公开(公告)号：US08902043B1

公开(公告)日：2014-12-02

申请号：US13630849

申请日：2012-09-28

Applicant: EMC Corporation

Inventor： Karl Ackerman ,  Kenneth D. Ray ,  Lawrence N. Friedman ,  Roy Dagan ,  Alex Vaystikh ,  Roy Hodgman

IPC: G05B19/00 ,  G05B23/00 ,  G06F7/04 ,  G06F12/00

CPC classification number: G07C9/00166 ,  G06F21/40

Abstract: An authentication method and system to combat confirmation bias provides for an authentication system that upon matching an access request to a record for a given user in an authentication system further interrogates a set of secondary sources to determine that the individual requesting access is in fact the correct user.

Abstract translation: 一种用于对抗确认偏差的认证方法和系统提供了认证系统，其在认证系统中将访问请求与给定用户的记录相匹配时进一步询问一组次要来源以确定所述个人请求访问实际上是正确的 用户。

公开(公告)号：US08918844B1

公开(公告)日：2014-12-23

申请号：US13630388

申请日：2012-09-28

Applicant: EMC Corporation

Inventor： Lawrence N. Friedman ,  Karl Ackerman ,  Kenneth D. Ray ,  Yedidya Dotan

IPC: G06F7/04 ,  G06F15/16 ,  G06F17/30 ,  H04L29/06

CPC classification number: G06F21/42 ,  H04L63/107 ,  H04L69/28 ,  H04W4/023 ,  H04W4/043 ,  H04W12/08

Abstract: An improved technique involves authenticating a user based on ability of devices in the user's possession to corroborate environmental information between each other. As part of an authentication process, at least a primary device and a secondary device belonging to a user take readings of a particular set of environmental conditions, such as wireless networks that are active in a room in which they are contained. An authentication server can then verify that the primary and secondary devices are in the same room by corroborating the readings of the environmental conditions read from the primary and secondary devices, and base an authentication result on the corroboration.

Abstract translation: 改进的技术涉及基于用户拥有的设备的能力来认证用户以确认彼此之间的环境信息。 作为认证过程的一部分，属于用户的至少一个主设备和次要设备读取一组特定环境条件的读取，诸如在它们被包含的房间中活动的无线网络。 然后，认证服务器可以通过证实从主设备和辅助设备读取的环境条件的读数来验证主设备和辅助设备在同一个房间中，并且基于验证结果。

公开(公告)号：US09305161B1

公开(公告)日：2016-04-05

申请号：US13925289

申请日：2013-06-24

Applicant: EMC Corporation

Inventor： Ari Juels ,  Kenneth D. Ray ,  Gareth Richards

IPC: G06F21/46 ,  H04L29/06 ,  G06F21/30

CPC classification number: G06F21/46 ,  G06F21/31 ,  H04L9/085 ,  H04L9/0863 ,  H04L63/083 ,  H04L2463/062

Abstract: A password hardening system is arranged between one or more clients and a domain controller or other authentication entity. The password hardening system comprises a plurality of servers configured to store in a distributed manner respective shares of at least one of a hardened surrogate password and a corresponding user password. The password hardening system is configured to intercept a first set of one or more communications based at least in part on the user password and directed to an authentication entity external to the password hardening system, and to provide to the authentication entity in place of at least a portion of the intercepted first set of one or more communications a second set of one or more communications based at least in part on the hardened surrogate password. The password hardening system may be configured to serve as a proxy between an authenticating client and the authentication entity.

Abstract translation: 在一个或多个客户端和域控制器或其他认证实体之间设置密码强化系统。 密码硬化系统包括多个服务器，其被配置为以分布式方式存储硬化代理密码和对应的用户密码中的至少一个的相应共享。 密码强化系统被配置为至少部分地基于用户密码拦截第一组一个或多个通信，并指向密码硬化系统外部的认证实体，并且至少提供给认证实体 截取的第一组一个或多个通信的一部分至少部分地基于硬化的代理密码，一个或多个通信的第二组。 密码强化系统可以被配置为用作认证客户端和认证实体之间的代理。