Electrical computers and digital processing systems: support – System access control based on user identification by... – Using record or token
Reexamination Certificate
2006-01-31
2006-01-31
Barroń, Jr., Gilberto (Department: 2134)
Electrical computers and digital processing systems: support
System access control based on user identification by...
Using record or token
C379S114200, C709S219000, C713S183000, C713S152000, C713S152000
Reexamination Certificate
active
06993658
ABSTRACT:
A password setting system for a secure system includes a user token server and a communication module. The user token server generates a random token in response to a request for a new password from a user. The server creates a new password by concatenating a secret passcode that is known to the user with the token. The server sets the password associated with the user's user ID to be the new password. The communication module transmits the token to a personal communication device, such as a mobile phone or a pager carried by the user. The user concatenates the secret passcode with the received token in order to form a valid password, which the user submits to gain access to the secure system. Accordingly, access to the system is based upon: nonsecret information known to the user, such as the user ID; secret information known to the user, such as the passcode; and information provided to the user through an object possessed by the user, such as the token.
REFERENCES:
patent: 5153919 (1992-10-01), Reeds et al.
patent: 5265155 (1993-11-01), Castro
patent: 5323146 (1994-06-01), Glaschick
patent: 5497411 (1996-03-01), Pellerin
patent: 5590198 (1996-12-01), Lee et al.
patent: 5749075 (1998-05-01), Toader et al.
patent: 5875394 (1999-02-01), Daly et al.
patent: 5923763 (1999-07-01), Walker et al.
patent: 5949882 (1999-09-01), Angelo
patent: 5956633 (1999-09-01), Janhila
patent: 6049877 (2000-04-01), White
patent: 6075860 (2000-06-01), Ketcham
patent: 6078908 (2000-06-01), Schmitz
patent: 6161182 (2000-12-01), Nadooshan
patent: 6173400 (2001-01-01), Perlman et al.
patent: 6226364 (2001-05-01), O'Neil
patent: 6795852 (2004-09-01), Kleinrock et al.
patent: A-63545/98 (1998-05-01), None
patent: 9863545 (1998-11-01), None
patent: 0 875 871 (1998-11-01), None
Menezes, “Handbook of Applied Cryptography,” 1997, p. 390.
Security Dynamics-SecurID Tokens Datasheet, http://www.computerterps.com/internet/security/secdyn/tokens.html., last modified Jul. 31, 1998.
ACE/Server, http://www.computerps.com/internet/security/secdyn/aceserv.html, last modified Jul. 15, 1998.
RSA Security Inc.-RSA SecurID Two-Factor Authenication System, http://www.securid.com/products/securid/index.html., printed on Mar. 3, 2000.
24-hour cellphone cyberwatch—Internet—printed on May 19, 2000.
Monkey as authentication software—Internet—2 pages, printed on May 19, 2000.
Monkey (mobile network key)—Internet—6 pages, printed on May 19, 2000.
International Search Report for PCT/US01/07058 (3-pages).
Engberg Sten-Olov
Jonsson Ake
April System Design AB
Barro, Jr. Gilberto
Heneghan Matthew
Knobbe Martens Olson & Bear LLP
LandOfFree
Use of personal communication devices for user authentication does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Use of personal communication devices for user authentication, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Use of personal communication devices for user authentication will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3573784