Abstract: A method for providing authentication of a user of a recipient unit when the recipient unit is off-line includes storing one or a plurality of one-time challenge-reply sets based on an on-line communication with a sender unit. In one example, each of the one-time challenge-reply sets includes at least a one-time challenge-reply pair for use in off-line authentication of the user for a particular resource available through the recipient unit. When the user is offline, the method includes selecting at least one of the plurality of stored one-time challenge-reply sets for off-line authentication of the user for the particular resource available through the recipient unit. The one-time challenge-reply sets may be associated with an article.

Abstract: A method for providing authentication of a user of a recipient unit when the recipient unit is off-line includes storing one or a plurality of one-time challenge-reply sets based on an on-line communication with a sender unit. In one example, each of the one-time challenge-reply sets includes at least a one-time challenge-reply pair for use in off-line authentication of the user for a particular resource available through the recipient unit. When the user is offline, the method includes selecting at least one of the plurality of stored one-time challenge-reply sets for off-line authentication of the user for the particular resource available through the recipient unit. The one-time challenge-reply sets may be associated with an article.

Abstract: A method for providing authentication of a user of a recipient unit when the recipient unit is off-line includes storing one or a plurality of challenge-reply sets associated with an article based on an on-line communication with a sender unit. Each of the challenge-reply sets includes at least a challenge-reply pair for use in off-line authentication of the user for a particular resource available through the recipient unit. When the user is offline, the method includes selecting at least one of the plurality of stored challenge-reply sets for off-line authentication of the user for the particular resource available through the recipient unit.

Abstract: A method and apparatus for initializing operation for information security operation for an entity utilizes shared information, such as shared secret information, that may be shared between the entity and other applications or operations within a system to initialize an entity. Prestored shared information that can be used as entity identification data (RV) and authentication data (IAK) that is associated with the entity identification data is encrypted and sent in clear text fashion to an initialization authentication unit, such as a server or other processing unit. The initialization authentication unit requests stored shared data from another processing unit that maintains a database. The other processing system then responds to the request by providing prestored shared data that can be used to, for example, decrypt the encrypted information sent in a clear text fashion to determine whether an entity is a proper user of the information security operation.

Abstract: A method, apparatus and/or system generates a challenge for user authentication, having a challenge data element from a stored pool of challenge data elements. The challenge is based on rule data and stored usage data associated with at least some of the challenge data elements in the stored pool of challenge data elements. The generated challenge is sent for use in an authentication of a user to a sender. A method, apparatus and/or system also generates sender authentication and corresponding location information, having a data element from a stored pool of challenge data elements. Selection of the data elements is based on rule data and stored usage data associated with at least some of the data elements in the stored pool of data elements.

Abstract: A method and apparatus for initializing operation for information security operation for an entity utilizes shared information, such as shared secret information, that may be shared between the entity and other applications or operations within a system to initialize an entity. Prestored shared information that can be used as entity identification data (RV) and authentication data (IAK) that is associated with the entity identification data is encrypted and sent in clear text fashion to an initialization authentication unit, such as a server or other processing unit. The initialization authentication unit requests stored shared data from another processing unit that maintains a database. The other processing system then responds to the request by providing prestored shared data that can be used to, for example, decrypt the encrypted information sent in a clear text fashion to determine whether an entity is a proper user of the information security operation.

Abstract: A method for providing authentication of a user of a recipient unit when the recipient unit is off-line includes storing one or a plurality of challenge-reply sets associated with an article based on an on-line communication with a sender unit. Each of the challenge-reply sets includes at least a challenge-reply pair for use in off-line authentication of the user for a particular resource available through the recipient unit. When the user is offline, the method includes selecting at least one of the plurality of stored challenge-reply sets for off-line authentication of the user for the particular resource available through the recipient unit.

Abstract: A method and apparatus for initializing operation for information security operation for an entity utilizes shared information, such as shared secret information, that may be shared between the entity and other applications or operations within a system to initialize an entity. Prestored shared information that can be used as entity identification data (RV) and authentication data (IAK) that is associated with the entity identification data is encrypted and sent in clear text fashion to an initialization authentication unit, such as a server or other processing unit. The initialization authentication unit requests stored shared data from another processing unit that maintains a database. The other processing system then responds to the request by providing prestored shared data that can be used to, for example, decrypt the encrypted information sent in a clear text fashion to determine whether an entity is a proper user of the information security operation.

Abstract: A system and method stores inquiry data, such as data representing questions or forms containing questions, to facilitate entry of shared authentication data for initialization. The stored inquiry data is retrieved for presentation, in audible or visual form, based on received entity identification data entered, for example, by a user or otherwise obtained by a processing or entity seeking initialization. As such, the system and method produces an entity that, for example, first asks a user for identifying information. The entity identification information, such as an employee number, or other information, is then provided to the entity. This information is then sent to a processing unit, such as a certification authority or other server. The processing unit determines what questions must be asked of the user to identify the user for initialization purposes. These questions are returned to the terminal for application wherein they are presented to the user.