Information security – Access control or authentication – Network
Reexamination Certificate
2007-05-08
2007-05-08
Wright, Norman M. (Department: 2134)
Information security
Access control or authentication
Network
C726S010000, C726S008000, C726S011000, C726S006000, C726S007000, C726S004000
Reexamination Certificate
active
10276842
ABSTRACT:
An adaptive multi-tier authentication system provides secondary tiers of authentication which are used only when the user attempts a connection from a new environment. The invention accepts user input such as login attempts and responses to the system's questions. User login information such as IP address, originating phone number, or cookies on the user's machine are obtained for evaluation. User/usage profiles are kept for each user and the user login information is compared to the information from the user/usage profile for the specific user which contains all of the user information that the user used to establish the account and also the usage profile detailing the user's access patterns. The trust level of the current user login location is calculated and the invention determines if any additional questions to the user are required. If the trust level is high, then the user is granted access to the system. If the trust level is not high enough, then questions are sent to the user and the user's answers are evaluated and access is granted or denied based on the trust level and answers. The user's profile is updated to reflect the access attempt.
REFERENCES:
patent: 5414833 (1995-05-01), Hershey et al.
patent: 5684951 (1997-11-01), Goldman et al.
patent: 5751814 (1998-05-01), Kafri
patent: 5875296 (1999-02-01), Ault et al.
patent: 6199113 (2001-03-01), Alegre et al.
patent: 6334121 (2001-12-01), Primeaux et al.
patent: 6343280 (2002-01-01), Clark
patent: 6640238 (2003-10-01), Bowman-Amuah
patent: 6658091 (2003-12-01), Naidoo et al.
patent: 6691232 (2004-02-01), Wood et al.
patent: 6988208 (2006-01-01), Hrabik et al.
patent: 2001/0034847 (2001-10-01), Gaul
patent: 2001/0056405 (2001-12-01), Muyres
patent: 2002/0042884 (2002-04-01), Wu
patent: 2003/0041141 (2003-02-01), Abdelaziz
patent: 2004/0024851 (2004-02-01), Naidoo
patent: 2004/0041910 (2004-03-01), Naidoo
patent: 2004/0064568 (2004-04-01), Arora
patent: 2004/0064693 (2004-04-01), Pabla
patent: 2004/0086088 (2004-05-01), Naidoo
patent: 2004/0086089 (2004-05-01), Naidoo
patent: 2004/0086090 (2004-05-01), Naidoo
patent: 2004/0086091 (2004-05-01), Naidoo
patent: 2004/0088347 (2004-05-01), Yeager
patent: 2004/0088369 (2004-05-01), Yeager
patent: 2004/0093268 (2004-05-01), Ramchandani
patent: 2004/0199770 (2004-10-01), Roskind
patent: 2005/0132060 (2005-06-01), Mo
patent: 2005/0187934 (2005-08-01), Motsinger
patent: 2005/0188079 (2005-08-01), Motsinger
patent: 2005/0188080 (2005-08-01), Motsinger
patent: 2005/0188222 (2005-08-01), Motsinger
patent: 2005/0188423 (2005-08-01), Motsinger
patent: 2005/0198099 (2005-09-01), Motsinger
patent: 2005/0203773 (2005-09-01), Soto
patent: 1 197 828 (2002-04-01), None
patent: WO 98/51029 (1998-11-01), None
patent: WO 98 51029 (1998-11-01), None
patent: WO 99 65207 (1999-12-01), None
patent: WO 99/65207 (1999-12-01), None
patent: WO 2004/114082 (2000-12-01), None
patent: WO 01/38999 (2001-05-01), None
patent: WO 01/73553 (2001-10-01), None
patent: WO 01/90859 (2001-11-01), None
patent: WO 02/32047 (2002-04-01), None
patent: WO 2004/044688 (2004-05-01), None
patent: WO 2005/060138 (2005-06-01), None
patent: WO 2005/069823 (2005-08-01), None
Lunt; Knowledge-Based Intrusion Detection; Stanford University, Computer Science Department.
Crosbie, M. et al.; Active Defense of a Computer System using Autonomous Agents; Department of Computer Sciences, Purdue University, West Lafayette, IN; Feb. 15, 1995.
Sequeira, K. et al.; ADMIT: Anomaly-Based Data Mining for Intrusions; Computer Science Department, Rensselaer Polytechnic Institute, Troy, NY.
Lane, T. et al.; An Application of Machine Learning to Anomaly Detection; School of Electrical and Computer Engineering, Purdue University, West Lafayette, IN; Feb. 14.
Abad, C. et al.; Log Correlation for Intrusion Detection: A Proof of Concept; Department of Computer Science, University of Illinois at Urbana-Champaign.
Endler, D.; Intrusion Detection Applying Machine Learning to Solaris Audit Data; Department of Electrical Engineering and Computer Science, Tulane University, New Orleans.
Gonzalez, L.; Current Approaches to Detecting Intrusions; Nova Southeastern University, Graduate School of Computer and Information Sciences, Fort Lauderdale, FL; 2002.
Lane, T. et al.; Detecting the Abnormal: Machine Learning in Computer Security; School of Electrical and Computer Engineering, Purdue University, West Lafayette, IN; Januar.
Smith, Sidney L.; Authenticating Users by Word Association; Dec. 1987; Computers & Security.
Furui, Sadaoki; Cepstral Analysis Technique for Automatic Speaker Verification; IEEE Transactions on Acoustics, Speech, and Signal Processing, vol. ASSp-9, No. 2, Apr. 1981; pp. 254-272; Japan.
Schalk, Thomas B.; Speaker Verification Over the Telephone Network; Feb./Mar. 1991; Dallas, TX; pp. 32-35.
Roskind Jim
Ward Rory
AOL LLC a Delaware limited liability company
Glenn Michael A.
Glenn Patent Group
Wright Norman M.
LandOfFree
Adaptive multi-tier authentication system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Adaptive multi-tier authentication system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Adaptive multi-tier authentication system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3813111