Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
2005-08-30
2005-08-30
Song, Hosuk (Department: 2135)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C713S152000, C713S152000
Reexamination Certificate
active
06938167
ABSTRACT:
A technique for defining a system with enhanced trust is disclosed, in which an immediate contact is made with the user on the enhanced trust system when a compromise is first detected, e.g. when there is a second log in attempt from another location. Using these communications channels, the service can often contact the compromised user and ask for confirmation of the results, i.e. to change password or login, from a reduced trust machine. As a result, even if an attacker steals a password, the true user on the enhanced trust machine is able to preclude a login or preclude a password change. In each case, if the user of the enhanced trust machine does not respond within some short period of time, then a less trusted machine can be allowed to proceed. The invention comprehends two definitions of an enhanced trust machine. In a first embodiment of the invention, an enhanced trust machine is a machine where the user is currently logged in at the time that the second, less trusted machine attempts a login. A second embodiment of the invention comprehends an enhanced trust machine where the user has logged in repeatedly over a course of numerous weeks, as compared with a lesser trusted machine that the user has never logged into before and which is now asking for a change of the password. In this case, the system may or may not find the less trusted machine to be just that based on actions that are experientially inconsistent with what is expected.
REFERENCES:
patent: 5418854 (1995-05-01), Kaufman et al.
patent: 5497421 (1996-03-01), Kaufman et al.
patent: 5577254 (1996-11-01), Gilbert
patent: 5611048 (1997-03-01), Jacobs et al.
patent: 5659617 (1997-08-01), Fischer
patent: 5757916 (1998-05-01), MacDoran et al.
patent: 5793952 (1998-08-01), Limsico
patent: 5896499 (1999-04-01), McKelvey
patent: 5903830 (1999-05-01), Joao et al.
patent: 5937159 (1999-08-01), Meyers et al.
patent: 5944794 (1999-08-01), Okamoto et al.
patent: 5987440 (1999-11-01), O'Neil et al.
patent: 6005939 (1999-12-01), Fortenberry et al.
patent: 6021496 (2000-02-01), Dutcher et al.
patent: 6044465 (2000-03-01), Dutcher et al.
patent: 6052122 (2000-04-01), Sutcliffe et al.
patent: 6065054 (2000-05-01), Dutcher et al.
patent: 6078955 (2000-06-01), Konno et al.
patent: 6081893 (2000-06-01), Grawrock et al.
patent: 6091737 (2000-07-01), Hong et al.
patent: 6092199 (2000-07-01), Dutcher et al.
patent: 6122740 (2000-09-01), Andersen
patent: 6148404 (2000-11-01), Yatsukawa
patent: 6157618 (2000-12-01), Biss et al.
patent: 6198824 (2001-03-01), Shambroom
patent: 6249282 (2001-06-01), Sutcliffe et al.
patent: 6321338 (2001-11-01), Porras et al.
patent: 6334121 (2001-12-01), Primeaux et al.
patent: 6339828 (2002-01-01), Grawrock et al.
patent: 6405318 (2002-06-01), Rowland
patent: 6446092 (2002-09-01), Sutter
patent: 6470450 (2002-10-01), Langford et al.
patent: 6772332 (2004-08-01), Boebert et al.
patent: 181 503 (1992-05-01), None
patent: 1 076 279 (2001-02-01), None
A Remote Password Authentication Scheme for Multiserver Architecture Using Neural Netowrks; Li-Hus Li, Luon-Chang Lin, and Min-Shiang Hwang; IEEE Transactions on Neural Networks; Nov. 2001.
A Simple Active Attack Against TCP; Laurent Joncheray; Merit Network, Inc.; Apr. 24, 1995.
Countering Abuse of Name-Based Authentication; Christoph L. Schuba and Eugene H. Spafford; COAST Laboratory.
Securing Remote Access—The S/KEY™ System; N.J. Long;; University of Oxford.
A Modified Remote Login Authentication Scheme Based on Geometric Approach; Hung-Yu Chien, Jinn-Ke Jan, and Yuh-Min Tseng; Journal of Systems and Software; Jan. 15, 2001.
Simple and Secure Password Authentication Protocol; M. Sandirigama, A. Shimizu, and M.-T, Noda; IEICE Transactions on Communications; Jun. 2000.
Impersonation Attack on Tan-Shu's Remote Login Scheme; Hung-Yu Chien, Jinn-Ke Jan, and Yuh-Min Tseng; Electronics Letters; Jul. 6, 2000.
Shared Authentication Token Secure Against Replay and Weak Key Attacks; Sung-Ming Yen, and Juo-Hong Liao; Information Processing Letters; Apr. 28, 1997.
Remote Login Authentication Scheme Based on a Geometric Approach; Tzong-Chen Wu; Computer Communications; Dec. 1995.
Public-Key Based Dynamic Password Scheme; L. Harn; 1991 Symposium on Applied Computing; Apr. 3-5, 1991.
America Online Inc.
Glenn Michael A.
Glenn Patent Group
Song Hosuk
LandOfFree
Using trusted communication channel to combat user... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Using trusted communication channel to combat user..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Using trusted communication channel to combat user... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3447215