公开(公告)号：US06831078B1

公开(公告)日：2004-12-14

申请号：US09600631

申请日：2001-02-12

申请人： David Reginald Adams ,  Jon Bentley ,  Corinna Dagmar Bodkin ,  Ian Anthony Cliffe ,  James Edward Paul Davidson ,  Howard Langham Mansell ,  Nathaniel Julius Monck ,  Robin Gerald Shepherd ,  by Joy Miriam Shepherd

发明人： David Reginald Adams ,  Jon Bentley ,  Corinna Dagmar Bodkin ,  Ian Anthony Cliffe ,  James Edward Paul Davidson ,  Howard Langham Mansell ,  Nathaniel Julius Monck ,  Robin Gerald Shepherd ,  by Joy Miriam Shepherd

IPC分类号： C07D20504

CPC分类号： C07D205/04

摘要： A compound of formula (1) wherein R1 is aryl; and R2 is hydrogen or alkyl; pharmaceutically acceptable addition compounds thereof; and their use in therapy, particularly for the treatment and prophylaxis of CNS disorders such as anxiety and epilepsy.

摘要翻译： 式（1）的化合物，其中R 1是芳基; 和R 2是氢或烷基; 其药学上可接受的加成化合物; 以及它们在治疗中的用途，特别是用于治疗和预防CNS疾病如焦虑和癫痫。

公开(公告)号：US08639937B2

公开(公告)日：2014-01-28

申请号：US10723416

申请日：2003-11-26

申请人： Amit Bagga ,  Jon Bentley ,  Lawrence O'Gorman

发明人： Amit Bagga ,  Jon Bentley ,  Lawrence O'Gorman

IPC分类号： G06F21/00

CPC分类号： G06F21/46 ,  G07C9/00142

摘要： A method and apparatus are provided for extracting information from a user's memory that will be easily recalled during future authentication yet is hard for an attacker to guess. The information might be a little-known fact of personal relevance to the user or the personal details surrounding a public event. The user is guided to appropriate topics and forms an indirect hint that is useful to the user yet not to an attacker. Information extraction techniques verify that the information is not easily attacked and to estimate how many bits of assurance the question and answer provide. The information extracted may be, e.g., Boolean (Yes/No), multiple choice, numeric, textual, or a combination of the foregoing. The enrollment process may schedule the sending of one or more reminder messages to the user containing the question (but not the answer) to reinforce the memory of the user.

摘要翻译： 提供了一种用于从用户的存储器提取信息的方法和装置，该信息将在以后的认证期间容易地被调用，但是攻击者很难猜测。 这些信息可能是一个鲜为人知的事实，即个人与用户的相关性或公共活动周围的个人信息。 用户被引导到适当的主题，并形成对用户而不是攻击者有用的间接提示。 信息提取技术验证信息不容易被攻击，并估计问题和答案提供的保证数量。 提取的信息可以是例如布尔（是/否），多项选择，数字，文本或前述的组合。 注册过程可以安排向包含问题（但不是答案）的用户发送一个或多个提醒消息以加强用户的存储器。

公开(公告)号：US09026654B2

公开(公告)日：2015-05-05

申请号：US11586709

申请日：2006-10-26

申请人： Jean Meloche ,  Shalini Yajnik ,  Parameshwaran Krishnan ,  Stanko Dimitrov ,  Colin L. Mallows ,  Jon Bentley

发明人： Jean Meloche ,  Shalini Yajnik ,  Parameshwaran Krishnan ,  Stanko Dimitrov ,  Colin L. Mallows ,  Jon Bentley

IPC分类号： G06F15/173 ,  H04L12/24 ,  H04L12/26

CPC分类号： H04L41/12 ,  H04L41/06 ,  H04L43/0811

摘要： Systems and methods for constructing and maintaining a peer-to-peer overlay graph are disclosed herein. The systems and methods include adding a node to the overlay graph. Adding the node includes choosing an edge that is not connected to the node, breaking the edge and connecting the node to broken edge nodes previously connected to the edge. The process is repeating if additional connections are need and node addition data is stored for the node.

