Credential Management Patents (Class 726/18)
-
Patent number: 10482236Abstract: Exemplary embodiments relate to the secure storage of security questions through an immutable log, such as a blockchain. The security questions may be stored in a centralized location, accessible from an application or browser tab running on the user's device. When a security question is required, such as to perform a password reset on a website, the website may interact with the application or browser tab, which retrieves the question(s) from the blockchain. The user may enter their answers to the question(s), which may be hashed by the application or tab. The hashed answers may be entered into the original requesting website, which may verify with the blockchain that the correct answers have been provided. Thus, the requesting website sees neither the questions nor the answers. Additional security features may include logging requests for questions, so that a user can determine if a security question may have been compromised.Type: GrantFiled: March 6, 2019Date of Patent: November 19, 2019Assignee: CAPITAL ONE SERVICES, LLCInventors: Vincent Pham, Austin Grant Walters, Jeremy Edward Goodsitt, Fardin Abdi Taghi Abad, Anh Truong, Kate Key, Kenneth Taylor
-
Patent number: 10462149Abstract: A system comprises a policy storage separately located relative to the user device, the policy database arranged to store information indicative of at least one usage policy set applicable to at least one respective user device. The system is arranged to store user device identification information for each user device associated with the system, the user device identification information being indicative of and unique to a user device associated with the system and being stored separately relative to the user device. The system is also arranged to associate a usage policy set with a user device using the device identification information unique to the user device. The system is also arranged to determine a usage request from a user device and to allow or deny the usage request based on the at least one usage policy set associated with the user device.Type: GrantFiled: October 5, 2016Date of Patent: October 29, 2019Assignee: Family Zone Cyber Safety LtdInventors: Benjamin Shaun Dixon Trigger, Timothy David Levy, Paul Russell Robinson
-
Patent number: 10446153Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for obtaining, for each of multiple words or sub-words, audio data corresponding to multiple users speaking the word or sub-word; training, for each of the multiple words or sub-words, a pre-computed hotword model for the word or sub-word based on the audio data for the word or sub-word; receiving a candidate hotword from a computing device; identifying one or more pre-computed hotword models that correspond to the candidate hotword; and providing the identified, pre-computed hotword models to the computing device.Type: GrantFiled: December 11, 2018Date of Patent: October 15, 2019Assignee: Google LLCInventor: Matthew Sharifi
-
Patent number: 10419435Abstract: A system using mobile devices and a network provides access authentication, authorization and accounting to computing resources using a two-person access rule solution approach. A central access control server coordinates a rule-based authorization process in which a requesting user and one or more authorizing users are engaged in real-time communications to facilitate approved access to a sensitive resource. The technique utilizes mobile cellular interfaces and location service technologies, while also providing traditional security control measures of voice and visual verification of user identities.Type: GrantFiled: February 24, 2017Date of Patent: September 17, 2019Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.Inventor: Michael R. Horton
-
Patent number: 10417408Abstract: Systems, methods, and computer program products are disclosed for authenticating access to a user device using tactile-based feedback provided to a user of the device. A user device may include a display layer and a tactile layer. The user device may be configured to selectively activate portions of the tactile layer to cause opposing regions of a surface of the display layer to become raised relative to other regions of the display surface. A user may be required to specify a sequence of directional movements corresponding to a correct passcode pattern by traversing a path along the raised regions. The particular arrangement of raised regions may change each time access to the user device is requested by activating different portions of the tactile layer, thereby giving the appearance to a third party that a different passcode pattern is being entered each time, and thus, minimizing likelihood of unauthorized passcode detection.Type: GrantFiled: March 10, 2017Date of Patent: September 17, 2019Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Christopher J. Hardee, Steven R. Joroff, Pamela A. Nesbitt, Scott E. Schneider
-
Patent number: 10395016Abstract: For communication pattern recognition, an apparatus is disclosed. The apparatus includes a baseline analysis module that samples predefined sources associated with a user and generates a baseline fingerprint for the user. The apparatus includes an active analysis module that re-samples the predefined sources associated with the user after a predefined time interval and generates an active fingerprint for the user. The apparatus includes a verification module that compares the active fingerprint to the baseline fingerprint and determines whether the active fingerprint closely matches the baseline fingerprint. If the active fingerprint closely matches the baseline fingerprint, then the verification module replaces the baseline fingerprint with the active fingerprint. If the active fingerprint does not match the baseline fingerprint, then the verification module performs a predefined action to rectify differences between the baseline fingerprint and the active fingerprint.Type: GrantFiled: January 24, 2017Date of Patent: August 27, 2019Assignee: International Business Machines CorporationInventors: Timothy J. Baldwin, Andrew Johnson, Peter J. Johnson, Ben Sasson, Fenglian Xu
