Credential Management Patents (Class 726/18)
-
Patent number: 9558340Abstract: The invention prevents robots from browsing a Web site beyond a welcome page. When an initial request from an undefined originator is received, the Web site responds to it with a welcome page including a challenge. Then, on receiving a further request from the undefined originator, the Web site can check whether the challenge is fulfilled or not. If fulfilled, the undefined originator is assumed to be a human being and authorized to go on. If the challenge is not fulfilled, the undefined originator is assumed to be a robot, in which case site access is further denied. The invention prevents Web site contents from being investigated by robots while not requiring users to have to log on.Type: GrantFiled: August 15, 2015Date of Patent: January 31, 2017Assignee: International Business Machines CorporationInventors: Marc Lamberton, Eric Levy-Abegnoli, Pascal Thubert
-
Patent number: 9544312Abstract: Methods and systems for managing directory information, such as onboarding a LDAP server, employing a processor coupled to memory and other computer hardware and software components for receiving a request related to one or more applications from a requestor in pre-determined business logic, acknowledging the request by an approver function without requiring the requestor to negotiate, for example, with an LDAP administrator to justify the request, and provisioning the request into the enterprise LDAP server in the pre-determined business logic.Type: GrantFiled: October 30, 2012Date of Patent: January 10, 2017Assignee: CITIGROUP TECHNOLOGY, INC.Inventors: Sandeep Nair, Jerry Speyer, Udaya Chandupatla
-
Patent number: 9524395Abstract: A method and apparatus for obtaining a password hint is disclosed. In some embodiments, the method includes: receiving a spatial pattern from a user; obtaining a password comprising a plurality of characters; obtaining a password hint comprising an arrangement of characters, wherein the arrangement of characters includes the plurality of characters of the password and additional characters, and the plurality of characters of the password are located within the arrangement of characters according to the received spatial pattern. The method may also include storing the password hint or providing the password hint to the user.Type: GrantFiled: November 8, 2011Date of Patent: December 20, 2016Assignee: Telefonaktiebolaget LM Ericsson (publ)Inventors: Göran Selander, Mats Näslund
-
Patent number: 9519763Abstract: A system and method is provided for visual authentication and authorization of a user for mobile devices, the system having: a login display on a mobile selection device displaying a visual pattern, a data collection engine whereby selection features are obtained from a plurality of user selection events to the mobile selection device with reference to the visual pattern, the selection attributes comprise measured selection attributes and derived selection attributes calculated from the measured selection attributes; an authentication engine whereby the selection attributes are compared to projected user selection attributes derived from user selection attribute values obtained during prior successful logins.Type: GrantFiled: May 30, 2014Date of Patent: December 13, 2016Inventors: Raphael A. Rodriguez, Daniel Volovik
-
Patent number: 9519824Abstract: The invention relates to a method for enabling the authentication or identification of a person (1) using a first electronic device (2) comprising an image-capturing unit and a data-transmission unit, the method including a step of registering said person in a verification system (3). The registration step includes the steps of: capturing, using the image-capturing unit of said electronic device, a first image (h) of at least one object (O) of any kind that is secretly selected by the person; and transmitting said first image to the verification system by means of said data transmission device of said first electronic device.Type: GrantFiled: November 29, 2011Date of Patent: December 13, 2016Assignee: MORPHOInventors: Jean-Christophe Fondeur, Hervé Chabanne
-
Patent number: 9516032Abstract: Methods, systems and articles of manufacture consistent with features of the present invention allow the generation and use of derived user accounts, or DUA, in a computer system comprising user accounts. In particular, derivation rules define how a DUA is linked to or created based on an existing original user account, or OUA. Derivation transformations may also update the state of a DUA based on its corresponding OUA or give feedback from the state of a DUA to the state of its corresponding OUA.Type: GrantFiled: September 26, 2014Date of Patent: December 6, 2016Assignee: GOOGLE INC.Inventor: Ulfar Erlingsson
-
Patent number: 9513779Abstract: A method is provided for reducing a number of keys that a user is required to depress on a device having a keyboard with a limited number of keys when the user enters a password. The method comprising the following steps. A subset of characters used to define the password is determined. A filter to apply to the keyboard is determined in accordance with the determined subset of characters. The filter is applied when the user depresses the keys. Devices and computer readable medium for implementing the method are also provided.Type: GrantFiled: July 22, 2013Date of Patent: December 6, 2016Assignee: BlackBerry LimitedInventors: Michael Kenneth Brown, Neil Patrick Adams, George Babu, Herbert Little, Michael Stephen Brown