摘要翻译： 本文公开了用于构建和维护对等覆盖图的系统和方法。 系统和方法包括将一个节点添加到重叠图。 添加节点包括选择未连接到节点的边缘，破坏边缘并将节点连接到先前连接到边缘的断裂边缘节点。 如果需要附加连接并且为节点存储节点添加数据，则该过程正在重复。

公开(公告)号：US20080279343A1

公开(公告)日：2008-11-13

申请号：US11747881

申请日：2007-05-11

申请人： Jon Bentley ,  Anjur Sundaresan Krishnakumar ,  David M. Weiss

发明人： Jon Bentley ,  Anjur Sundaresan Krishnakumar ,  David M. Weiss

IPC分类号： H04M3/08 ,  H04M3/22

CPC分类号： H04M1/21 ,  H04M1/22

摘要： A telephone of the corded or portable type includes a light source. The light source may or may not have an ability to be pivoted or swiveled to illuminate a desired portion of a room. In the case of a corded telephone, the light source may be detachable from the telephone. The light source may be automatically activated to provide emergency illumination when a power failure condition exists in a building. The light source may also be manually activated to provide a convenient illumination source for the user.

摘要翻译： 有线或便携式电话包括光源。 光源可以具有或不具有枢转或旋转以照亮房间的期望部分的能力。 在有线电话的情况下，光源可以与电话机分离。 当建筑物中存在电源故障条件时，可以自动激活光源以提供紧急照明。 也可以手动激活光源以为用户提供方便的照明源。

公开(公告)号：US20050114678A1

公开(公告)日：2005-05-26

申请号：US10815191

申请日：2004-03-31

申请人： Amit Bagga ,  Jon Bentley ,  Lawrence O'Gorman ,  Kiyoshi Sudo

发明人： Amit Bagga ,  Jon Bentley ,  Lawrence O'Gorman ,  Kiyoshi Sudo

IPC分类号： G06F21/00 ,  G07C9/00 ,  H04K1/00 ,  H04L9/00

CPC分类号： G07C9/00142 ,  G06F21/46

摘要： A method and apparatus are provided for evaluating the security of authentication information that is extracted from a user. The disclosed authentication information security analysis techniques determine whether extracted authentication information can be obtained by an attacker. The extracted authentication information might be, for example, personal identification numbers (PINs), passwords and query based passwords (questions and answers). A disclosed authentication information security analysis process employs information extraction techniques to verify that the authentication information provided by a user is not easily obtained through an online search. The authentication information security analysis process measures the security of authentication information, such as query based passwords, provided by a user. Information extraction techniques are employed to find and report relations between the proposed password and certain user information that might make the proposed password vulnerable to attack.

摘要翻译： 提供了一种用于评估从用户提取的认证信息的安全性的方法和装置。 所公开的认证信息安全分析技术确定是否可以由攻击者获得提取的认证信息。 提取的认证信息可以是例如个人识别码（PIN），密码和基于查询的密码（问题和答案）。 所公开的认证信息安全性分析处理采用信息提取技术来验证用户提供的认证信息是不容易通过在线搜索获得的。 认证信息安全分析过程测量用户提供的认证信息的安全性，例如基于查询的密码。 采用信息提取技术来查找和报告提出的密码与某些用户信息之间的关系，这些信息可能使提出的密码容易受到攻击。

公开(公告)号：US20050039056A1

公开(公告)日：2005-02-17

申请号：US10626482

申请日：2003-07-24

申请人： Amit Bagga ,  Jon Bentley ,  Lawrence O'Gorman

发明人： Amit Bagga ,  Jon Bentley ,  Lawrence O'Gorman

IPC分类号： G06F21/00 ,  H04K1/00 ,  H04L9/00 ,  H04M3/38 ,  H04M3/51

CPC分类号： G06F21/31 ,  G06F2221/2103 ,  G06F2221/2115 ,  H04M3/382 ,  H04M3/51

摘要： A three party authenticating protocol is disclosed. During an enrollment phase, a user contacts a call center and is directed to a user verification server. The user verification server instructs the user to select and answer a number of questions that will be used for verification. The selected questions along with identifying indices for each question are stored at the user's location and at the user verification server. The user verification server sends the question indices to the call center, which in turn sends these indices to the user to obtain answer indices for each question. During a verification phase, the user contacts the call center and an authentication module asks the user to provide an asserted identity. The authentication module provides a random selection of question indices from those selected by the user. The user provides answer indices for each question to the authentication module. If the number of correctly matching answers exceeds a threshold, then the user is verified. Otherwise, the user fails verification. After verification, the user is transferred from the authentication module of the call center to a human agent for further processing.

