-
1.发明授权Evidence-based dynamic scoring to limit guesses in knowledge-based authentication 有权基于证据的动态评分来限制基于知识的认证中的猜测公开(公告)号:US09124431B2
公开(公告)日:2015-09-01
申请号:US12466257
申请日:2009-05-14
IPC分类号: H04L9/32 , G06F17/27 , G06F21/31 , H04L12/759
CPC分类号: H04L9/3226 , G06F17/2785 , G06F17/2795 , G06F21/31 , H04L9/3218 , H04L45/028
摘要: Techniques to provide evidence-based dynamic scoring to limit guesses in knowledge based authentication are disclosed herein. In some aspects, an authenticator may receive an input from a user in response to a presentation of a personal question that enables user access to a restricted resource. The authenticator may determine that the input is not equivalent to a stored value, and thus is an incorrect input. The authenticator may then determine whether the input is similar to a previous input received from the user. A score may be assigned to the input. When the input is determined to be similar to the previous input, the score may be reduced. Another request for an input may be transmitted by the authenticator when a sum of the score and any previous scores of the session is less than a threshold.
摘要翻译: 本文公开了提供基于证据的动态评分以限制基于知识的认证中的猜测的技术。 在一些方面,认证者可以响应于允许用户访问受限资源的个人问题的呈现而从用户接收输入。 认证器可以确定输入不等于存储的值,因此是不正确的输入。 然后,认证器可以确定输入是否类似于从用户接收的先前输入。 可以将分数分配给输入。 当输入被确定为类似于先前的输入时,得分可能会降低。 当比赛的总和和会话的任何先前得分小于阈值时,由认证者发送另一个输入请求。
-
2.发明申请EVIDENCE-BASED DYNAMIC SCORING TO LIMIT GUESSES IN KNOWLEDGE-BASED AUTHENTICATION 有权基于知识的动态评分限制了基于知识的认证公开(公告)号:US20100293608A1
公开(公告)日:2010-11-18
申请号:US12466257
申请日:2009-05-14
CPC分类号: H04L9/3226 , G06F17/2785 , G06F17/2795 , G06F21/31 , H04L9/3218 , H04L45/028
摘要: Techniques to provide evidence-based dynamic scoring to limit guesses in knowledge based authentication are disclosed herein. In some aspects, an authenticator may receive an input from a user in response to a presentation of a personal question that enables user access to a restricted resource. The authenticator may determine that the input is not equivalent to a stored value, and thus is an incorrect input. The authenticator may then determine whether the input is similar to a previous input received from the user. A score may be assigned to the input. When the input is determined to be similar to the previous input, the score may be reduced. Another request for an input may be transmitted by the authenticator when a sum of the score and any previous scores of the session is less than a threshold.
摘要翻译: 本文公开了提供基于证据的动态评分以限制基于知识的认证中的猜测的技术。 在一些方面,认证者可以响应于允许用户访问受限资源的个人问题的呈现而从用户接收输入。 认证器可以确定输入不等于存储的值,因此是不正确的输入。 然后,认证器可以确定输入是否类似于从用户接收的先前输入。 可以将分数分配给输入。 当输入被确定为类似于先前的输入时,得分可能会降低。 当比赛的总和和会话的任何先前得分小于阈值时,认证者可以发送对输入的另一请求。
-
公开(公告)号:US09166797B2
公开(公告)日:2015-10-20
申请号:US12257765
申请日:2008-10-24
申请人: Thekkthalackal Varugis Kurien , Cormac E. Herley , Alice Jane Bernheim Brush , Daniel C. Robbins , Arindam Chatterjee , Scott Field
发明人: Thekkthalackal Varugis Kurien , Cormac E. Herley , Alice Jane Bernheim Brush , Daniel C. Robbins , Arindam Chatterjee , Scott Field
CPC分类号: H04L9/3263 , G06F13/24 , G06F2221/2149 , G07F7/0826 , G07F7/1008 , H04L2209/56
摘要: Systems and methods that establish a secured compartment that manages sensitive user transactions/information on a user's machine. The secured compartment qualifies user interaction with the machine, and separates such qualified interaction from other user activity on the machine. A user is switched to such secured compartment upon occurrence of a predetermined event, such as in form of: an explicit request (e.g., a secure attention sequence); an implicit request (e.g., inference of user activities); and presence of a peripheral device that is bound to the secured compartment (e.g., a USB)—wherein such actions typically cannot be generated by an application running outside the secured compartment.