-
Patent number: 9507931Abstract: A security device and controlling method thereof are provided. The security device includes: a storage configured to store a plurality of passwords, wherein a complexity of the passwords increases according to a security level; an inputter configured to receive a password input by a user; a detector configured to detect a security level of the received password by comparing the received password and the plurality of passwords stored in the storage; and a controller configured to provide an authority to access an element of an electronic device connected with the security device according to the detected security level.Type: GrantFiled: September 24, 2014Date of Patent: November 29, 2016Assignee: SAMSUNG ELECTRONICS CO., LTD.Inventors: Byong-ki Lee, Yun-ho Choi
-
Patent number: 9503449Abstract: A system for managing one or more certificates on granular object level in one or more datacenters is provided. The system includes a discover module, an inventory module, a work order module, and a policy module. The discover module is configured to discover the one or more certificates. The inventory module is configured to provide details of the one or more certificates. The work order module is configured to store details of (i) a work order id of the one or more certificates, (ii) device information of the one or more certificates, (iii) a time stamp of implementation of the one or more certificates, and (iv) a status the one or more certificates. The policy module is configured to create a policy that specifies (i) usage of the one or more certificates, and (ii) practices that a certificate authority (CA) employs to manage the one or more certificates.Type: GrantFiled: May 12, 2015Date of Patent: November 22, 2016Inventors: Anand Purusothaman, Murali Palanisamy
-
Patent number: 9489050Abstract: Embodiments of the present invention provide a method and user equipment for unlocking a screen saver, which can implement personalized operations of screen saver unlocking. The method includes: detecting a position of a first input on a screen; detecting a duration of the first input when the position of the first input falls into a user-preset track; and unlocking the screen saver when the duration exceeds a time threshold. The corresponding user equipment includes a position detecting module, a time detecting module, and a screen. The above technical solutions may implement personalized operations of screen saver unlocking and increase fun by detecting whether the position of a user input falls into a user-preset track and detecting the duration of the user input.Type: GrantFiled: March 25, 2013Date of Patent: November 8, 2016Assignee: Huawei Technologies Co., Ltd.Inventor: Li Hua
-
Patent number: 9407765Abstract: The preferred embodiments of the present invention include providing automated passcode recovery in an interactive voice response system by providing to a caller an automated passcode recovery question and processing a caller answer to the automated passcode recovery question to authenticate the caller.Type: GrantFiled: October 21, 2013Date of Patent: August 2, 2016Assignee: AT&T Intellectual Property I, L.P.Inventor: Anita H. Simpson
-
Patent number: 9378616Abstract: A gaming system employs a device security firewall having a plurality of rules and an inclusion list of a plurality of devices allowed to operate on a gaming device for determining acceptable data traffic on the gaming device.Type: GrantFiled: March 7, 2013Date of Patent: June 28, 2016Assignee: IGTInventors: Dennis T. Kleppen, Dwayne R. Nelson
-
Patent number: 9367679Abstract: At the time of input of authentication information, even when the hand and the input screen are seen from the third person, guess of authentication information is made difficult. A plurality of keys serving as input means are divided into a first region and a second region. Then, the first region and the second region are caused to transit between a first state and a second state distinguished from each other depending on the displayed contents. When a region where a key to be inputted for the input of authentication information is arranged is in the second state, input to the above-mentioned plurality of keys is recognized as dummy.Type: GrantFiled: October 18, 2012Date of Patent: June 14, 2016Assignee: NEC PERSONAL COMPUTERS, LTDInventor: Takahisa Shirakawa
-
Patent number: 9355239Abstract: Utilizing an image on a computing device to serve as a template for locking/unlocking the computing device. The image includes a plurality of portions that are defined and thereafter identified and presented to a user via a touch screen. A user selects portions/zones that are defined within the image in a specified sequence and this sequence is stored as a lock/unlock code for unlocking the computing device. In an embodiment, in addition to the specified sequence of selections, a movement or sequence of movements may be also be stored as part of the lock/unlock code.Type: GrantFiled: May 8, 2013Date of Patent: May 31, 2016Assignee: Microsoft Technology Licensing, LLCInventors: Shamik Bandyopadhyay, Veronica Y. Law
-
