Microsoft Corporation Scalable context-based authentication
US8006097B2 (en) * 2007-01-31 2011-08-23 International Business Machines Corporation Password generation using genre selection
US20080189209A1 (en) * 2007-02-05 2008-08-07 First Data Corporation Real-Time Funds Transfer
US9418501B2 (en) * 2007-02-05 2016-08-16 First Data Corporation Method for digital signature authentication of pin-less debit card account transactions
US20080185429A1 (en) * 2007-02-05 2008-08-07 First Data Corporation Authentication Of PIN-Less Transactions
US9225684B2 (en) 2007-10-29 2015-12-29 Microsoft Technology Licensing, Llc Controlling network access
US8301684B2 (en) * 2009-02-26 2012-10-30 Google Inc. User challenge using information based on geography or user identity
US8572681B2 (en) * 2009-03-11 2013-10-29 Wic Cdn Inc. Methods and systems for identity verification
JP5304509B2 (en) * 2009-07-23 2013-10-02 コニカミノルタ株式会社 Authentication method, authentication apparatus, and authentication processing program
US9672335B2 (en) * 2009-12-17 2017-06-06 Laird H Shuart Cognitive-based logon process for computing device
US20110191247A1 (en) * 2010-01-29 2011-08-04 Ben Dominguez Authentication framework extension to verify identification information
US8719900B2 (en) * 2010-05-18 2014-05-06 Amazon Technologies, Inc. Validating updates to domain name system records
US20110296430A1 (en) * 2010-05-27 2011-12-01 International Business Machines Corporation Context aware data protection
CN102347929A (en) * 2010-07-28 2012-02-08 阿里巴巴集团控股有限公司 Verification method of user identity and apparatus thereof
US8768784B1 (en) * 2010-11-30 2014-07-01 Amazon Technologies, Inc. Expedited seller registration
WO2012174427A2 (en) * 2011-06-16 2012-12-20 OneID Inc. Method and system for determining authentication levels in transactions
US9395800B2 (en) * 2011-09-30 2016-07-19 Qualcomm Incorporated Enabling instant handwritten input on mobile computing devices
US9215223B2 (en) 2012-01-18 2015-12-15 OneID Inc. Methods and systems for secure identity management
KR101392047B1 (en) * 2012-04-05 2014-05-07 주식회사 엘지씨엔에스 Method of verifying user, server and mobile terminal performing the same
US20140082713A1 (en) * 2012-09-18 2014-03-20 Broadcom Corporation System and Method for Location-Based Authentication
US9654977B2 (en) 2012-11-16 2017-05-16 Visa International Service Association Contextualized access control
KR102102179B1 (en) * 2013-03-14 2020-04-21 삼성전자 주식회사 Embedded system, authentication system comprising the same, method of authenticating the system
US10057289B2 (en) 2013-08-12 2018-08-21 International Business Machines Corporation Adjusting multi-factor authentication using context and pre-registration of objects
CN104579670A (en) * 2013-10-28 2015-04-29 腾讯科技(深圳)有限公司 Mobile terminal authentication method and mobile terminal
US9544149B2 (en) 2013-12-16 2017-01-10 Adobe Systems Incorporated Automatic E-signatures in response to conditions and/or events
US9245103B2 (en) 2014-03-31 2016-01-26 Netiq Corporation Personal authentication and access
CN105095726B (en) * 2014-05-08 2018-05-11 阿里巴巴集团控股有限公司 Generate the method and device of identifying code
US20160021105A1 (en) * 2014-07-15 2016-01-21 Sensory, Incorporated Secure Voice Query Processing
US9363263B2 (en) * 2014-08-27 2016-06-07 Bank Of America Corporation Just in time polymorphic authentication
US9529986B2 (en) 2014-10-08 2016-12-27 International Business Machines Corporation Utilizing multiple computing devices to verify identity
US9298901B1 (en) 2014-10-08 2016-03-29 International Business Machines Corporation Credential validation using multiple computing devices
CN105678124A (en) * 2014-11-20 2016-06-15 华为终端(东莞)有限公司 Device and method for enhancing terminal safety
US9990479B2 (en) * 2014-12-27 2018-06-05 Intel Corporation Technologies for authenticating a user of a computing device based on authentication context state
CN105991590B (en) * 2015-02-15 2019-10-18 阿里巴巴集团控股有限公司 A kind of method, system, client and server for verifying user identity
US9935777B2 (en) 2015-08-31 2018-04-03 Adobe Systems Incorporated Electronic signature framework with enhanced security
CN105592074A (en) * 2015-11-26 2016-05-18 中国银联股份有限公司 Method and system of mobile device cooperation authentication on the basis of geographic position
US11025428B2 (en) 2016-05-05 2021-06-01 Neustar, Inc. Systems and methods for enabling trusted communications between controllers
US10958725B2 (en) 2016-05-05 2021-03-23 Neustar, Inc. Systems and methods for distributing partial data to subnetworks
US11277439B2 (en) 2016-05-05 2022-03-15 Neustar, Inc. Systems and methods for mitigating and/or preventing distributed denial-of-service attacks
US11108562B2 (en) 2016-05-05 2021-08-31 Neustar, Inc. Systems and methods for verifying a route taken by a communication
WO2017193093A1 (en) 2016-05-05 2017-11-09 Neustar, Inc. Systems and methods for enabling trusted communications between entities
US10347215B2 (en) * 2016-05-27 2019-07-09 Adobe Inc. Multi-device electronic signature framework
FR3052894A1 (en) * 2016-06-20 2017-12-22 Orange AUTHENTICATION METHOD
US10878424B2 (en) * 2017-04-06 2020-12-29 Mastercard International Incorporated Systems and methods for enhanced user authentication
US10503919B2 (en) 2017-04-10 2019-12-10 Adobe Inc. Electronic signature framework with keystroke biometric authentication
US11368457B2 (en) 2018-02-20 2022-06-21 Visa International Service Association Dynamic learning system for intelligent authentication
TWI752474B (en) * 2020-04-22 2022-01-11 莊連豪 An accessible and intelligent voice recognition system and the control method
US11880439B2 (en) 2021-06-16 2024-01-23 International Business Machines Corporation Enhancing verification in mobile devices using model based on user interaction history
CN113923055B (en) * 2021-12-14 2022-03-04 四川赛闯检测股份有限公司 Network security interface fuzzy detection system based on dynamic strategy

