专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08881266B2 Enterprise password reset 有权
标题翻译：企业密码重置
公开(公告)号：US08881266B2
公开(公告)日：2014-11-04
申请号：US12270159
申请日：2008-11-13
申请人： Richard Chow , Philippe J. P. Golle , Bjorn Markus Jakobsson , Jessica N. Staddon
发明人： Richard Chow , Philippe J. P. Golle , Bjorn Markus Jakobsson , Jessica N. Staddon
IPC分类号： G06F21/31 , G06F17/30 , G06F21/46 , H04L29/06 , G06F7/02
CPC分类号： G06F21/31 , G06F7/02 , G06F17/30 , G06F21/46 , H04L29/06782 , H04L29/06795 , H04L63/0846
摘要： One embodiment of the present invention provides a system for automatically authenticating a user. During operation, the system receives a user's request for authentication. The system then extracts information associated with the user from user-specific information stored in an enterprise computer. The extracted user information does not explicitly relate to a password. The system further generates one or more challenges based on the extracted user information, and receives the user's response to the challenges. Subsequently, the system compares the user's response to the extracted user information, and authenticates the user.
摘要翻译：本发明的一个实施例提供一种用于自动认证用户的系统。在操作期间，系统接收用户的认证请求。系统然后从存储在企业计算机中的用户特定信息中提取与用户相关联的信息。提取的用户信息与密码没有明确的关联。系统进一步基于所提取的用户信息产生一个或多个挑战，并且接收用户对挑战的响应。随后，系统将用户的响应与提取的用户信息进行比较，并对用户进行认证。

2. 发明授权

US08844005B2 Authentication based on user behavior 有权
标题翻译：基于用户行为的认证
公开(公告)号：US08844005B2
公开(公告)日：2014-09-23
申请号：US12270208
申请日：2008-11-13
申请人： Bjorn Markus Jakobsson , Jessica N. Staddon , Philippe J. P. Golle , Richard Chow
发明人： Bjorn Markus Jakobsson , Jessica N. Staddon , Philippe J. P. Golle , Richard Chow
IPC分类号： H04L9/32 , G06F21/31
CPC分类号： G06F21/316
摘要： One embodiment of the present invention provides a system for authenticating a user. During operation, the system records user behavior history at one or more devices associated with the user. The system then extracts user information associated with a place and/or an activity from the recorded user behavior history. The system further generates one or more challenges based on the extracted user information, thereby facilitating the verification of the user's identity.
摘要翻译：本发明的一个实施例提供了一种用于认证用户的系统。在操作期间，系统在与用户相关联的一个或多个设备上记录用户行为历史。系统然后从记录的用户行为历史中提取与地点和/或活动相关联的用户信息。该系统还基于所提取的用户信息进一步产生一个或多个挑战，从而便于验证用户的身份。

3. 发明授权

US08312157B2 Implicit authentication 有权
标题翻译：隐式认证
公开(公告)号：US08312157B2
公开(公告)日：2012-11-13
申请号：US12504159
申请日：2009-07-16
申请人： Bjorn Markus Jakobsson , Mark J. Grandcolas , Philippe J. P. Golle , Richard Chow , Runting Shi
发明人： Bjorn Markus Jakobsson , Mark J. Grandcolas , Philippe J. P. Golle , Richard Chow , Runting Shi
IPC分类号： G06F15/16
CPC分类号： H04L63/102 , G06F21/316 , H04L63/0892 , H04L67/22 , H04L67/306
摘要： Embodiments of the present disclosure provide a method and system for implicitly authenticating a user to access controlled resources. The system receives a request to access the controlled resources. The system then determines a user behavior score based on a user behavior model, and recent contextual data about the user. The user behavior score facilitates identifying a level of consistency between one or more recent user events and a past user behavior pattern. The recent contextual data, which comprise a plurality of data streams, are collected from one or more user devices without prompting the user to perform an action explicitly associated with authentication. The plurality of data streams provide basis for determining the user behavior score, but a data stream alone provides insufficient basis for the determination of the user behavior score. The system also provides the user behavior score to an access controller of the controlled resource.
摘要翻译：本公开的实施例提供了用于隐含地认证用户以访问受控资源的方法和系统。系统接收到访问受控资源的请求。系统然后基于用户行为模型和关于用户的最近的上下文数据来确定用户行为得分。用户行为分数有助于识别一个或多个最近用户事件与过去的用户行为模式之间的一致性水平。包括多个数据流的最近的上下文数据从一个或多个用户设备收集，而不提示用户执行明确地与认证相关联的动作。多个数据流提供用于确定用户行为得分的基础，但单独的数据流为确定用户行为得分提供了不足的基础。该系统还向受控资源的访问控制器提供用户行为得分。