-
Patent number: 10382620Abstract: A first mobile device may receive user-input data for generation of an electronic message. The electronic message may be generated as the user-input data is received. The first mobile device may identify sensitive information, within the electronic message. The first mobile device may secure the sensitive information. The first mobile device may disable a screen capture function of the first mobile device. The first mobile device may send the electronic message to a second mobile device. The sending of the electronic message to the second mobile device may include the sending of the secured sensitive information.Type: GrantFiled: August 3, 2018Date of Patent: August 13, 2019Assignee: International Business Machines CorporationInventors: Corville O. Allen, Shikhar Kwatra, Andrew R. Freed, Joseph Kozhaya
-
Patent number: 10348816Abstract: A method and apparatus for facilitating access to a plurality of resources is provided. A message that includes a context resource identifier is received at a proxy server from a client through a gateway in communication with both the client and the proxy server. Access to a resource associated with an interface that is referenced by the context resource identifier is controlled by the proxy server using a profile that is dynamically built for a user of the client based on a plurality of resource profiles received from a plurality of interfaces in communication with the proxy server.Type: GrantFiled: October 14, 2015Date of Patent: July 9, 2019Assignee: ADP, LLCInventors: Jigesh Saheba, Roberto A. Masiero, Isabel Espina Carvajal
-
Patent number: 10331337Abstract: In one embodiment, the invention can be a touch input device capable of unlocking a passcode accordance with a touch pressure. The device can include a touch screen which displays a passcode input window; a controller which generates a first control signal as to whether or not a touch on the passcode input window matches a predetermined passcode; and a memory which stores the predetermined passcode. The passcode input window can include a plurality of nodes which are disposed in different positions. The number of touched nodes among the plurality of nodes, the order of the touched nodes among the plurality of nodes, and a pressure level of the touch on each of the touched nodes among the plurality of nodes can be set as the predetermined passcode. Further, the pressure level of the touch can be classified into at least two levels.Type: GrantFiled: April 11, 2017Date of Patent: June 25, 2019Assignee: HiDeep Inc.Inventors: Yunjoung Kim, Seyeob Kim, Hyongsub Yun, Sangsic Yoon, Bonkee Kim, Hojun Moon, Taehoon Kim, Sunyoung Kwon
-
Patent number: 10325086Abstract: A computing device with a graphical authentication interface in which the device displays a base image and authenticates a user when a pre-selected element in a secondary image overlying the base image is aligned with a pre-selected element in the base image.Type: GrantFiled: June 15, 2010Date of Patent: June 18, 2019Assignee: BlackBerry LimitedInventor: Martin Philip Riddiford
-
Patent number: 10303577Abstract: The present disclosure relates to a method, a device and a storage medium for determining a health state of an information system. At first, a baseline configuration document corresponding to the information system is received, and data records under inspection of the information system are acquired. The baseline configuration document defines baselines. Then, each of the data records under inspection is compared with at least one baseline defined in the baseline configuration document to obtain a comparing result between each of the data records under inspection and the at least one baseline. At last, the health state of the information system is determined according to the comparing result between each of the data records under inspection and the at least one baseline. A health-determining apparatus relative to the above-mentioned method is also provided.Type: GrantFiled: June 22, 2018Date of Patent: May 28, 2019Assignee: Tencent Technology (Shenzhen) Company LimitedInventors: Bin Zhou, Dong Shan Xu, Shan Yang Fu
-
Patent number: 10257198Abstract: A system is provided wherein a network control access device that is already in a network, called a Gatekeeper, generates a random short password in the form of a series of audio or visual cues that are visible to the user of a joining device. The joining device can be a simple one button device, or even a no-button device that is part of the internet of things (IOT) standard. The response to each cue can be entered by the user on a single-button joining device. For a no-button joining device, an alternate input method may be utilized on the joining device in response to the audio and visual cues. Alternatively, a password can be generated by the no-button joining device and be entered by the user one bit at-a-time directly onto the Gatekeeper keypad. Once the password is received, the Gatekeeper performs a password verification procedure.Type: GrantFiled: September 12, 2016Date of Patent: April 9, 2019Assignee: ARRIS Enterprises LLCInventor: Alexander Medvinsky
-
Patent number: 10230752Abstract: The disclosure is directed towards systems and methods for improving security in a computer network. The system can include a planner and a plurality of controllers. The controllers can be deployed within each zone of the production network. Each controller can be configured to assume the role of an attacker or a target for malicious network traffic. Simulations of malicious behavior can be performed by the controllers within the production network, and can therefore account for the complexities of the production network, such as stateful connections through switches, routers, and other intermediary devices. In some implementations, the planner can analyze data received from the controllers to provide a holistic analysis of the overall security posture of the production network.Type: GrantFiled: February 24, 2017Date of Patent: March 12, 2019Assignee: VERODIN, INC.Inventors: Christopher B. Key, Paul E. Holzberger, Jr.