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2342744A (en) * 1998-10-14 2000-04-19 Toshiba Kk User confirmation using biometrics
WO2001090859A1 (en) * 2000-05-19 2001-11-29 Netscape Communications Corporation Adaptive multi-tier authentication system
EP1176489A2 (en) * 2000-07-25 2002-01-30 Dew Engineering and Development Limited Flexible method of user authentication
US20020087894A1 (en) * 2001-01-03 2002-07-04 Foley James M. Method and apparatus for enabling a user to select an authentication method

Family Cites Families (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US87894A (en) * 1869-03-16 Improved method of preparing coon-skins
GB9021489D0 (en) * 1990-10-03 1990-11-14 Ensigma Ltd Methods and apparatus for verifying the originator of a sequence of operations
US5657389A (en) * 1995-05-08 1997-08-12 Image Data, Llc Positive identification system and method
US6268788B1 (en) * 1996-11-07 2001-07-31 Litronic Inc. Apparatus and method for providing an authentication system based on biometrics
US7305562B1 (en) 1999-03-09 2007-12-04 Citibank, N.A. System, method and computer program product for an authentication management infrastructure
US6256737B1 (en) 1999-03-09 2001-07-03 Bionetrix Systems Corporation System, method and computer program product for allowing access to enterprise resources using biometric devices
US6587577B1 (en) * 1999-04-21 2003-07-01 International Business Machines Corporation On-line signature verification
US6633981B1 (en) * 1999-06-18 2003-10-14 Intel Corporation Electronic system and method for controlling access through user authentication
EP1959369A1 (en) * 1999-12-10 2008-08-20 Fujitsu Limited User verification system, and portable electronic device with user verification function utilising biometric information
US20030046396A1 (en) * 2000-03-03 2003-03-06 Richter Roger K. Systems and methods for managing resource utilization in information management environments
AU2001255627A1 (en) * 2000-04-24 2001-11-07 Spectrum Controls, Inc. Method, system, and apparatus for providing data regarding the operation and monitoring of a control system
US20020091937A1 (en) * 2001-01-10 2002-07-11 Ortiz Luis M. Random biometric authentication methods and systems
JP4390122B2 (en) 2001-03-14 2009-12-24 富士通株式会社 User authentication system using biometric information
JP2003032652A (en) 2001-07-18 2003-01-31 Ricoh Co Ltd Access right management method for contents and recording medium
US20030061520A1 (en) * 2001-09-21 2003-03-27 Zellers Mark H. Method and system to securely change a password in a distributed computing system
JP2003132160A (en) 2001-10-23 2003-05-09 Nec Corp Personal information management system and device, and personal information management program
JP4181772B2 (en) 2001-11-30 2008-11-19 キヤノン株式会社 Service providing apparatus, service providing method, computer-readable recording medium, and computer program
US7194765B2 (en) * 2002-06-12 2007-03-20 Telefonaktiebolaget Lm Ericsson (Publ) Challenge-response user authentication
US7219231B2 (en) * 2002-01-30 2007-05-15 Hewlett-Packard Development Company, L.P. Extensible authentication system and method
US7231657B2 (en) * 2002-02-14 2007-06-12 American Management Systems, Inc. User authentication system and methods thereof