4. 发明申请

US20110016534A1 IMPLICIT AUTHENTICATION 有权
标题翻译：隐含认证
公开(公告)号：US20110016534A1
公开(公告)日：2011-01-20
申请号：US12504159
申请日：2009-07-16
申请人： Bjorn Markus Jakobsson , Mark J. Grandcolas , Philippe J. P. Golle , Richard Chow , Runting Shi
发明人： Bjorn Markus Jakobsson , Mark J. Grandcolas , Philippe J. P. Golle , Richard Chow , Runting Shi
IPC分类号： H04L9/32
CPC分类号： H04L63/102 , G06F21/316 , H04L63/0892 , H04L67/22 , H04L67/306
摘要： Embodiments of the present disclosure provide a method and system for implicitly authenticating a user to access controlled resources. The system receives a request to access the controlled resources. The system then determines a user behavior score based on a user behavior model, and recent contextual data about the user. The user behavior score facilitates identifying a level of consistency between one or more recent user events and a past user behavior pattern. The recent contextual data, which comprise a plurality of data streams, are collected from one or more user devices without prompting the user to perform an action explicitly associated with authentication. The plurality of data streams provide basis for determining the user behavior score, but a data stream alone provides insufficient basis for the determination of the user behavior score. The system also provides the user behavior score to an access controller of the controlled resource.
摘要翻译：本公开的实施例提供了用于隐含地认证用户以访问受控资源的方法和系统。系统接收到访问受控资源的请求。系统然后基于用户行为模型和关于用户的最近的上下文数据来确定用户行为得分。用户行为分数有助于识别一个或多个最近用户事件与过去的用户行为模式之间的一致性水平。包括多个数据流的最近的上下文数据从一个或多个用户设备收集，而不提示用户执行明确地与认证相关联的动作。多个数据流提供用于确定用户行为得分的基础，但单独的数据流为确定用户行为得分提供了不足的基础。该系统还向受控资源的访问控制器提供用户行为得分。

5. 发明授权

US08307407B2 Selectable captchas 有权
标题翻译：可选择的验证码
公开(公告)号：US08307407B2
公开(公告)日：2012-11-06
申请号：US12045917
申请日：2008-03-11
申请人： Bjorn Markus Jakobsson , Philippe J. P. Golle , Richard Chow
发明人： Bjorn Markus Jakobsson , Philippe J. P. Golle , Richard Chow
IPC分类号： G06F7/04 , G06F17/30
CPC分类号： G06F21/31
摘要： A system for displaying a set of selectable CAPTCHAs produces a first set of CAPTCHAs whose images are based at least partially on an alphanumeric sequence, where a respective CAPTCHA in the first set is associated with a CAPTCHA property. The system also produces a second set of CAPTCHAs whose images are based at least partially on an alphanumeric sequence, where a respective CAPTCHA in the second set is not associated with a CAPTCHA property. Next, the system displays the first and second sets of CAPTCHAs. Finally, the system makes respective CAPTCHAs in the first and second sets of CAPTCHAs selectable, thereby allowing a user to pass a CAPTCHA challenge by distinguishing the first set of CAPTCHAs from the second set of CAPTCHAs without typing the words associated with the images.
摘要翻译：用于显示一组可选CAPTCHA的系统产生第一组CAPTCHA，其图像至少部分地基于字母数字序列，其中第一组中的相应CAPTCHA与CAPTCHA属性相关联。该系统还产生第二组CAPTCHA，其图像至少部分地基于字母数字序列，其中第二组中的相应CAPTCHA与CAPTCHA属性不相关联。接下来，系统显示第一组和第二组CAPTCH。最后，系统使CAPTCHAs的第一组CAPTCHA和第二组CAPTCHAs中的相应CAPTCH可选择，从而允许用户通过将CAPTCHA的第一组与第二组CAPTCHAs区分开来而不输入与图像相关联的单词来传递CAPTCHA挑战。