摘要翻译： 披露了三方认证协议。 在注册阶段期间，用户联系呼叫中心并被引导到用户验证服务器。 用户验证服务器指示用户选择并回答将用于验证的许多问题。 选择的问题以及每个问题的识别索引存储在用户的位置和用户验证服务器处。 用户验证服务器向呼叫中心发送问题索引，呼叫中心又将这些索引发送给用户以获得每个问题的答案索引。 在验证阶段期间，用户联系呼叫中心，认证模块要求用户提供断言的身份。 认证模块提供由用户选择的问题索引的随机选择。 用户向认证模块提供每个问题的答案索引。 如果正确匹配答案的数量超过阈值，则验证用户。 否则，用户验证失败。 验证后，将用户从呼叫中心的认证模块传送到人员进行进一步处理。

公开(公告)号：US20090003549A1

公开(公告)日：2009-01-01

申请号：US11770944

申请日：2007-06-29

申请人： Henry Baird ,  Jon Bentley ,  Daniel Lopresti ,  Sui-Yu Wang

发明人： Henry Baird ,  Jon Bentley ,  Daniel Lopresti ,  Sui-Yu Wang

IPC分类号： H04M11/00

CPC分类号： H04M3/436 ,  H04M3/493 ,  H04M2201/10

摘要： Methods and apparatus are provided for defending against telephone-based robotic attacks An interactive voice response method is provided for presenting a menu having one or more menu options to a caller. The method comprises the steps of obtaining a script to present to the caller, the script including the one or more menu options; permuting one or more characteristics of at least one of the one or more menu options; and presenting the permuted menu to the caller. The permutation may comprise, for example, adding one or more additional menu options to the menu; varying a selection number associated with the at least one menu option; varying an order of at least a plurality of the menu options; or varying a wording or pronunciation of one or more menu options.

摘要翻译： 提供了用于防止基于电话机器人攻击的方法和装置。提供交互式语音响应方法，用于向呼叫者呈现具有一个或多个菜单选项的菜单。 该方法包括以下步骤：获得向呼叫者呈现包括一个或多个菜单选项的脚本的脚本; 置换所述一个或多个菜单选项中的至少一个的一个或多个特征; 并向呼叫者呈现置换的菜单。 排列可以包括例如向菜单添加一个或多个附加菜单选项; 改变与所述至少一个菜单选项相关联的选择号码; 改变至少多个菜单选项的顺序; 或改变一个或多个菜单选项的措词或发音。

公开(公告)号：US20090003539A1

公开(公告)日：2009-01-01

申请号：US11770938

申请日：2007-06-29

申请人： Henry Baird ,  Jon Bentley ,  Daniel Lopresti ,  Sui-Yu Wang

发明人： Henry Baird ,  Jon Bentley ,  Daniel Lopresti ,  Sui-Yu Wang

IPC分类号： H04M1/64

CPC分类号： H04M3/493 ,  H04M3/382 ,  H04M2203/2027

摘要： Methods and apparatus are provided for defending against telephone-based robotic attacks. An interactive voice response method is disclosed, comprising the steps of obtaining a script to present to a caller, the script including at least one menu option having at least one personal code; generating a random number for the personal code; and presenting the at least one menu option with the generated random number to the caller. The step of generating a random number for the personal code is optionally responsive to receipt of the call. The method is optionally performed only if one or more predefined criteria defining an attack are satisfied. The disclosed IVR system can optionally monitor the caller response to determine whether the caller enters the generated random number.