Patent number: 9356929Abstract: A method of establishing a secure channel between a human user and a computer application is described. A secret unique identifier (“PIN”) is shared between a user and an application. When the user makes a request that involves utilizing the PIN for authentication purposes, the application renders a randomly selected identifier. The randomly selected identifier is in a format that is recognizable to a human but is not readily recognizable by an automated agent. The randomly selected identifier is then presented to the human user. The user identifies the relationship between the randomly selected identifier and the PIN. If the user's input reflects the fact that the user knows the PIN, then the user is authenticated.Type: GrantFiled: April 19, 2012Date of Patent: May 31, 2016Assignee: Intertrust Technologies CorporationInventors: Binyamin Pinkas, Stuart A. Haber, Robert E. Tarjan, Tomas Sander
-
Patent number: 9342673Abstract: A method for user authentication in a device comprising a touch screen is provided. In operation, the device stores a user authentication code corresponding to a user. When a trigger for user authentication is detected, the device randomly selects one or more character positions in the sequence of characters. The device further requests the user to enter a character corresponding to each of the selected one or more character positions in the sequence of characters. When the device detects a user entry made using a keypad on the touch screen, the device determines whether the user entry matches a character corresponding to each of the selected one or more character positions. When the user entry matches a character corresponding to each of the selected one or more character positions in the sequence of characters, then the user is successfully authenticated to the device.Type: GrantFiled: March 26, 2014Date of Patent: May 17, 2016Assignee: MOTOROLA SOLUTIONS, INC.Inventor: Aroon V Tungare
-
Patent number: 9325503Abstract: Methods and systems are provided for authenticating a user for access to restricted content. An exemplary method involves providing a plurality of selectable regions on a display, authenticating the user based at least in part on a user input that corresponds to a selectable region that includes a portion of authentication information, and providing the restricted content to the display after authenticating the user. Each selectable input region of the plurality of selectable regions includes a plurality of characters. In exemplary embodiments, the characters of one or more selectable input regions are randomized.Type: GrantFiled: June 12, 2014Date of Patent: April 26, 2016Assignee: EchoStar Technologies L.L.C.Inventor: Neil Marten
-
Patent number: 9305187Abstract: Data security management system and methods are provided. First, a first system having a management authority is provided. The first system displays an input interface on an input device. A switch switches the management authority from the first system to a second system, wherein the second system operates with a secure mechanism. When the management authority is switched to the second system, the first system transmits layout information of the input interface and an input device characteristic of the input device to the second system. The second system receives input data via the input device, and decodes the input data according to the layout information and the input device characteristic.Type: GrantFiled: February 22, 2012Date of Patent: April 5, 2016Assignee: HTC CorporationInventors: Hsin-Ti Chueh, Ssu-Po Chin
-
Patent number: 9305152Abstract: A PIN is automatically generated based on at least one rule when the user enters a password through a user device. In one example, the PIN is a truncated version of the password where each character in the truncated version is mapped onto a number. The mapping can be a truncation at the beginning or end of the password, or the mapping can be with any pattern or sequence of characters in the password. This PIN generation may be transparent to the user, such that the user may not even know the PIN was generated when the password was entered. When the user attempts to access restricted content, the user may enter the PIN instead of the password, where the user may be notified of the rule used to generate the PIN so that the user will know the PIN by knowing the password.Type: GrantFiled: May 6, 2014Date of Patent: April 5, 2016Assignee: PAYPAL, INC.Inventor: Bjorn Markus Jakobsson
-
Patent number: 9292670Abstract: The invention relates to a system and method for generating and authenticating one time dynamic password based on the context information related to a user. It involves retrieving user context information and generating a dynamic value based on that. The first one time dynamic password is generated at the user device using the first dynamic value and the user PIN. The first dynamic value along with the user identifier is sent to the authentication server. The authentication server sends the user identifier to the context management server. The context management server has access the context information used to generate the first dynamic value and based on that they generate a second dynamic value. The authentication server receives this value and generates the second one time dynamic password and if it matches with the first one time dynamic password then the authentication server authenticates the first one time dynamic password.Type: GrantFiled: June 25, 2012Date of Patent: March 22, 2016Assignee: Infosys LimitedInventors: Puneet Gupta, Venkat Kumar Sivaramamurthy, Harigopal Kanaka Bapiraja Ponnapalli, Akshay Darbari