摘要翻译: 建立安全隔间的系统和方法,用于管理用户机器上的敏感用户事务/信息。 安全隔间限定用户与机器的交互,并将这种合格的交互与机器上的其他用户活动分开。 在发生预定事件时,例如以明确的请求(例如,安全注意序列)的形式,用户切换到这样的安全隔间; 隐式请求(例如,推断用户活动); 以及绑定到固定隔间(例如,USB)的外围设备的存在,其中这样的动作通常不能由在安全隔间外部运行的应用程序产生。
-
公开(公告)号:US08825728B2
公开(公告)日:2014-09-02
申请号:US11453626
申请日:2006-06-15
CPC分类号: H04L63/145 , H04L63/083
摘要: Confidential information is provided to a proxy computer in communication between an unsecured computer and a computer having information desired by a user. The proxy computer receives the confidential information in either an encrypted form or having arbitrary information combined therewith. The proxy computer ascertains the confidential information and forwards it to the computer having the information desired by the user.
摘要翻译: 机密信息被提供给在不安全的计算机和具有用户期望的信息的计算机之间的通信中的代理计算机。 代理计算机以加密形式接收机密信息或者具有与之组合的任意信息。 代理计算机确定机密信息并将其转发给具有用户期望的信息的计算机。
-
公开(公告)号:US07343418B2
公开(公告)日:2008-03-11
申请号:US10161428
申请日:2002-06-03
申请人: Cormac E. Herley
发明人: Cormac E. Herley
IPC分类号: G06F15/16
CPC分类号: H04L67/104 , H04L67/1063 , H04L67/1082
摘要: A system and method for data distribution is disclosed. A bulletin board is employed to maintain a list of requests from nodes in the system. The requests indicate data requested and identify the node making the request. Nodes are able to post requests for data as long as they maintain a minimum performance level. Additionally, the nodes periodically check in with the bulletin board and receive the list of requests from the bulletin board. On determining to satisfy a particular request by a node, the node (serving node) contacts a requesting node (identified in the request) and transfers the requested data to the requesting node. After successful completion of the transfer, the requesting node reports to the bulletin board that the node has filled the request and the request is removed from the list of requests.
摘要翻译: 公开了一种用于数据分配的系统和方法。 采用公告牌来维护系统中节点的请求列表。 请求指示请求的数据,并标识发出请求的节点。 节点能够发布数据请求,只要它们保持最低的性能水平。 此外,节点还可以使用公告板定期检查并接收公告板上的请求列表。 在确定满足节点的特定请求时,节点(服务节点)联系请求节点(在请求中标识)并将请求的数据传送到请求节点。 在成功完成传输之后,请求节点向公告板报告节点填写了请求,并且请求从请求列表中移除。
-
6.发明授权公开(公告)号:US07305129B2
公开(公告)日:2007-12-04
申请号:US10808194
申请日:2004-03-24
IPC分类号: G06K9/46
CPC分类号: G06K9/033 , G06F17/243 , G06K9/00449 , G06K9/2054 , G06K2209/01
摘要: A computer-implemented method and apparatus are provided for populating an electronic form from an electronic image. The method and apparatus identify a size, orientation and position of an object within the electronic image, and identify information elements from pixels within the image that correspond to the object. Fields of the electronic form are displayed to a user along with the identified information elements through a graphical user interface. The information elements are parsed into tagged groups of different information types. At least some of the fields of the electronic form are populated with the tagged groups to produce a populated form. The user is allowed to edit the populated fields through the graphical user interface.
摘要翻译: 提供了一种用于从电子图像填充电子表格的计算机实现的方法和装置。 该方法和装置识别电子图像内的对象的大小,取向和位置,并且从图像中对应于对象的像素识别信息元素。 通过图形用户界面,电子表格的字段与所标识的信息元素一起显示给用户。 信息元素被分析成不同信息类型的标记组。 电子表格的至少一些字段填充有标记的组以产生填充形式。 允许用户通过图形用户界面编辑填充字段。
-
公开(公告)号:US20120110668A1
公开(公告)日:2012-05-03
申请号:US12912782
申请日:2010-10-27
IPC分类号: G06F21/00
摘要: A popularity determination module (PDM) is described which reduces the effectiveness of statistical guessing attacks. The PDM operates by receiving a password (or other secret information item) from a user. The PDM uses a model to determine whether the password is popular among a group of users. If so, the PDM may ask the user to select another password. In one implementation, the model corresponds to a probabilistic model, such a count-min sketch model. The probabilistic model provides an upper-bound assessment of a number of times that a password has been encountered. Further, the probabilistic model provides false positives (in which passwords are falsely assessed as popular) at a rate that exceeds a prescribed minimum rate. The false positives are leveraged to reduce the effectiveness of statistical guessing attacks by malicious entities.