-
Patent number: 10211981Abstract: Disclosed herein is a method for generating a high entropy password using a low entropy password and low-entropy login data comprising supplying the low entropy password to a system comprising a generating client and/or a recovery client; and at least n servers; submitting request data derived, at least in part, from the user's low entropy password, where the request data includes authentication data; engaging in a distributed protocol with at least t servers to generate high-entropy values based on stored cryptographic information and a set of authentication information stored on the at least n servers which is checked against the authentication data provided by the user and/or the generating client and/or a recovery client; and generating the high entropy password.Type: GrantFiled: November 16, 2017Date of Patent: February 19, 2019Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Jan L. Camenisch, Franz-Stefan Preiss, Kai Samelin, Dieter M. Sommer
-
Patent number: 10198963Abstract: A secured computerized social networking system for pupils including a mail server operative to interface with a secured parent environment; and a secured pupil environment, the system comprising a computerized environment secured to prevent access thereto, other than by end-users who have passed a what-you-know authentication test; a what-you-know testing functionality; and a graphic what-you-know test-configuring functionality, the system being operative to perform a plurality of selectable system-actions responsive to user input, the system being accessible to non-literate users via a touch screen defining a plurality of touch screen locations respectively corresponding to the plurality of selectable system-actions, the touch screen being operative to detect and distinguish between first and second gestures, the system comprising: a processor-controlled touch-triggered actor; and a processor-controlled touch-triggered oral presenter.Type: GrantFiled: December 11, 2017Date of Patent: February 5, 2019Assignee: GOOGALE (2009) LTD.Inventors: Nir Michalowitz, Michal Peled Rosenvald
-
Patent number: 10182067Abstract: The present disclosure relates to a method, a device and a storage medium for determining a health state of an information system. At first, a baseline configuration document corresponding to the information system is received, and data records under inspection of the information system are acquired. The baseline configuration document defines baselines. Then, each of the data records under inspection is compared with at least one baseline defined in the baseline configuration document to obtain a comparing result between each of the data records under inspection and the at least one baseline. At last, the health state of the information system is determined according to the comparing result between each of the data records under inspection and the at least one baseline. A health-determining apparatus relative to the above-mentioned method is also provided. Therefore, by these method and apparatus, the health state of the information system is quantifiable.Type: GrantFiled: January 7, 2015Date of Patent: January 15, 2019Assignee: Tencent Technology (Shenzhen) Company LimitedInventors: Bin Zhou, Dong Shan Xu, Shan Yang Fu
-
Patent number: 10176318Abstract: Techniques for maintaining and updating authentication information for a plurality of accounts may be provided. In an example a first set of authentication information for the plurality of accounts may be maintained. A second set of authentication information that has been marked as potentially compromised may be received. A third set of authentication information may be generated based on the overlap between the first set of authentication information and the second set of authentication information. The first set of authentication information may be updated based at least in part on one or more security authentication protocols and the third set of authentication information.Type: GrantFiled: October 27, 2017Date of Patent: January 8, 2019Assignee: Amazon Technologies, Inc.Inventors: David James Kane-Parry, Darren Ernest Canavor, Jesper Mikael Johansson
-
Patent number: 10162948Abstract: An authentication system in accordance with an example includes an image capture device to scan an object. The authentication system also includes an authentication module to identify imperfections in the object based on the scan, to generate model data based on the identified imperfections, and to authenticate the user based on a comparison of currently identified imperfections to the model data.Type: GrantFiled: December 6, 2013Date of Patent: December 25, 2018Assignee: Hewlett-Packard Development Company, L.P.Inventors: Valentin Popescu, James Robert Waldron
-
Patent number: 10164969Abstract: A computer security system comprises a security module adapted to control access to a secure computer resource by a user via a client based on verification of a security credential provided by the user. The computer security system also comprises verification data disposed on the client and accessible by the security module. The security module is adapted to enable the user to recover the security credential based on a response received from the user associated with the verification data.Type: GrantFiled: January 11, 2017Date of Patent: December 25, 2018Assignee: Hewlett-Packard Development Company, L.P.Inventors: Valuiddin Ali, Manuel Novoa, Matthew J. Wagner