-
Patent number: 9276919Abstract: In certain embodiments, a system having a memory and a processor. The memory is operable to store a credential verifier associated with a user account and a counter. The processor is coupled to the memory and the memory includes executable instructions that cause the system to receive a first authentication attempt and increment the counter if validation of the first authentication attempt against the credential verifier fails. The instructions also cause the system to receive a second authentication attempt and increment the counter only if validation of the second authentication attempt against the credential verifier fails and the second authentication attempt is distinct from the first authentication attempt.Type: GrantFiled: July 12, 2013Date of Patent: March 1, 2016Assignee: Amazon Technologies, Inc.Inventors: Stefan Popoveniuc, Cristian Marius Ilac, Gregory Branchek Roth, Eric J. Brandwine
-
Patent number: 9275214Abstract: A codebook, comprising a number of groups of symbols in a predetermined pattern printed on a card or the like is issued to a user. The user is attributed or selects an extraction pattern representing an order of progression through the symbols in each group of symbols. When the user wishes to make an authentication action an authentication party challenges the user to submit the symbols found at selected positions in the extraction pattern. The user applies the extraction pattern to the codebook and retrieves the symbols found at the selected positions, and submits these to the authenticating party. The authenticating party applies the same extraction pattern to the same codebook, and determines whether the results match those submitted by the user, and in a case where the two sets of symbols match, authenticates the user.Type: GrantFiled: October 6, 2008Date of Patent: March 1, 2016Assignee: International Business Machines CorporationInventors: Gianluca Gargaro, Patrizio Trinchini
-
Patent number: 9275065Abstract: A computing device receives data access records and determines a user data access behavior pattern for a user based on the data access records. The computing device receives new data access records and identifies any deviation from the user data access behavior pattern based on the new data access records. Upon identifying deviation from the user data access behavior pattern, the computing device generates an alert indicating that the user has deviated from the user data access behavior pattern.Type: GrantFiled: July 26, 2011Date of Patent: March 1, 2016Assignee: Symantec CorporationInventors: Anantharaman Ganesh, Anindya Banerjee, Bijayalaxmi Nanda
-
Patent number: 9270670Abstract: The present invention relates to an application that is configured to provide secure access to confidential information. To protect the confidential information, the application may include functions that utilize a decoy application to disguise the functionality of the application. A unique sequence of inputs received through an interface associated with the decoy application may permit a user to access the confidential information. An authorized user that has been provided access to the confidential information may access configuration interfaces that permit the user to define the inputs that will serve as login credentials and to customize the appearance and functionality of the decoy application.Type: GrantFiled: October 10, 2014Date of Patent: February 23, 2016Inventor: Joseph Fitzgerald
-
Patent number: 9262609Abstract: An apparatus and method are disclosed for determining authentication frequency (i.e., the length of time between authenticating and re-authenticating a user) and challenge type (e.g., username/password, fingerprint recognition, voice recognition, etc.) based on one or more environmental properties (e.g., ambient noise level, ambient luminosity, temperature, etc.), or one or more physiological properties of a user (e.g., heart rate, blood pressure, etc.), or both. Advantageously, the illustrative embodiment enables authentication frequency and challenge type to be adjusted based on the likelihood of malicious activity, as inferred from these properties. In addition, the illustrative embodiment enables the authentication challenge type to be tailored to particular environmental conditions (e.g., noisy environments, dark environments, etc.).Type: GrantFiled: March 9, 2015Date of Patent: February 16, 2016Assignee: Avaya Inc.Inventors: Jon Louis Bentley, George William Erhart, Lawrence O'Gorman, Michael J. Sammon, David Joseph Skiba
-
Patent number: 9256763Abstract: A method for providing a public key/secret key pair for encrypting and decrypting data, wherein the public key of the public key/secret key pair and a master secret key are generated based on predefined policy information, and wherein the secret key of the public key/secret key pair is generated based on the generated master secret key and predefined attribute information. A method for accessing a system in an untrusted environment and a system for providing a public key/secret key pair for encrypting and decrypting data as well as a use for access control are also described.Type: GrantFiled: September 3, 2013Date of Patent: February 9, 2016Assignee: NEC EUROPE LTD.Inventor: Sebastian Gajek