6. 发明授权

US08161534B2 Authenticating users with memorable personal questions 有权
标题翻译：用难忘的个人问题验证用户
公开(公告)号：US08161534B2
公开(公告)日：2012-04-17
申请号：US12270154
申请日：2008-11-13
申请人： Philippe J. P. Golle , Bjorn Markus Jakobsson , Richard Chow
发明人： Philippe J. P. Golle , Bjorn Markus Jakobsson , Richard Chow
IPC分类号： G06F7/04
CPC分类号： G06F2221/2131
摘要： One embodiment provides a system that verifies a user's identity. The system generates a list including a plurality of items and formulates a substantially large set of security questions base on the plurality of items. The number of questions in the set is significantly larger than a subset of security questions presented to the user to reduce the likelihood of the same questions being asked repeatedly. During account creation, the system presents to the user the subset of questions, and receives and stores a response from the user. At least one question in the subset is selected based on user information that is automatically extracted from devices associated with the user. Subsequently, the system receives a request to reset the user's password and presents the subset of questions to the requester. The system determines whether the requester is the user by comparing the requester's response with the stored user response.
摘要翻译：一个实施例提供了一种验证用户身份的系统。系统生成包括多个项目的列表，并且基于多个项目来制定基本上大量的安全问题集合。该集合中的问题数量明显大于向用户呈现的安全问题的一个子集，以减少重复提出相同问题的可能性。在创建帐户期间，系统向用户呈现问题的子集，并接收并存储来自用户的响应。基于从与用户相关联的设备自动提取的用户信息来选择子集中的至少一个问题。随后，系统接收到重置用户密码的请求，并将问题的子集呈现给请求者。系统通过将请求者的响应与存储的用户响应进行比较来确定请求者是否是用户。

7. 发明申请

US20100122340A1 ENTERPRISE PASSWORD RESET 有权
标题翻译：企业密码复位
公开(公告)号：US20100122340A1
公开(公告)日：2010-05-13
申请号：US12270159
申请日：2008-11-13
申请人： Richard Chow , Philippe J.P. Golle , Bjorn Markus Jakobsson , Jessica N. Staddon
发明人： Richard Chow , Philippe J.P. Golle , Bjorn Markus Jakobsson , Jessica N. Staddon
IPC分类号： H04L9/32 , G06F21/00
CPC分类号： G06F21/31 , G06F7/02 , G06F17/30 , G06F21/46 , H04L29/06782 , H04L29/06795 , H04L63/0846
摘要： One embodiment of the present invention provides a system for automatically authenticating a user. During operation, the system receives a user's request for authentication. The system then extracts information associated with the user from user-specific information stored in an enterprise computer. The extracted user information does not explicitly relate to a password. The system further generates one or more challenges based on the extracted user information, and receives the user's response to the challenges. Subsequently, the system compares the user's response to the extracted user information, and authenticates the user.
摘要翻译：本发明的一个实施例提供一种用于自动认证用户的系统。在操作期间，系统接收用户的认证请求。系统然后从存储在企业计算机中的用户特定信息中提取与用户相关联的信息。提取的用户信息与密码没有明确的关联。系统进一步基于所提取的用户信息产生一个或多个挑战，并且接收用户对挑战的响应。随后，系统将用户的响应与提取的用户信息进行比较，并对用户进行认证。

8. 发明申请

US20100122329A1 AUTHENTICATION BASED ON USER BEHAVIOR 有权
标题翻译：基于用户行为的认证
公开(公告)号：US20100122329A1
公开(公告)日：2010-05-13
申请号：US12270208
申请日：2008-11-13
申请人： Bjorn Markus Jakobsson , Jessica N. Staddon , Philippe J.P. Golle , Richard Chow
发明人： Bjorn Markus Jakobsson , Jessica N. Staddon , Philippe J.P. Golle , Richard Chow
IPC分类号： H04L9/32
CPC分类号： G06F21/316
摘要： One embodiment of the present invention provides a system for authenticating a user. During operation, the system records user behavior history at one or more devices associated with the user. The system then extracts user information associated with a place and/or an activity from the recorded user behavior history. The system further generates one or more challenges based on the extracted user information, thereby facilitating the verification of the user's identity.
摘要翻译：本发明的一个实施例提供了一种用于认证用户的系统。在操作期间，系统在与用户相关联的一个或多个设备上记录用户行为历史。系统然后从记录的用户行为历史中提取与地点和/或活动相关联的用户信息。该系统还基于所提取的用户信息进一步产生一个或多个挑战，从而便于验证用户的身份。

