Data processing: database and file management or data structures – Database design – Data structure types
Reexamination Certificate
2000-05-19
2003-07-01
Robinson, Greta (Department: 2177)
Data processing: database and file management or data structures
Database design
Data structure types
Reexamination Certificate
active
06587853
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
This invention relates to authentication systems and artificial intelligence, specifically to an inference system for troubleshooting and maintenance of authentication apparatus.
2. Description of Related Art
To prevent unauthorized access to systems and facilities, many corporations and agencies provide their staff with personal authentication devices such as the credit card sized calculator device in U.S. Pat. No. 4,720,860 to Weiss, Jan. 19, 1998. These devices (tokens) augment or replace traditional password authentication systems (password systems). Token-based authentication provides superior security, when compared to password authentication. Once in use, authentication tokens allow the staff members to obtain secure access to corporate resources. Often these resources are critical to performing tasks.
When put into practice, these devices and the system components that are necessary for operation (token authentication system) can be comparatively complex. Specifically, the commercial system using Weiss's apparatus has a complexity of usage and of operating state in excess of password systems. The complex states of token authentication systems increase the likelihood of authentication trouble. Whereas password systems have a trivial problem state, token authentication systems have many problem states due to the complexity. The erroneous rejection of an authorized user during authentication is the primary symptom. Historically, the rate of problem occurrence in token authentication systems exceeds that of password systems. Problem states for token authentication systems include user not knowledgeable of token usage, user forgot PIN (personal identification number), token expired, token disabled, and time reference drift. The problem occurrence rate scales up when thousands of users are given authentication devices. The problem states for password systems is trivial, the user forgot the password. Authentication problems with tokens are typically of high urgency, since the staff member with the problem cannot obtain access to the systems needed to perform a task. To enable the staff member to perform their task in a timely manner, the problem should be remedied as quickly as possible. Unfortunately due to the increased complexity, token authentication problems require more time and skill to solve, when compared to password systems. The delay may result in loss of productivity for the staff members unable to attain system access.
Also due to the increased complexity, token authentication systems require system knowledge and skilled troubleshooting when problems arise. These skills are unique to the particular token authentication system and exceed the skills required for password systems. Authentication problems are typically solved by service personnel, which are trained to solve many types of problems. Service personnel need additional training and on-the-job experience to build the skills necessary for solving problems specific to token authentication systems. The training consumes more resources than those required for password systems. There is a time lag between the time the service personnel start training and the time when troubleshooting proficiency is attained. During that time before proficiency is reached, staff members with authentication problems who call these service personnel, will receive degraded service with possible loss in productivity. Of course, degraded service is counter to the goals of all service organizations.
Troubleshooting complex authentication systems in an urgent service environment demands a high degree of attention and focus from the service personnel. Issues that must be managed simultaneous to the troubleshooting activity will, in all likelihood, receive reduced attention. This can result in reduced attention on one key issue, the awareness of security and security policies. Unfortunately, reduced attention on security enhances the opportunity for successful security attacks, targeted on the service personnel themselves. This class of security attack is known as “social engineering”. It is understood that, social engineering attacks primarily take advantage of situations that reduce security awareness. Troubleshooting complex systems is a situation that draws attention away from security, thereby weakening security.
When thousands of staff members use token authentication, many skilled service personnel need to be on duty at all hours to solve potential authentication problems. To properly service thousands of staff members using token authentication, the number of service personnel must be increased or the existing personnel must be increasingly burdened. The overall effect is an increase in resource requirements to properly service thousands of users who have authentication tokens. These resource increases are in excess of those needed for password authentication.
Thus when put into practice, authentication tokens introduce a new and complex system to the array of systems already present. Due to the critical need that users be able to access the systems being protected by tokens there is a requirement to consistently, quickly and securely troubleshoot and maintain the complex system.
OBJECTS AND ADVANTAGES
Accordingly, several objects and advantages of this invention are:
(a) to provide an inference system that quickly and accurately solves authentication problems in the complex systems used for token authentication—this addresses the increased problem occurrence rate introduced by the added system complexity and addresses the need to urgently solve user authentication problems manifest in complex authentication systems;
(b) to provide an inference system that delivers consistent, expert-level performance for token authentication system troubleshooting in spite of the variable skills of service personnel—this eliminates degraded troubleshooting performance, due to service personnel who are not skilled in token authentication troubleshooting;
(c) to provide an inference system that reduces the service skills and system knowledge required for token authentication system troubleshooting—this reduces the resources needed to train a large number of service personnel to be proficient at authentication troubleshooting;
(d) to provide an inference system that reduces the demand for service personnel attention and explicitly reminds service personnel of security policy during operations that are encountered as a result of authentication problems—this raises the security awareness of personnel, which is the primary defense against social engineering attacks;
(e) to provide an inference system that can be used by staff members with authentication tokens to solve their own authentication problems without using service personnel—this further reduces the service resources needed to troubleshoot authentication problems;
(f) to provide an inference system that can be used to automatically perform administrative tasks required to maintain authentication systems;
Further objects and advantages are to provide an inference system which can be integrated with an authentication system, which has self-contained artificial knowledge or patterns related to troubleshooting and maintaining authentication systems, which contains sufficient knowledge or patterns to solve the classes of authentication problems that consume service resources, which enables companies and agencies to avoid large increases in service resources when deploying authentication tokens to thousands of users, which contains knowledge or patterns that can be enhanced to solve new problems as they are discovered. Still further objects and advantages will become apparent from a consideration of the ensuing description and drawing.
SUMMARY OF THE INVENTION
The objects of the invention are achieved through troubleshooting apparatus for use with a user authentication subsystem of a type that employs a complex user authentication technique such as authentication by token. The apparatus receives inputs from and produces outputs to an inter
Nelson Gordon E.
Plum Software Associates, Inc.
Rayyan Susan
Robinson Greta
LandOfFree
System that employs inferencing for troubleshooting complex... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System that employs inferencing for troubleshooting complex..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System that employs inferencing for troubleshooting complex... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3070776