-
Patent number: 9251652Abstract: The present invention relates to gaming apparatus (100) and methods (300) applicable to gaming apparatuses and systems. In particular a password entry method (300) and system (600) for authenticating a player's identity is disclosed in which a user's password can be defined using a set of elements (402) including a plurality of images (404) such as symbols or pictures.Type: GrantFiled: December 2, 2013Date of Patent: February 2, 2016Assignee: ARISTOCRAT TECHNOLOGIES AUSTRALIA PTY LIMITEDInventor: Stephen Byng
-
Patent number: 9224272Abstract: In an exchange of data between a client terminal (1) and a secure database server (2) the data is encoded using positional information generated by a combination generator (7) in a separate security server (3). The positional information is used to produce an image specific to a communication event which is accessed by the client terminal (1) and is the basis for the entry of sensitive data at the client terminal (1). The three-way communication link between the client terminal, database server and security server greatly increases the difficulty of successfully intercepting and decoding the data entered at the client terminal. This method of secure data communication is particularly suited to the communication of password data for example in the banking industry.Type: GrantFiled: July 8, 2005Date of Patent: December 29, 2015Assignee: Tricerion Ltd.Inventors: Stuart Leslie Morris, Norman MacAskill Fraser, Sanjay Shantilal Haria
-
Patent number: 9178875Abstract: A method for authenticating an OTP (one time password) and an instrument therefor, in which the method includes determining whether the OTP token is authenticated successfully, if the OTP token is not authenticated successfully, setting size of an authentication window to be a first predetermined time length and authenticating the obtained OTP according to the authentication window; if the OTP token is authenticated successfully, determining whether the interval between the authentication success time and the current system time is longer than a second predetermined time length, if yes, setting size of the authentication window to be a third predetermined time length and authenticating the obtained OTP according to the authentication window and the authentication success time, in which the third predetermined time length is shorter than the first predetermined time length; otherwise, setting size of the authentication window to be a fourth predetermined time length and authenticating the obtained OTP accordinType: GrantFiled: December 21, 2012Date of Patent: November 3, 2015Assignee: Feitian Technologies Co., Ltd.Inventors: Zhou Lu, Huazhang Yu
-
Patent number: 9177164Abstract: A system and method is introduced for combining a secure device with a non secure user machine for using and sharing secure data seamlessly through the non secure user machine. The secure device runs in a separate, “parallel world” to the user machine so that the user machine cannot access secure data while it is being used. Even if the user machine is already compromised, the secure data and its usage remain protected from the likes of key logging and screen captures. The secure device authenticates secure data handling to the user so that the user is able to differentiate between a secure and a non secure data usage, as well as identify false imitations of the secure environment.Type: GrantFiled: March 31, 2014Date of Patent: November 3, 2015Inventor: Noam Camiel
-
Patent number: 9177165Abstract: A system and method is introduced for combining a secure device with a non secure user machine for using and sharing secure data seamlessly through the non secure user machine. The secure device runs in a separate, “parallel world” to the user machine so that the user machine cannot access secure data while it is being used. Even if the user machine is already compromised, the secure data and its usage remain protected from the likes of key logging and screen captures. The secure device authenticates secure data handling to the user so that the user is able to differentiate between a secure and a non secure data usage, as well as identify false imitations of the secure environment.Type: GrantFiled: March 31, 2014Date of Patent: November 3, 2015Inventor: Noam Camiel
-
Patent number: 9166967Abstract: A comprehensive authentication and identity system and method are disclosed. A central profile is created for a user which includes user information that can be passed back or otherwise utilized by websites (e.g. for registrations, logins, etc.) The user information may include the user's username, password, contact information, personal information, marketing preferences, financial information, etc. For website registrations, the user may provide a mobile communication number that is utilized to perform a type of mobile communication device verification process. As part of a website login, the user may provide identifiable information (e.g. a username) that is looked up by the system or website to determine a mobile communication number for the user, which is used for a verification process. If the verification process is completed successfully, the user may be logged into the website. For accessing the system directly, a user may go through a mobile communication device verification process.Type: GrantFiled: September 26, 2012Date of Patent: October 20, 2015Assignee: TeleSign CorporationInventors: Darren Berkovitz, Ryan Parker Disraeli, Stacy Lyn Stubblefield