9. 发明申请

US20120137340A1 IMPLICIT AUTHENTICATION 审中-公开
标题翻译：隐含认证
公开(公告)号：US20120137340A1
公开(公告)日：2012-05-31
申请号：US12955825
申请日：2010-11-29
申请人： Bjorn Markus Jakobsson , Richard Chow , Runting Shi
发明人： Bjorn Markus Jakobsson , Richard Chow , Runting Shi
IPC分类号： G06F21/00
CPC分类号： G06F21/316 , H04L63/0815 , H04L63/102
摘要： Embodiments of the present disclosure provide a method and system for implicitly authenticating a user to access controlled resources. The system first receives a request to access the controlled resource from a user. Then, the system determines whether the user request is inconsistent with regular user behavior by calculating a user behavior measure derived from historical contextual data of past user events. Next, responsive to the determined inconsistency of the user request, the system collects current contextual data of the user from one or more user devices without prompting the user to perform an explicit action for authentication. The system further updates the user behavior measure based on the collected current contextual data, and provides the updated user behavior measure to an access controller of the controlled resource to make an authentication decision based at least on the updated user behavior measure.
摘要翻译：本公开的实施例提供了用于隐含地认证用户以访问受控资源的方法和系统。系统首先从用户接收到访问受控资源的请求。然后，系统通过计算从过去用户事件的历史上下文数据导出的用户行为度量来确定用户请求是否与常规用户行为不一致。接下来，响应于所确定的用户请求的不一致性，系统从一个或多个用户设备收集用户的当前上下文数据，而不提示用户执行用于认证的显式动作。该系统还基于所收集的当前上下文数据更新用户行为测量，并且将更新的用户行为测量提供给受控资源的访问控制器，以至少基于更新的用户行为度量进行认证决定。

10. 发明申请

US20100122341A1 AUTHENTICATING USERS WITH MEMORABLE PERSONAL QUESTIONS 有权
标题翻译：用可记录的个人问题验证用户
公开(公告)号：US20100122341A1
公开(公告)日：2010-05-13
申请号：US12270154
申请日：2008-11-13
申请人： Philippe J.P. Golle , Bjorn Markus Jakobsson , Richard Chow
发明人： Philippe J.P. Golle , Bjorn Markus Jakobsson , Richard Chow
IPC分类号： G06F7/04
CPC分类号： G06F2221/2131
摘要： One embodiment provides a system that verifies a user's identity. The system generates a list including a plurality of items and formulates a substantially large set of security questions base on the plurality of items. The number of questions in the set is significantly larger than a subset of security questions presented to the user to reduce the likelihood of the same questions being asked repeatedly. During account creation, the system presents to the user the subset of questions, and receives and stores a response from the user. At least one question in the subset is selected based on user information that is automatically extracted from devices associated with the user. Subsequently, the system receives a request to reset the user's password and presents the subset of questions to the requester. The system determines whether the requester is the user by comparing the requester's response with the stored user response.
摘要翻译：一个实施例提供了一种验证用户身份的系统。系统生成包括多个项目的列表，并且基于多个项目来制定基本上大量的安全问题集合。该集合中的问题数量明显大于向用户呈现的安全问题的一个子集，以减少重复提出相同问题的可能性。在创建帐户期间，系统向用户呈现问题的子集，并接收并存储来自用户的响应。基于从与用户相关联的设备自动提取的用户信息来选择子集中的至少一个问题。随后，系统接收到重置用户密码的请求，并将问题的子集呈现给请求者。系统通过将请求者的响应与存储的用户响应进行比较来确定请求者是否是用户。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式