摘要翻译： 提供了防止基于电话机器人攻击的方法和装置。 公开了一种交互式语音响应方法，包括以下步骤：获得向呼叫者呈现的脚本，所述脚本包括至少一个具有至少一个个人代码的菜单选项; 为个人密码生成随机数字; 以及向所述呼叫者呈现所生成的随机数的所述至少一个菜单选项。 为个人代码生成随机数的步骤可选地响应于接收到该呼叫。 仅当满足定义攻击的一个或多个预定标准时，可选地执行该方法。 所公开的IVR系统可以可选地监视呼叫者响应以确定呼叫者是否输入生成的随机数。

公开(公告)号：US20080155520A1

公开(公告)日：2008-06-26

申请号：US11586709

申请日：2006-10-26

申请人： Jean Meloche ,  Shalini Yajnik ,  P. Krishnan ,  Stanko Dimitrov ,  Colin L. Mallows ,  Jon Bentley

发明人： Jean Meloche ,  Shalini Yajnik ,  P. Krishnan ,  Stanko Dimitrov ,  Colin L. Mallows ,  Jon Bentley

IPC分类号： G06F9/45

CPC分类号： H04L41/12 ,  H04L41/06 ,  H04L43/0811

摘要： Systems and methods for constructing and maintaining a peer-to-peer overlay graph are disclosed herein. The systems and methods include adding a node to the overlay graph. Adding the node includes choosing an edge that is not connected to the node, breaking the edge and connecting the node to broken edge nodes previously connected to the edge. The process is repeating if additional connections are need and node addition data is stored for the node.

摘要翻译： 本文公开了用于构建和维护对等覆盖图的系统和方法。 系统和方法包括将一个节点添加到重叠图。 添加节点包括选择未连接到节点的边缘，破坏边缘并将节点连接到先前连接到边缘的断裂边缘节点。 如果需要附加连接并且为节点存储节点添加数据，则该过程正在重复。

公开(公告)号：US20050039057A1

公开(公告)日：2005-02-17

申请号：US10626483

申请日：2003-07-24

申请人： Amit Bagga ,  Jon Bentley ,  Lawrence O'Gorman

发明人： Amit Bagga ,  Jon Bentley ,  Lawrence O'Gorman

IPC分类号： G06F21/00 ,  G06F11/30 ,  G06F12/14

CPC分类号： G06F21/46 ,  G06F21/40 ,  G06F2221/2103 ,  G06F2221/2131

摘要： A query directed password scheme is disclosed that employs attack-resistant questions having answers that generally cannot be correlated with the user using online searching techniques, such as user opinions, trivial facts, or indirect facts. During an enrollment phase, the user is presented with a pool of questions from which the user must select a subset of such questions to answer. Information extraction techniques optionally ensure that the selected questions and answers cannot be correlated with the user. A security weight can optionally be assigned to each selected question. The selected questions should optionally meet predefined criteria for topic distribution. During a verification phase, the user is challenged with a random subset of the questions that the user has previously answered and answers these questions until a level of security for a given application is exceeded as measured by the number of correct questions out of the number of questions asked. Security may be further improved by combining the query directed password protocol with one or more additional factors such as Caller ID that assure that the questions are likely asked only to the registered user.

摘要翻译： 公开了一种查询定向密码方案，其采用具有通常不能使用在线搜索技术（例如用户意见，微不足道的事实或间接事实）与用户相关的答案的防攻击问题。 在注册阶段，向用户呈现一个问题池，用户必须从中选择一个这样的问题的子集来回答。 信息提取技术可选地确保所选问题和答案不能与用户相关联。 可以选择将安全权重分配给每个选定的问题。 选定的问题应该可选地满足主题分发的预定义标准。 在验证阶段期间，用户受到用户以前回答的问题的随机子集的挑战，并且回答这些问题，直到超过给定应用程序的安全级别超过了正确问题的数量 问题。 可以通过将查询定向密码协议与一个或多个附加因素（例如来电者ID）相结合来进一步改善安全性，以确保可能仅向注册用户询问问题。