-
Patent number: 9160747Abstract: The invention discloses, inter alia, a computer executable method for controlling user's access to transaction data in the context of a service in a multitenant data management system comprising data of a first organization, a second organization providing at least one service, at least one user representing the second organization, and a transaction associable by its content with the first organization. The method comprises steps for receiving a request for a user representing the second organization to access the transaction associable with the first organization in the context of a service, verifying the secondary stakeholder status of the second organization regarding the transaction, verifying the validity of a chain of trust between the user of the request and the second organization in the context, and conditional to the validity of the secondary stakeholder status and the chain of trust, authorizing the user representing the second organization to access the transaction in the context of the service.Type: GrantFiled: June 25, 2013Date of Patent: October 13, 2015Assignee: BASWARE CORPORATIONInventor: Timo Hotti
-
Patent number: 9148427Abstract: The invention prevents robots from browsing a Web site beyond a welcome page. When an initial request from an undefined originator is received, the Web site responds to it with a welcome page including a challenge. Then, on receiving a further request from the undefined originator, the Web site can check whether the challenge is fulfilled or not. If fulfilled, the undefined originator is assumed to be a human being and authorized to go on. If the challenge is not fulfilled, the undefined originator is assumed to be a robot, in which case site access is further denied. The invention prevents Web site contents from being investigated by robots while not requiring users to have to log on.Type: GrantFiled: May 1, 2008Date of Patent: September 29, 2015Assignee: International Business Machines CorporationInventors: Marc Lamberton, Eric Levy-Abegnoli, Pascal Thubert
-
Patent number: 9147058Abstract: Techniques are provided for entering, verifying, and saving a gesture on a touch-sensitive display device. In one embodiment, the device displays a gesture entry screen where a user enters a gesture. The device estimates the entered gesture and displays the estimated gesture on a gesture replay screen. The estimated gesture may be replayed repeatedly until stopped, and the device may display a gesture verification screen where the user may reenter the gesture. The device verifies if the re-entered gesture is substantially the same as the original estimated gesture. Some embodiments include a visible trace following a user's touch on the touch-sensitive display, where the trace may change in color and/or length depending on the speed, duration, and/or complexity of an entered gesture. Some embodiments include display indicator(s) (e.g., a strength bar, color change, timer, etc.) to indicate the strength and/or elapsed time during an entry or replay of a gesture.Type: GrantFiled: October 12, 2012Date of Patent: September 29, 2015Assignee: APPLE INC.Inventors: Brandon J. Casey, Jake M. Logan, Erik M. Cressall, Stephen H. Cotterill
-
Patent number: 9111073Abstract: A user generates a pattern in a matrix (or two-dimensional grid) and enters a user name and an associated password. This username, password and pattern are stored locally on a computing device or are transmitted to a remote computer server for later authentication. Upon authentication, an input matrix is displayed. The user enters the password into the matrix in the form of the pattern, and also enters the username. The computer retrieves the previously stored pattern and password with the username. The previously stored pattern is used to read the input password from the input matrix. A match with the stored password indicates authentication. Alternatively, the input matrix only includes the pattern and password is entered separately. The input matrix may also be filled with random characters to improve security. The stored pattern is compared to the input pattern using image analysis or by comparing a set of coordinates.Type: GrantFiled: November 19, 2012Date of Patent: August 18, 2015Assignee: Trend Micro Inc.Inventors: Juliang Jiang, Jing Cao, Xiangdong Ruan
-
Patent number: 9106584Abstract: An aspect of the disclosed technology is a general-purpose platform that may be used to provide resilient cloud services. Tasks may be written as procedures in general-purpose programming languages that directly manipulate resources via control interfaces. In one implementation, resource states, such as router configurations and virtual machine states, associated with a cloud customer that provides communications services, may be abstracted into tables in a relational or semi-structured database. State changes that have been written to the database tables are automatically propagated by the database to appropriate customer physical devices, such as network elements, thereby implementing various customer network operations.Type: GrantFiled: September 26, 2011Date of Patent: August 11, 2015Assignee: AT&T Intellectual Property I, L.P.Inventors: Yun Mao, Maria Fernandez, Changbin Liu, Jacobus Van Der Merwe