-
Patent number: 10120989Abstract: A process including: displaying icons used for password entry into an electronic system, in such a way that a hand movement associated with entry of the password into the system is randomized.Type: GrantFiled: June 4, 2014Date of Patent: November 6, 2018Assignee: NOWWW.US Pty. Ltd.Inventor: Mark Rodney Anson
-
Patent number: 10120995Abstract: A device unlock pattern (“pattern password”) is static in that the same pattern is entered each time to unlock a device. Due to this repetition, a pattern password may be discovered by an application that captures touchscreen gestures, by inspection of fingerprints or smudges on a screen, or simply by an onlooker that views the pattern password being entered. A variable hint pattern can be used to impede discovery. A hint pattern is a sub-pattern (“hint”) of the pattern password to be completed for device unlock. A variable hint pattern can impede discovery by changing the sub-pattern at a defined change threshold related to unlock attempts. The device can randomly change the sub-pattern or randomly change the missing portions of the pattern password at each change threshold. As a result, different inputs complete the pattern password. This variance stymies the methods typically used to discover pattern passwords.Type: GrantFiled: December 22, 2015Date of Patent: November 6, 2018Assignee: CA, Inc.Inventors: Yashwant Ramkishan Sawant, Mohammed Mujeeb Kaladgi, Ruqiya Nikhat Kaladgi, Junaid Ahmed Jameel, Jameel Ahmed Kaladgi
-
Patent number: 10097994Abstract: Techniques for resetting authentication for touch-enabled devices are presented. When a user authenticates to a mobile device a touch profile (TP) is recorded. Each subsequent time the user unlocks a locked mobile device via touch, a new TP is noted. The new TP is compared to the recorded TP and if the deviation is within an acceptable tolerance, the user is permitted access to the mobile device without re-authentication. When the new TP is not within the acceptable tolerance of the recorded TP, the user is forced to re-authenticate before access is granted to the mobile device.Type: GrantFiled: March 14, 2016Date of Patent: October 9, 2018Assignee: NetIQ CorporationInventors: Lloyd Leon Burch, Michael F. Angelo, Baha Masoud
-
Patent number: 10032015Abstract: The invention discloses a password input method based on a two-stage conversion. The method specifically includes providing password symbols and randomly providing password-proxy symbols, and building a two-sage association between the password symbols and the password-proxy symbols.Type: GrantFiled: August 7, 2017Date of Patent: July 24, 2018Inventor: Yongpeng Sang
-
Patent number: 10013546Abstract: A computer-implemented method of authenticating a user with a computing device is disclosed. The method involves displaying a grid of selectable visually-distinguishable graphical elements on a device display, receiving from a user of the device a drawn pattern across the selectable graphical elements, comparing the received drawn pattern to information representing a stored authentication pattern for the user, and unlocking access to functions on the device if the received drawn pattern substantially matches the stored authentication pattern.Type: GrantFiled: October 28, 2014Date of Patent: July 3, 2018Assignee: Google LLCInventors: Daniel Johansson, Tobias Arréhn, Simon M. Thorsander, Erick Tseng
-
Patent number: 9971920Abstract: This specification describes technologies relating to biometric authentication based on images of the eye. In general, one aspect of the subject matter described in this specification can be embodied in methods that include obtaining images of a subject including a view of an eye. The methods may further include determining a behavioral metric based on detected movement of the eye as the eye appears in a plurality of the images, determining a spatial metric based on a distance from a sensor to a landmark that appears in a plurality of the images each having a different respective focus distance, and determining a reflectance metric based on detected changes in surface glare or specular reflection patterns on a surface of the eye. The methods may further include determining a score based on the behavioral, spatial, and reflectance metrics and rejecting or accepting the one or more images based on the score.Type: GrantFiled: July 2, 2015Date of Patent: May 15, 2018Assignee: EyeVerify LLCInventors: Reza R. Derakhshani, Casey Hughlett, Jeremy Paben, Joel Teply, Toby Rush
-
Patent number: 9965761Abstract: Described are apparatus and methods for providing secure identification, payment processing and/or signing using a gesture-based input device without biometrics.Type: GrantFiled: January 7, 2015Date of Patent: May 8, 2018Assignee: NOD, INC.Inventors: Anusankar Elangovan, Subash R. Patel
-
Patent number: 9922188Abstract: Embodiments described herein relate to a device operable to process input for a picture password for proof of knowledge. In some embodiments, the device includes a display, an input subsystem, processor(s), and memory containing instructions executable by the processor(s) such that the device is operative to display, on the display of the device, an image for the picture password proof of knowledge. The image is associated with an overlaid grid comprising a plurality of elements, and each element corresponds to a distinct area of the image. The device is further operative to, determine an offset to be used and, in response to receiving an input via the input subsystem at a first location of the display, highlight an element of the overlaid grid at a second location on the first image on the display. The second location is offset from the first location by the offset.Type: GrantFiled: January 18, 2017Date of Patent: March 20, 2018Assignee: Antique Books, Inc.Inventors: Robert H. Thibadeau, Sr., Justin D. Donnell, Robert Thibadeau, Jr.
