What technology area does this patent fall under?

Primary CPC classification H04L63/1458. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Mar 05 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Protection against end user account locking denial of service (DOS)

US10225283B2 · US · B2

Patent metadata
Field	Value
Publication number	US-10225283-B2
Application number	US-201615298624-A
Country	US
Kind code	B2
Filing date	Oct 20, 2016
Priority date	Oct 22, 2015
Publication date	Mar 5, 2019
Grant date	Mar 5, 2019

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Techniques are disclosed for protecting a user from denial of service (DOS) to access his/her a user account that has been locked. An access management system can provide features that enable an owner of an account to prevent the account from becoming locked. Specifically, the techniques disclosed herein enable an account holder to circumvent procedures of the access management system that lock an account after several unsuccessful attempts to access the account. The access management system may operate according to a configuration for managing access to account. The access management system can manage access to an account by presenting a user with an interface to received access information (e.g., account information and credential information) for the account to determine whether to unlock the account. The access management system can deny access to an account upon determining that the credential information is not correct for the account.

First claim

Opening claim text (preview).

What is claimed is: 1. A method comprising: determining, at a computing system of an access management system, that an access threshold has been satisfied, the access threshold being based on a maximum number of unsuccessful attempts to obtain access to a resource on behalf of a user from a device via the access management system, wherein the access attempts are received by the access management system on a first channel of communication; upon determining that the access threshold has been satisfied, sending, to a destination associated with the user, first temporary access information for the user to authenticate the access management system, wherein the destination is different from the device and the first temporary access information is communicated to the destination using a second channel of communication that is different from the first channel of communication; receiving, from the device, second temporary access information; determining whether the second temporary access information matches the first temporary access information sent to the destination; upon determining that the second temporary access information matches the first temporary access information sent to the destination, sending a message to the device, the message causing the device to enable the user with access from the device to the resource; and upon determining that the second temporary access information does not match the first temporary access information sent to the destination, sending a message to the device, the message causing the device to prevent the user with future access from the device to the resource. 2. The method of claim 1 , further comprising: generating the first temporary access information; and after sending the first temporary access information to the destination, sending to the device a request for the first temporary access information. 3. The method of claim 1 , wherein the device is a first computing device and wherein the destination is a second computing device that is different from the first computing device. 4. The method of claim 1 , wherein the destination is an email address or a telephone number accessible using a mobile device. 5. The method of claim 1 , wherein resource is accessed based on an account managed by the access management system, and wherein the account provides access to the resource that is enabled by the access management system. 6. The method of claim 1 , wherein the first temporary access information is a password that is associated with a time period. 7. The method of claim 1 , further comprising: generating a graphical interface to receive access information to determine access from the device to the resource; and sending the graphical interface to the device, wherein the device displays the graphical interface, wherein the device receives the first temporary access information as input by the user through the graphical interface, and wherein the first temporary access information that is received by the device is sent by the device as the second temporary access information that is received from the device. 8. The method of claim 1 , further comprising: storing data in association with information about the user upon sending the first temporary access information to the destination. 9. The method of claim 8 , further comprising: updating the data to indicate that the second temporary access information was received. 10. The method of claim 8 , further comprising: upon determining that the second temporary access information matches the first temporary access information sent to the destination, updating the data to indicate that the user is enabled to request access on behalf of the user from the device via the access management system. 11. The method of claim 8 , further comprising: upon determining that the second temporary access information does not match the first temporary access information sent to the destination, updating the data to indicate that the user is prevented from future attempts to obtain access on behalf of the user from the device via the access management system. 12. A method comprising: determining, at a computing system of an access management system, that an access threshold has been satisfied, the access threshold being based on a maximum number of unsuccessful attempts to obtain access on behalf of a user from a device via the access management system; upon determining that the access threshold has been satisfied, sending, to a destination associated with the user, first temporary access information for the user to authenticate the access management system; receiving, from the device, second temporary access information; determining whether the second temporary access information matches the first temporary access information sent to the destination; upon determining that the second temporary access information matches the first temporary access information sent to the destination, sending to the device a request for credential information to enable the user to request access to a resource; receiving the credential information from the device; determining, at the computer system, whether the received credential information is valid for the user; upon determining that the received credential information is valid, authenticating the user based on the credential information and sending a message to the device, wherein the message causes the device to enable the user with access from the device to the resource; and upon determining that the second temporary access information does not match the first temporary access information sent to the destination or upon determining that the received credential information is invalid, sending a message to the device, the message causing the device to prevent the user with future access from the device to the resource. 13. A method comprising: determining, at a computing system of an access management system, that an access threshold has been satisfied, the access threshold being based on a maximum number of unsuccessful attempts to obtain access on behalf of a user from a device via the access management system; sending, to a destination associated with the user, first temporary access information for the user to authenticate the access management system; upon sending the first temporary access information to the destination, storing data in association with information about the user; receiving, from the device, second temporary access information; determining whether the second temporary access information matches the first temporary access information sent to the destination; upon determining that the second temporary access information matches the first temporary access information sent to the destination, updating the data to indicate that the user is enabled to request access on behalf of the user from the device via the access management system and sending a message to the device, the message causing the device to enable the user with access from the device to a resource; upon determining that the second temporary access information does not match the first temporary access information sent to the destination, sending a message to the device, the message causing the device to prevent the user with future access from the device to the resource receiving, from the device, a new request for access on behalf of the user; and enabling the new request for access based on the data indicating that the user is enabled to request access on behalf of the user from the device via the access management system. 14. A method comprising: determining, at a computing system of an access management system, tha

Assignees

Oracle Int Corp

Inventors

Classifications

H04L63/083
using passwords (cryptographic mechanisms or cryptographic arrangements for entity authentication using a predetermined code H04L9/3226) · CPC title
H04L63/1458Primary
Denial of Service · CPC title
H04L63/0861
using biometrical features, e.g. fingerprint, retina-scan (cryptographic mechanisms or cryptographic arrangements for entity authentication using biological data H04L9/3231) · CPC title

Patent family

Related publications grouped by family.

View patent family 58637479

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US10225283B2 cover?: Techniques are disclosed for protecting a user from denial of service (DOS) to access his/her a user account that has been locked. An access management system can provide features that enable an owner of an account to prevent the account from becoming locked. Specifically, the techniques disclosed herein enable an account holder to circumvent procedures of the access management system that lock…
Who is the assignee on this patent?: Oracle Int Corp
What technology area does this patent fall under?: Primary CPC classification H04L63/1458. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Mar 05 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).