-
Patent number: 9105025Abstract: A secure fob that enables a user to pay for an item or items without needing to present a mobile device. A secure fob may include a proximity capability to ensure that a mobile device is within a particular range, thereby eliminating the risk of fraudulent charges on a stolen fob. In such an embodiment, a fob may be disabled if the fob is not paired with the mobile device by virtue of being disconnected and/or physically separated from the mobile device. The secure fob also may include enhanced features to authorize transactions and locate the mobile device and/or the secure fob.Type: GrantFiled: May 29, 2014Date of Patent: August 11, 2015Assignee: CAPITAL ONE FINANCIAL CORPORATIONInventors: Thomas S. Poole, Paul Moreton, Hutch Douglas, Anthony Swider, Christopher Clarke
-
Patent number: 9092614Abstract: A system and method for preventing an administrator impersonating a user from accessing sensitive resources on a target system is provided. The method comprises receiving a first request from a user to change the user's password on a target system to be changed, sending a “change password” request for the user to the target system, storing the user's new password, receiving a second request from the target system on behalf of the user for access to a sensitive resource, wherein the second request contains information about the user's password, and denying the second request if the information about the user's password is not consistent with the user's stored new password.Type: GrantFiled: April 12, 2013Date of Patent: July 28, 2015Assignee: Protegrity CorporationInventor: Ulf Mattsson
-
Patent number: 9064104Abstract: A method includes displaying a base image and a secondary image overlying the base image on a display, detecting an alignment of a first element of the base image with a second element of the secondary image, and when the first element and the second element are pre-selected elements for a user, authenticating the user.Type: GrantFiled: June 15, 2010Date of Patent: June 23, 2015Assignee: BlackBerry LimitedInventor: Martin Riddiford
-
Patent number: 9053301Abstract: In a method for logging in to a computer, a log-in display is carried out on a terminal unit when the terminal unit is connected to a system management apparatus. A display is carried out to urge an operator to carry out a physical operation when a log-in starting operation is carried out to the terminal unit in response to the log-in display. An operation detection signal is sent when detecting the physical operation carried out to an operating panel. The computer enters a logged-in state when the operation detection signal is detected.Type: GrantFiled: June 26, 2009Date of Patent: June 9, 2015Assignee: FUJITSU LIMITEDInventor: Kenji Tagashira
-
Patent number: 9043793Abstract: A processing device comprises a processor coupled to a memory and implements an obligation management system for information technology infrastructure, with the obligation management system being configured to process a plurality of obligations on behalf of a relying party to verify implementation of corresponding controls in information technology infrastructure of a claimant. A given one of the obligations has an associated obligation fulfiller that is inserted or otherwise deployed as a component within the information technology infrastructure of the claimant and is configured to provide evidence of the implementation of one or more of the controls responsive to an obligation assertion so as to establish an associated trust aspect of the claimant. The information technology infrastructure may comprise distributed virtual infrastructure of a cloud service provider. The claimant may comprise the cloud service provider and the relying party may comprise a tenant of the cloud service provider.Type: GrantFiled: March 30, 2011Date of Patent: May 26, 2015Assignee: EMC CorporationInventors: John P. Field, Thomas R. Maguire, Stephen G. Graham, Edgar St. Pierre
-
Patent number: 9043872Abstract: An information handling system includes a host mapped general purpose input output (GPIO), a shared memory, a board management controller, and a cryptography engine. The host mapped GPIO includes a plurality of registers. The board management controller is in communication with the host mapped GPIO and with the shared memory, and is configured to control accessibility to the plurality of registers in the GPIO, and to control write accessibility of the shared memory based on a private key received from a basic input output system requesting accessibility to the plurality of registers and write accessibility of the shared memory. The cryptography engine is in communication with the board memory controller, and is configured to authenticate the private key received from the board management controller.Type: GrantFiled: July 31, 2013Date of Patent: May 26, 2015Assignee: Dell Products, LPInventors: Timothy M. Lambert, Mukund P. Khatri
-