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2342744A (en) * 1998-10-14 2000-04-19 Toshiba Kk User confirmation using biometrics
WO2001090859A1 (en) * 2000-05-19 2001-11-29 Netscape Communications Corporation Adaptive multi-tier authentication system
EP1176489A2 (en) * 2000-07-25 2002-01-30 Dew Engineering and Development Limited Flexible method of user authentication
US20020087894A1 (en) * 2001-01-03 2002-07-04 Foley James M. Method and apparatus for enabling a user to select an authentication method

Also Published As

Publication number Publication date
EP1563363A2 (en) 2005-08-17
CA2498603C (en) 2013-12-31
JP2006505051A (en) 2006-02-09
WO2004042540A2 (en) 2004-05-21
KR20050075344A (en) 2005-07-20
US20080005788A1 (en) 2008-01-03
US8656469B2 (en) 2014-02-18
CN100380271C (en) 2008-04-09
CA2498603A1 (en) 2004-05-21
TWI233288B (en) 2005-05-21
CN1688953A (en) 2005-10-26
US20120131658A1 (en) 2012-05-24
US20040088587A1 (en) 2004-05-06
US8171298B2 (en) 2012-05-01
AU2003261199A1 (en) 2004-06-07
KR100901238B1 (en) 2009-06-08
TW200412775A (en) 2004-07-16

Similar Documents

Publication Publication Date Title
WO2004042540A3 (en) Methods and apparatus for dynamic user authentication
WO2005008477A3 (en) System and method for dynamic generation of a graphical user interface
WO2005104686A3 (en) Dynamic executable
WO2004019228A3 (en) Method and system for integrating enterprise software applications with desktop software applications
WO2005107137A3 (en) Method and apparatus for authenticating users using two or more factors
AU2003284405A1 (en) Information processing device, server client system, method, and computer program
WO2003012595A3 (en) Registration apparatus and method, as for voting
WO2002043463A3 (en) Systems and methods for generating hardware description code
WO2005086569A3 (en) System, method and apparatus for electronic authentication
TW200513962A (en) Method and system of providing customizable buttons
WO2005022334A3 (en) Method and apparatus for providing desktop application functionality in a client/server architecture
WO2004051444A3 (en) Providing a secure execution mode in a pre-boot environment
WO2005045709A8 (en) Distributed document version control
WO2006024816A3 (en) Data certification methods and apparatus
WO2005048023A3 (en) Techniques for analyzing the performance of websites
WO2003069490A1 (en) User authentication method and user authentication system
WO2005104013A3 (en) Enhancing images superimposed on uneven or partially obscured background
WO2005008403A3 (en) Apparatuses and methods for dynamic creation of phase gantt charts
WO2007137166A3 (en) Dynamic web services system and method for use of personal trusted devices and identity tokens
WO2005022888A3 (en) System and method for performing purchase transactions utilizing a broadcast-based device
WO2004019231A3 (en) Web services apparatus and methods
WO2005025292A3 (en) System and method for risk based authentication
AU2003253405A1 (en) Method, data processing device and computer program product for processing data
GB2397910B (en) Methods and apparatus for rapidly activating inactive components in a computer system
WO2004092864A3 (en) Client-server authentication using the challenge-response principle

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NI NO NZ OM PG PH PL PT RO RU SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG UZ VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
WWE Wipo information: entry into national phase

Ref document number: 2498603

Country of ref document: CA

WWE Wipo information: entry into national phase

Ref document number: 2003261199

Country of ref document: AU

WWE Wipo information: entry into national phase

Ref document number: 1020057005505

Country of ref document: KR

WWE Wipo information: entry into national phase

Ref document number: 1342/DELNP/2005

Country of ref document: IN

WWE Wipo information: entry into national phase

Ref document number: 168073

Country of ref document: IL

WWE Wipo information: entry into national phase

Ref document number: 20038245221

Country of ref document: CN

WWE Wipo information: entry into national phase

Ref document number: 2004549922

Country of ref document: JP

WWE Wipo information: entry into national phase

Ref document number: 2003810747

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 1020057005505

Country of ref document: KR

WWP Wipo information: published in national office

Ref document number: 2003810747

Country of ref document: EP

DPE2 Request for preliminary examination filed before expiration of 19th month from priority date (pct application filed from 20040101)