摘要:
A method for orchestrating peer authentication during a call (e.g., a telephone call, a conference call between three or more parties, an instant messaging [IM] chat session, etc.) is disclosed. In particular, a user is first authenticated in order to participate in a call (e.g., via entering a password, etc.), and subsequently during the call the user may be peer authenticated. In accordance with the illustrative embodiment, a user who participates in a call might be prompted to authenticate another user on the call based on particular events or user behavior during the call.
摘要:
A method for orchestrating peer authentication during a call (e.g., a telephone call, a conference call between three or more parties, an instant messaging [IM] chat session, etc.) is disclosed. In particular, a user is first authenticated in order to participate in a call (e.g., via entering a password, etc.), and subsequently during the call the user may be peer authenticated. In accordance with the illustrative embodiment, a user who participates in a call might be prompted to authenticate another user on the call based on particular events or user behavior during the call.
摘要:
An apparatus and method are disclosed for determining authentication frequency (i.e., the length of time between authenticating and re-authenticating a user) and challenge type (e.g., username/password, fingerprint recognition, voice recognition, etc.) based on what software applications a user is running on a data-processing system, and how those applications are being used (e.g., what functions are used, what data is input to or output by the application, how often and for how long applications are used, what input devices and output devices are used, etc.) Advantageously, the illustrative embodiment enables authentication frequency and challenge type to be adjusted based on the likelihood of malicious activity and/or the potential cost of malicious activity, as inferred from current and past application usage. In addition, the illustrative embodiment enables selection of an authentication challenge type that is less intrusive to a user based on current application usage.
摘要:
An apparatus and methods are disclosed for authenticating users of wireless telecommunications terminals. In particular, the present invention enables the timing and type of authentication challenges to vary based on one or more of: the user's current geo-location, the current day and time, the presence or absence of other nearby users, and the identity of any nearby users. In accordance with the illustrative embodiment, the re-authentication time period (i.e., the length of time between authenticating and re authenticating a user) and the authentication challenge type (e.g., username/password, fingerprint recognition, etc.) can be determined based on these factors. The present invention is advantageous in that it enables the shortening of the re-authentication time and the selection of a more secure type of authentication challenge when it is more likely that a user's wireless telecommunications terminal might be accidentally left behind or stolen.
摘要:
Methods and apparatus are disclosed for authenticating a user based on the geo-location history of a geo-location-enabled wireless device (e.g., a GPS-enabled wireless telecommunications terminal, a smart card, an RFID tag, etc.). In a first illustrative embodiment, a user of a geo-location-enabled wireless telecommunications terminal (e.g., a GPS-enabled cell phone, a GPS-enabled notebook computer, etc.) who attempts to access a restricted resource is challenged with one or more questions that are generated from the terminal's geo-location history. In a second illustrative embodiment, a user of a data-processing system who attempts to access a restricted resource is asked to provide a username Z. The user is then challenged with one or more questions that are generated from the geo-location history of a wireless device that is associated with username Z (e.g., a cell phone that belongs to the user whose username is Z, etc.).
摘要:
An apparatus and methods are disclosed for authenticating users of wireless telecommunications terminals. In particular, the present invention enables the timing and type of authentication challenges to vary based on one or more of: the user's current geo-location, the current day and time, the presence or absence of other nearby users, and the identity of any nearby users. In accordance with the illustrative embodiment, the re-authentication time period (i.e., the length of time between authenticating and re-authenticating a user) and the authentication challenge type (e.g., username/password, fingerprint recognition, etc.) can be determined based on these factors. The present invention is advantageous in that it enables the shortening of the re-authentication time and the selection of a more secure type of authentication challenge when it is more likely that a user's wireless telecommunications terminal might be accidentally left behind or stolen.
摘要:
Methods and apparatus are disclosed for authenticating a user based on the geo-location history of a geo-location-enabled wireless device (e.g., a GPS-enabled wireless telecommunications terminal, a smart card, an RFID tag, etc.). In a first illustrative embodiment, a user of a geo-location-enabled wireless telecommunications terminal (e.g., a GPS-enabled cell phone, a GPS-enabled notebook computer, etc.) who attempts to access a restricted resource is challenged with one or more questions that are generated from the terminal's geo-location history. In a second illustrative embodiment, a user of a data-processing system who attempts to access a restricted resource is asked to provide a username Z. The user is then challenged with one or more questions that are generated from the geo-location history of a wireless device that is associated with username Z (e.g., a cell phone that belongs to the user whose username is Z, etc.).
摘要:
An apparatus and method are disclosed for determining authentication frequency (i.e., the length of time between authenticating and re-authenticating a user) and challenge type (e.g., username/password, fingerprint recognition, voice recognition, etc.) based on what software applications a user is running on a data-processing system, and how those applications are being used (e.g., what functions are used, what data is input to or output by the application, how often and for how long applications are used, what input devices and output devices are used, etc.) Advantageously, the illustrative embodiment enables authentication frequency and challenge type to be adjusted based on the likelihood of malicious activity and/or the potential cost of malicious activity, as inferred from current and past application usage. In addition, the illustrative embodiment enables selection of an authentication challenge type that is less intrusive to a user based on current application usage.
摘要:
An apparatus and method are disclosed for determining authentication frequency (i.e., the length of time between authenticating and re-authenticating a user) and challenge type (e.g., username/password, fingerprint recognition, voice recognition, etc.) based on one or more environmental properties (e.g., ambient noise level, ambient luminosity, temperature, etc.), or one or more physiological properties of a user (e.g., heart rate, blood pressure, etc.), or both. Advantageously, the illustrative embodiment enables authentication frequency and challenge type to be adjusted based on the likelihood of malicious activity, as inferred from these properties. In addition, the illustrative embodiment enables the authentication challenge type to be tailored to particular environmental conditions (e.g., noisy environments, dark environments, etc.).
摘要:
An apparatus and methods are disclosed for authenticating users of wireless telecommunications terminals. A user is authenticated by instructing the user to travel to a geo-location, where the geo-location is referred to by an identifier that the user has previously associated with the geo-location. When the user chooses identifiers that are meaningful to the user, but that do not indicate the associated geo-locations to other people, the user can be securely authenticated via the following procedure: (i) select one of the identifiers that the user has defined, (ii) instruct the user to “go to ,” and (iii) declare the user authenticated if and only if the user visits the geo-location associated with before a timeout expires.