-
Patent number: 9881148Abstract: The present invention is to enable a user to input authentication information without burden, such that the user only has to memorize part of the authentication information even when inputting lengthy authentication information in order to ensure high-level security. When an operation of inputting and arranging authentication information in an information arrangement region is performed in a state where an arrangement status of a specified portion in the information arrangement region is set in advance as partial-authentication reference information in a reference authentication information memory, a CPU detects an arrangement status of the specified portion from an overall arrangement status in the information arrangement region, and performs, as partial authentication, processing of matching the detected arrangement status of the specified portion and the arrangement status of the specified portion set as the partial-authentication reference information.Type: GrantFiled: December 8, 2015Date of Patent: January 30, 2018Assignee: CASIO COMPUTER CO., LTD.Inventor: Shinichi Hagiwara
-
Patent number: 9858406Abstract: An authenticity accuracy, corresponding to a personal identification number, is determined. A device presents a correct image (or group of images) and an incorrect image (or group of images). Selections from a user are received until a sufficient number of correct images are selected to satisfy the authenticity accuracy. For example, a counter may be incremented when the correct image is selected, and the user may be considered to be authenticated if the counter reaches a sufficient level.Type: GrantFiled: March 24, 2015Date of Patent: January 2, 2018Assignee: Verizon Patent and Licensing Inc.Inventors: Jeffrey M. Getchius, Guy Getchius
-
Patent number: 9807090Abstract: According to one embodiment, a person authentication method includes obtaining, from a medium carried by a person who passes through a first position, first information indicating the gender and the age of the person; performing a first authentication operation with respect to a person whose face image is included in a first image obtained by capturing a person passing through the first position; and setting, as the first authentication operation, an authentication operation to be performed using the face image of a person having the gender and the age specified in the first information.Type: GrantFiled: March 10, 2016Date of Patent: October 31, 2017Assignee: Kabushiki Kaisha ToshibaInventors: Hiroo Saito, Hiroshi Sukegawa
-
Patent number: 9779225Abstract: A method of providing access to secure features of a device includes detecting motion of a secured device during entry of first access credentials on the secured device, storing first motion data in association with the first access credentials, the first motion data indicating a pattern of the detected motion, and granting access to a secured feature of the secured device when a user enters user access credentials matching the first access credentials accompanied by detected motion that produces user motion data matching the first motion data to a degree within a defined valid data range of the first motion data.Type: GrantFiled: April 8, 2015Date of Patent: October 3, 2017Assignee: Google Inc.Inventors: J. Eric Mason, Kenneth Louis Herman, Yash Modi
-
Patent number: 9756218Abstract: A user detecting unit detects a mobile identification device in a communicable range of a wireless communication device, and determines a user in association with the detected mobile identification device and determines user authority of the user among general user authority and administrator user authority. The general user authority is prohibited from using a specific function allowed to the administrator user authority. The login processing unit performs a login process based on the detected user authority for the user. If the mobile identification device with the administrator user authority is detected after the login process based on the general user authority and a distance is less than a predetermined value between the detected mobile identification devices with the general user authority and the administrator user authority, then the authority changing unit changes the user authority of the user from the general user authority to the administrator user authority.Type: GrantFiled: September 29, 2016Date of Patent: September 5, 2017Assignee: Kyocera Document Solutions, Inc.Inventor: Takushi Dandoko
-
Patent number: 9721090Abstract: A system and method of efficiently inspecting content is provided. Embodiments of the invention may inspect files accessed by an application prior to an activation of the application. Selective inspection of files accessed by an application may be based on a previous inspection. Inspection of files accessed by an application may be postponed or performed concurrently with the access. A prioritized queue may include references to files, a priority may be related to a risk level and an inspection order may be according to a risk level.Type: GrantFiled: April 27, 2011Date of Patent: August 1, 2017Assignee: Safend Ltd.Inventors: Pavel Berengoltz, Leonid Dorrendorf, Adam Carmi, Ofer Diamant