摘要翻译: 描述了流行度确定模块(PDM),其降低了统计猜测攻击的有效性。 PDM通过从用户接收密码(或其他秘密信息项)来操作。 PDM使用模型来确定密码在一组用户中是否流行。 如果是这样,PDM可能会要求用户选择另一个密码。 在一个实现中,模型对应于概率模型,例如计数最小素描模型。 概率模型提供了密码遇到次数的上限评估。 此外,概率模型以超过规定的最低利率的速率提供误报(其中密码被错误地评估为流行)。 利用假阳性来降低恶意实体的统计猜测攻击的有效性。
-
公开(公告)号:US20100312548A1
公开(公告)日:2010-12-09
申请号:US12480877
申请日:2009-06-09
申请人: Cormac E. Herley
发明人: Cormac E. Herley
IPC分类号: G06F17/27
CPC分类号: G06F17/30967 , G06F9/453
摘要: Implementations use hash values in proxy for images to enable aggregating of images for creating a knowledge base regarding certain images determined to be of interest.
摘要翻译: 实现方式在图像的代理中使用散列值来启用图像的聚合,以创建关于确定感兴趣的某些图像的知识库。
-
公开(公告)号:US07734678B2
公开(公告)日:2010-06-08
申请号:US12045512
申请日:2008-03-10
申请人: Cormac E. Herley
发明人: Cormac E. Herley
IPC分类号: G06F15/16 , G06F15/173 , G06F7/00 , G06F17/00 , G06F17/30
CPC分类号: H04L67/104 , H04L67/1063 , H04L67/1082
摘要: A system and method for data distribution is disclosed. A bulletin board is employed to maintain a list of requests from nodes in the system. The requests indicate data requested and identify the node making the request. Nodes are able to post requests for data as long as they maintain a minimum performance level. Additionally, the nodes periodically check in with the bulletin board and receive the list of requests from the bulletin board. On determining to satisfy a particular request by a node, the node (serving node) contacts a requesting node (identified in the request) and transfers the requested data to the requesting node. After successful completion of the transfer, the requesting node reports to the bulletin board that the node has filled the request and the request is removed from the list of requests.
摘要翻译: 公开了一种用于数据分配的系统和方法。 采用公告牌来维护系统中节点的请求列表。 请求指示请求的数据,并标识发出请求的节点。 节点能够发布数据请求,只要它们保持最低的性能水平。 此外,节点还可以使用公告板定期检查并接收公告板上的请求列表。 在确定满足节点的特定请求时,节点(服务节点)联系请求节点(在请求中标识)并将请求的数据传送到请求节点。 在成功完成传输之后,请求节点向公告板报告节点填写了请求,并且请求从请求列表中移除。
-
公开(公告)号:US20100037319A1
公开(公告)日:2010-02-11
申请号:US12188442
申请日:2008-08-08
申请人: David J. Steeves , Cormac E. Herley
发明人: David J. Steeves , Cormac E. Herley
IPC分类号: G06F11/00
CPC分类号: G06F21/31 , G06F21/78 , G06F2221/2113 , G06F2221/2133
摘要: Systems and methods that resist malicious attacks on an intelligent storage device via an access control component that supplies security at a dual layer of defense. Such dual layer defense encompasses both resistance to brute force (e.g., unauthorized users), and resistance to a replay attack (e.g., a malicious code residing on a machine that hosts the intelligent storage device.) Accordingly, an access control component includes an anti malicious user component and an anti malicious code component, which can resist malicious attacks from both a person and a host unit with a malicious code residing thereon.
摘要翻译: 通过访问控制组件阻止对智能存储设备的恶意攻击的系统和方法,这些访问控制组件在双重防御层面提供安全性。 这种双层防御包括抵抗暴力(例如,未经授权的用户)以及抵抗重播攻击(例如驻留在托管智能存储设备的机器上的恶意代码)。因此,访问控制组件包括防 恶意用户组件和反恶意代码组件,其可以抵抗来自人和主机单元的恶意攻击,其中驻留有恶意代码。
-
-
-
-
-
-
-
-
-
搜索结果
36 条记录 (耗时 0.217 秒)
