What technology area does this patent fall under?

Primary CPC classification G06F21/445. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue Dec 25 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).

End user initiated access server authenticity check

US10164971B2 · US · B2

Patent metadata
Field	Value
Publication number	US-10164971-B2
Application number	US-201514920807-A
Country	US
Kind code	B2
Filing date	Oct 22, 2015
Priority date	Oct 22, 2015
Publication date	Dec 25, 2018
Grant date	Dec 25, 2018

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Techniques are disclosed for enabling a user to validate the authenticity of a computing system (e.g., an access management system) such as one which controls access to one or more resources. A user can determine the authenticity of an access management system before the user provides credential information to the access management system. A user can be presented at a client system with an interface to request authentication of an access management system. The access management system may provide the user at the client system with temporary access information to submit back to the access management system. The access management system may provide recent personal information to the user at the client system to verify the access management system. Upon verification of the personal information, the access management system may prompt the user for credential information to establish a session.

First claim

Opening claim text (preview).

What is claimed is: 1. A method comprising: receiving, by a computing system of an access management system, from a computing device operated by a user, a validation request to authenticate the access management system, the validation request including user identification information associated with the user; sending, by the computing system, to a destination associated with the user based on the user identification information, temporary access information for the user to authenticate the access management system; receiving, by the computing system, a first response including the temporary access information; upon verifying the temporary access information received in the first response, sending, by the computing system, personal information about the user to the computing device, the personal information being selected from current records of the user available from a third party system that is different from the access management system; receiving, from the computing device, a second response, the second response indicating a confirmation by the user of the personal information and the second response including credential data of the user; and determining, by the computing system, authentication of the user to access the resource from the computing device, wherein the authentication is determined based on the credential data and the confirmation of the personal information received in the second response. 2. The method of claim 1 , further comprising: upon determining that the user is not authenticated to access the resource from the computing device, sending, to the computing device, a request for credential information of the user; and wherein the computing device sends the validation request in response to the request for credential information. 3. The method of claim 1 , wherein the destination is the computing device. 4. The method of claim 1 , wherein the destination is a device associated with the user, and wherein the device is different from the computing device. 5. The method of claim 4 , wherein the first response is received from the destination. 6. The method of claim 1 , further comprising: determining that the user identification information is associated with the user; and identifying the destination based on the user identification information. 7. The method of claim 1 , wherein the temporary access information is associated with a time period, wherein verifying the temporary access information includes determining a response time is within the time period, and wherein the response time is based on a time for receiving the first response after the temporary access information is sent to the computing device. 8. The method of claim 1 , further comprising: upon verifying the temporary access information received in the first response, generating the personal information before sending the personal information. 9. The method of claim 8 , wherein the personal information includes financial information about the user determined after the temporary access information is verified. 10. An access management system comprising: one or more processors; and a memory coupled with and readable by the one or more processors, the memory storing a set of instructions that, when executed by the one or more processors, causes the one or more processors to: receive, from a computing device operated by a user, a validation request to authenticate the access management system, the validation request including user identification information associated with the user; send, to a destination associated with the user based on the user identification information, temporary access information for the user to authenticate the access management system; receive a first response including the temporary access information; upon verifying the temporary access information received in the first response, send personal information about the user to the computing device, the personal information being selected from current records of the user available from a third party system that is different from the access management system; receive, from the computing device, a second response, the second response indicating a confirmation by the user of the personal information and the second response including credential data of the user; and determine authentication of the user to access the resource from the computing device, wherein the authentication is determined based on the credential data and the confirmation of the personal information received in the second response. 11. The access management system of claim 10 , wherein the set of instructions, when executed by the one or more processors, further causes the one or more processors to: upon determining that the user is not authenticated to access the resource from the computing device, sending, to the computing device, a request for credential information of the user; and wherein the computing device sends the validation request in response to the request for credential information. 12. The access management system of claim 10 , wherein the destination is a device associated with the user, and wherein the device is different from the computing device. 13. The access management system of claim 10 , wherein the set of instructions, when executed by the one or more processors, further causes the one or more processors to: determine that the user identification information is associated with the user; and identify the destination based on the user identification information. 14. The access management system of claim 10 , wherein the temporary access information is associated with a time period, wherein verifying the temporary access information includes determining a response time is within the time period, and wherein the response time is based on a time for receiving the first response after the temporary access information is sent to the computing device. 15. The access management system of claim 10 , wherein the set of instructions, when executed by the one or more processors, further causes the one or more processors to: upon verifying the temporary access information received in the first response, generate the personal information before sending the personal information, wherein the personal information includes financial information about the user determined after the temporary access information is verified. 16. A non-transitory computer-readable medium storing a set of instructions that, when executed by one or more processors, causes the one or more processors to: receiving, by a computing system of an access management system, from a computing device operated by a user, a validation request to authenticate the access management system, the validation request including user identification information associated with the user; sending, by the computing system, to a destination associated with the user based on the user identification information, temporary access information for the user to authenticate the access management system; receiving, by the computing system, a first response including the temporary access information; upon verifying the temporary access information received in the first response, sending, by the computing system, personal information about the user to the computing device, the personal information being selected from current records of the user available from a third party system that is different from the access management system; receiving, from the computing device, a second response, the second response indicating a confirmation by the user of the personal information and the second response i

Assignees

Oracle Int Corp

Inventors

Classifications

H04L63/18
using different networks or channels, e.g. using out of band channels (cryptographic mechanisms or cryptographic arrangements for key distribution involving distinctive intermediate devices or communication paths H04L9/0827; cryptographic mechanisms or cryptographic arrangements for authentication using a plurality of channels H04L9/3215) · CPC title
G06F21/445Primary
by mutual authentication, e.g. between devices or programs · CPC title
H04L63/0869
for achieving mutual authentication (cryptographic mechanisms or cryptographic arrangements for mutual authentication H04L9/3273) · CPC title
H04L63/0846Primary
using time-dependent-passwords, e.g. periodically changing passwords · CPC title
H04L63/102
Entity profiles · CPC title

Patent family

Related publications grouped by family.

View patent family 55809176

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US10164971B2 cover?: Techniques are disclosed for enabling a user to validate the authenticity of a computing system (e.g., an access management system) such as one which controls access to one or more resources. A user can determine the authenticity of an access management system before the user provides credential information to the access management system. A user can be presented at a client system with an inte…
Who is the assignee on this patent?: Oracle Int Corp
What technology area does this patent fall under?: Primary CPC classification G06F21/445. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue Dec 25 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).