-
Patent number: 9720513Abstract: Provided are an apparatus and method for inputting a character The apparatus includes a recognition unit configured to measure lengths from arbitrary points on a user's hands to respective fingertips and recognize a click gesture using the measured lengths, a control unit configured to control character input according to the recognized click gesture, and a display unit configured to display a character pad for the character input and display a character input according to the click gesture recognized on the character pad.Type: GrantFiled: July 20, 2015Date of Patent: August 1, 2017Assignee: Korea Electronics Technology InstituteInventors: Yang Keun Ahn, Kwang Mo Jung
-
Patent number: 9716706Abstract: The present invention relates to an application that is configured to provide secure access to confidential information. To protect the confidential information, the application may include functions that utilize a decoy application to disguise the functionality of the application. A unique sequence of inputs received through an interface associated with the decoy application may permit a user to access the confidential information. An authorized user that has been provided access to the confidential information may access configuration interfaces that permit the user to define the inputs that will serve as login credentials and to customize the appearance and functionality of the decoy application.Type: GrantFiled: December 29, 2016Date of Patent: July 25, 2017Inventor: Joseph Fitzgerald
-
Patent number: 9705878Abstract: A method of operating a server comprises receiving an authorization request comprising a password, accessing an expiry date for the password, transmitting a response comprising the expiry date, ascertaining whether the password has expired, and receiving a new password, if the password has expired. Optionally, the transmitted response further comprises a date representing the last use of the password and/or an integer value representing a retry parameter.Type: GrantFiled: April 1, 2009Date of Patent: July 11, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventor: Peter E. Havercan
-
Patent number: 9701280Abstract: A mobile communication system that includes a vehicle and a mobile device is provided. The method pertains to revoking communication control privileges of the mobile device previously authorized to control the vehicle. The method includes the steps of receiving a revocation request at the vehicle via a user interface device, the revocation request including a request to revoke the communication control privileges of the previously authorized mobile device, wherein the control privileges includes a capacity to remotely command at least one of a plurality of vehicle functions; and based on the revocation request, revoking at the vehicle the communication control privileges of the previously authorized mobile device.Type: GrantFiled: April 3, 2015Date of Patent: July 11, 2017Assignee: GM Global Technology Operations LLCInventors: Jennifer J. Schussmann, Karl B. Leboeuf, Lynn Saxton, Alessandro Testa
-
Patent number: 9674177Abstract: A personal computing device, server or other type of processing device authenticates a user attempting to access a protected resource by verifying user knowledge of one or more extracted characteristics of stored information indicative of an internal operating state of that resource. The one or more extracted characteristics are characteristics that would likely be known to the user if that user had made one or more previous authenticated accesses to the protected resource. For example, the extracted characteristics may be indicative of a manner in which the user had utilized the protected resource during the one or more previous authenticated accesses to the protected resource. The processing device receives input from the user regarding the one or more extracted characteristics, and grants or denies access to the protected resource based at least in part on the input received from the user.Type: GrantFiled: December 12, 2008Date of Patent: June 6, 2017Assignee: EMC IP Holding Company LLCInventor: Magnus Nyström
-
Patent number: 9659171Abstract: In accordance with embodiments of the present disclosure, a method may include storing a system fingerprint of an information handling system, the system fingerprint comprising information associated with one or more information handling resources of the information handling system recorded during creation of the system fingerprint including information regarding a security seed, wherein the security seed comprises a value stored at a location of a non-transitory computer readable medium integral to an information handling resource of the one or more information handling resources. The method may also include during a verification mode, based on the information in the system fingerprint, determining whether potential tampering of the information handling system has occurred, and if potential tampering has occurred, issuing an alert indicating potential tampering with the information handling system.Type: GrantFiled: August 21, 2015Date of Patent: May 23, 2017Assignee: Dell Producrs L.P.Inventors: Lisa B. Treweek, Christopher C. Dumas, Alaric J. N. Silveira