Publication number: 20150143509Abstract: A method for estimating the strength of a graphicalpassword comprising two or more segments is disclosed. In some embodiments, this advantageous solution is achieved by implementing a multi-step process. In one step, the data processing system applies a first operation on a first segment to produce a transformed segment. In another step, the data processing system performs a comparison operation between the transformed segment and a second segment. In another step, the data processing system performs a penalty operation with respect to the first segment based on an outcome of the comparison operation. The penalty operation includes one or more of (1) calculating a penalty value, wherein the penalty value may be used in calculating a value representing the strength of the graphicalpassword; and (2) disregarding the first or the second segment when calculating the value representing the strength of the graphical password.Type: ApplicationFiled: September 20, 2012Publication date: May 21, 2015Applicant: TELEFONAKTIEBOLAGET L M ERICSSON (PUBL)Inventors: Göran Selander, Mats Näslund, Freyr Saevarsson
-
Publication number: 20150143508Abstract: Certain embodiments herein relate to authenticating access to an operating system by a user before the operating system is booted. Such authentication may be performed by processing information received from a wireless communication token via Near Field Communication (NFC), in one embodiment. The received information may be processed to determine credentials for accessing the operating system, which if validated, may be sent to a Basic Input Output System (BIOS) which may boot the operating system in response. The BIOS may also perform various other functions if authentication is successful, such as decrypting a hard disk on which an operating system is installed before booting the operating system. According to this configuration, a decryption key may be received from the wireless communication token and subsequently sent to the BIOS to enable the decryption and subsequent booting of the operating system.Type: ApplicationFiled: August 28, 2013Publication date: May 21, 2015Inventor: Moishe Halibard
-
Patent number: 9037855Abstract: A content data reproducing method includes: decrypting encrypted data to generate plain-text data; dividing the plain-text data into decrypted content data and reproduction management information; sending the reproduction management information to a user space; storing the decrypted content data in a secret buffer; obtaining the decrypted content data as reproduction target data from the secret buffer and transmitting the reproduction target data to a decoder; and decoding the reproduction target data by the decoder.Type: GrantFiled: November 6, 2013Date of Patent: May 19, 2015Assignee: SOCIONEXT Inc.Inventors: Atsushi Oida, Wataru Tachibana, Hiroyuki Wada
-
Publication number: 20150135307Abstract: An electronic lock in which new passcodes can be added and/or deleted without specifying the user slot to which the new passcode should be assigned. A circuit in the electronic lock determines whether the new passcode to be added is unique compared to existing passcodes stored in memory. If so, the circuit searches for an available user slot for which no authorized passcodes are associated and associates the new passcode with an available user slot.Type: ApplicationFiled: October 17, 2014Publication date: May 14, 2015Inventors: THUAN DUY NGUYEN, KEN CHING YING YEH
-
Publication number: 20150135021Abstract: Context captured with sensors of an information handling system is applied to selectively lock access to currently unlocked information, with conditions for locking access based upon the context. Nervous states enforce locking of selected information based upon the confidence of the security of the information under sensed external conditions. Increased sensitivity for locking access includes reduced timeouts to a lock command, increased response to sensed conditions, and more rapid response where unlocked access is to sensitive information.Type: ApplicationFiled: November 8, 2013Publication date: May 14, 2015Applicant: DELL PRODUCTS L.P.Inventors: Charles D. Robison, Liam B. Quinn, Rocco Ancona, Roman Joel Pacheco
-
Patent number: 9032509Abstract: An avatar in a virtual world is provided with credentials for access to various parts of the virtual world by embedding information derived from avatar identification and authorized credential information in the form of a graphic image associated with the avatar. The embedded information is preferably encrypted.Type: GrantFiled: July 25, 2013Date of Patent: May 12, 2015Assignee: International Business Machines CorporationInventors: Rick A. Hamilton, II, Richard J. Newhook, M. Shafer Ramsey, James W. Seaman
-
Patent number: RE46301Abstract: Image based login procedures for computer systems include: (a) displaying a first image on a computer screen; (b) receiving user input indicating a portion of the first image; (c) determining if the user input corresponds to a first acceptable user input for user authentication; and (d) proceeding with the authentication procedure when this user input corresponds to the first acceptable user input for user authentication. Additionally or optionally, when proceeding with this authentication procedure, the systems and methods further may include: displaying a second image on the screen; receiving new user input indicating a portion of the second image; and determining if this new input corresponds to a second acceptable user input for user authentication.Type: GrantFiled: January 15, 2014Date of Patent: February 7, 2017Assignee: Microsoft Technology Licensing, LLCInventors: Erik L. Holt, Matthew E. Kowalczyk, Russell Humphries