-
Patent number: 9660982Abstract: Disclosed are various embodiments for management functions relating to security credentials. Account data, which includes multiple security credentials for multiple network sites for a user, is stored in an encrypted form. A request to temporarily change the account data is obtained from a client. The request specifies a master security credential for accessing the account data. In response to the request, the multiple security credentials for the account data are changed to a single temporary security credential, as specified by a user. After an expiration period expires, the multiple security credentials are automatically reset to a plurality of different security credentials.Type: GrantFiled: August 17, 2016Date of Patent: May 23, 2017Assignee: Amazon Technologies, Inc.Inventors: Daniel W. Hitchcock, Brad Lee Campbell
-
Patent number: 9632603Abstract: A method and apparatus for password entry, the method comprising: displaying a password inputting keyboard on a display, the keyboard including a character carrier and a position carrier, the character carrier and the position carrier are capable of relative movement between each other so that when the position of a character in the character carrier is corresponding to a position mark on the position carrier, the position of at least one other character in the character carrier is corresponding to at least one other position mark in the position carrier; in response to a user causing relative movement between the character carrier and the position carrier, aligning a character in the character carrier with a position mark in the position carrier; and in response to a lapse of a predetermined time, recording the character and its input order and changing the layout of the password inputting keyboard.Type: GrantFiled: August 21, 2015Date of Patent: April 25, 2017Assignee: International Business Machines CorporationInventors: Wu Song Fang, Su Liu, Jun Su, Cheng Xu, Quan Wen Zhang
-
Patent number: 9626395Abstract: A document management apparatus includes a reception unit, an operation information extraction unit, a memory, an executability determination unit, and an operation execution unit. The reception unit receives an operation request for an electronic document from an operator. The operation information extraction unit extracts operation information related to the operation request. The memory stores operation history information which is an accumulation of previous operation information which is operation information related to previous operation requests previously made for electronic documents. The executability determination unit reads the operation history information from the memory to determine whether or not an operation pertaining to the operation request is executable on the basis of the operation information and the operation history information.Type: GrantFiled: June 20, 2014Date of Patent: April 18, 2017Assignee: FUJI XEROX CO., LTD.Inventor: Mai Suzuki
-
Patent number: 9628465Abstract: Methods and systems are described for state driven orchestration of authentication components to access a resource protected by an access manager framework. In response to a client request for a protected resource, relevant authentication components and their respective order are determined. Upon successful authentication of the first authentication component, proper state information of the authentication process is stored by the client indicating the next authentication component. In response to a request for additional credential information for the authentication process from the next authentication component, the client provides the stored state information so that the authentication process continues with the second authentication component according to the determined order of the authentication components within an authentication process.Type: GrantFiled: June 29, 2015Date of Patent: April 18, 2017Assignee: Oracle International CorporationInventors: Aarathi Balakrishnan, Ramya Kukkehali Subramanya, Deepak Ramakrishnan
-
Patent number: 9613201Abstract: A technique provides access control on a mobile device (e.g., a smart phone, a tablet, etc.). The technique involves displaying an image on a touch screen of the mobile device. The technique further involves, while the image is displayed on the touch screen, receiving user input from a user. The user input includes user gestures applied to the touch screen over the displayed image. The technique further involves performing an access control operation which provides an access control result based on the user input, the access control result (i) providing access to a set of protected resources when the user input matches expected input and (ii) denying access to the set of protected resources when the user input does not match the expected input.Type: GrantFiled: September 30, 2013Date of Patent: April 4, 2017Assignee: EMC IP Holding Company LLCInventors: Yedidya Dotan, Lawrence N. Friedman, Gareth Richards, Daniel V. Bailey
-
Patent number: 9600077Abstract: The present invention provides an image display device comprising: a sensing unit for sensing an input gesture of a user; a display unit for outputting visual information among the executed data of an application when the application is executed; a collection unit for collecting control gesture information included in the executed data; and a control unit for executing an event of the application which is included in the executed data and corresponds to the control gesture information if the control gesture information and the input gesture sensed by the sensing unit are matching while the application is executed.Type: GrantFiled: October 23, 2013Date of Patent: March 21, 2017Assignee: LG ELECTRONICS INC.Inventors: Soonbo Han, Hyojin Song, Sangjo Park, Dongyoung Lee
-
Patent number: 9596231Abstract: Systems and methods for generating secure passwords, personal identification numbers (PINs), and other user credentials using touch-aware devices are described. In some cases, an end user of a computing device may use a touch-sensitive interface (e.g., a touchscreen) to indirectly enter user credentials for accessing protected information or a protected computing resource using the computing device. The end user may indirectly enter the user credentials by entering information that is different from the actual user credentials. In one example, the touch-sensitive interface may display a plurality of numbers and paths connecting the plurality of numbers and the end user of the computing device may select a sequence of numbers of the plurality of numbers using a touch gesture. The computing device may generate a user credential different from the sequence of numbers using the sequence of numbers selected by the end user.Type: GrantFiled: August 21, 2015Date of Patent: March 14, 2017Assignee: CA, INC.Inventors: Vikrant Nandakumar, Naveen Harry Michael, Hemanth Pinninti, Vardhineedi Satyanarayana Murthy
-
Patent number: 9589001Abstract: A document management apparatus includes a reception unit, an operation information extraction unit, a memory, an executability determination unit, and an operation execution unit. The reception unit receives an operation request for an electronic document from an operator. The operation information extraction unit extracts operation information related to the operation request. The memory stores operation history information which is an accumulation of previous operation information which is operation information related to previous operation requests previously made for electronic documents. The executability determination unit reads the operation history information from the memory to determine whether or not an operation pertaining to the operation request is executable on the basis of the operation information and the operation history information.Type: GrantFiled: June 20, 2014Date of Patent: March 7, 2017Assignee: FUJI XEROX CO., LTD.Inventor: Mai Suzuki
-
Patent number: 9571487Abstract: The present invention relates to an application that is configured to provide secure access to confidential information. To protect the confidential information, the application may include functions that utilize a decoy application to disguise the functionality of the application. A unique sequence of inputs received through an interface associated with the decoy application may permit a user to access the confidential information. An authorized user that has been provided access to the confidential information may access configuration interfaces that permit the user to define the inputs that will serve as login credentials and to customize the appearance and functionality of the decoy application.Type: GrantFiled: February 3, 2016Date of Patent: February 14, 2017Inventor: Joseph Fitzgerald
-
Patent number: 9565020Abstract: Disclosed herein is a method for generating a high entropy password using a low entropy password and low-entropy login data comprising supplying the low entropy password to a system comprising a generating client and/or a recovery client; and at least n servers; submitting request data derived, at least in part, from the user's low entropy password, where the request data includes authentication data; engaging in a distributed protocol with at least t servers to generate high-entropy values based on stored cryptographic information and a set of authentication information stored on the at least n servers which is checked against the authentication data provided by the user and/or the generating client and/or a recovery client; and generating the high entropy password.Type: GrantFiled: February 2, 2016Date of Patent: February 7, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Jan L. Camenisch, Franz-Stefan Preiss, Kai Samelin, Dieter M. Sommer
-
Patent number: RE47518Abstract: Image based login procedures for computer systems include: (a) displaying a first image on a computer screen; (b) receiving user input indicating a portion of the first image; (c) determining if the user input corresponds to a first acceptable user input for user authentication; and (d) proceeding with the authentication procedure when this user input corresponds to the first acceptable user input for user authentication. Additionally or optionally, when proceeding with this authentication procedure, the systems and methods further may include: displaying a second image on the screen; receiving new user input indicating a portion of the second image; and determining if this new input corresponds to a second acceptable user input for user authentication.Type: GrantFiled: January 12, 2017Date of Patent: July 16, 2019Assignee: Microsoft Technology Licensing, LLCInventors: Matthew E. Kowalczyk, Russell Humphries, Erik L. Holt