Authentication based on heartbeat detection and facial recognition in video data
US-9953231-B1 · Apr 24, 2018 · US
Multi-step authentication using objective and subjective credentials
US10791111B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10791111-B2 |
| Application number | US-201715792961-A |
| Country | US |
| Kind code | B2 |
| Filing date | Oct 25, 2017 |
| Priority date | Oct 25, 2017 |
| Publication date | Sep 29, 2020 |
| Grant date | Sep 29, 2020 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Multi-step user authentication combines steps of authenticating both objective and subjective credentials. A user selects objective credentials, such as a password, and enters subjective credentials, such as a subjective description of the user's emotional response to a subjective challenge, such as a musical recording or image. The system identifies other content likely to elicit a similar emotional response from the same user. When the user later attempts to log onto a secured system, the user must enter the objective credentials and then describe the user's emotional response to a second subjective challenge that is likely to elicit an emotional response similar to that invoked by the first subjective challenge. If the user enters the correct objective credentials and describes an emotional response consistent with the first subjective description, then the user is given access to the secured system.
First claim
Opening claim text (preview).
What is claimed is: 1. A user-authentication system comprising a processor, a memory coupled to the processor, and a computer-readable hardware storage device coupled to the processor, the storage device containing program code configured to be run by the processor via the memory to implement a method for multi-step authentication using objective and subjective credentials, the method comprising a setting-up procedure and an authentication procedure, where the setting-up procedure comprises: receiving from a user, by the user-authentication system, a selection of an objective log-in credential; recognizing, by the user-authentication system, an identification by the user of a first subjective challenge; and receiving further from the user, by the user-authentication system, a first subjective description an emotional response of the user to the first subjective challenge, where the first subjective description consists of a natural-language description entered by the user in response to an interactive request for such a response made by the system; and where the authentication procedure comprises: identifying, by the user-authentication system, a request from the user to log onto a secured system; accepting from the user, by the user-authentication system, the objective log-in credential; communicating to the user, by the user-authentication system, a second subjective challenge that is different from the first subjective challenge, where the second subjective challenge is correlated with the first subjective challenge; accepting further from the user, by the user-authentication system, a second subjective description of a user's emotional response to the second subjective challenge; confirming, by the user-authentication system, that the second subjective description is consistent with the first subjective description, where the confirming comprises inferring, by the user-authentication system, that the first subjective challenge and the first subjective description share identical objective characteristics with the second subjective challenge and the second subjective description; and where the first subjective description is associated with the first subjective challenge and the second subjective description is associated with the second subjective challenge; and granting the user, by the user-authentication system, access to the secured system in response to the confirming. 2. The user-authentication system of claim 1 , where the second subjective challenge is not distinct from the first subjective challenge. 3. The user-authentication system of claim 1 , where the first subjective description enumerates a first plurality of emotional states induced in the user by the first subjective challenge, and where the second subjective description enumerates a second plurality of emotional states induced in the user by the second subjective challenge. 4. The user-authentication system of claim 3 , where the confirming further comprises: inferring, by the user-authentication system, a first user sentiment from the first plurality of emotional states, inferring, by the user-authentication system, a second user sentiment from the second plurality of emotional states, and determining, by the user-authentication system, that the first user sentiment matches the second user sentiment. 5. The user-authentication system of claim 1 , where the identification of the first subjective challenge by the user comprises the user selecting the first subjective challenge from a list of candidate subjective challenges presented by the user-authentication system to the user. 6. The user-authentication system of claim 1 , where the identification of the first subjective challenge by the user comprises the user submitting the first subjective challenge to the user-authentication system. 7. The user-authentication system of claim 6 , where the first subjective challenge is a musical passage, and where the submitting comprises the user performing the musical passage through an electronic interface coupled to the processor. 8. The user-authentication system of claim 1 , where the objective log-in credential is a password. 9. The user-authentication system of claim 1 , where the first subjective challenge and the second subjective challenge each comprise at least one item selected from a group consisting of: a live musical performance, an audio recording, a photograph, an animation, a graphical image, text, and a video clip. 10. The user-authentication system of claim 1 , further comprising: selecting, by the user-authentication system, the second subjective challenge from a set of candidate subjective challenges, where each subjective challenge of the set of candidate subjective challenges is associated with corresponding values of a set of parameters of the objective characteristics and with a set of subjective user descriptions, the selecting comprising: identifying, by the user-authentication system, a subset of the set of parameters, where all parameters of the subset correlate with the subjective user descriptions; and selecting, by the user-authentication system, the second subjective challenge from a subset of the set of candidate subjective challenges, where each subjective challenge of the subset of the set of candidate subjective challenges is associated with values of the subset of parameters that match values of corresponding parameters associated with the first subjective challenge. 11. A computer program product, comprising a computer-readable hardware storage device having a computer-readable program code stored therein, the program code configured to be executed by a user authentication system comprising a processor, a memory coupled to the processor, and a computer-readable hardware storage device coupled to the processor, the storage device containing program code configured to be run by the processor via the memory to implement a method for multi-step authentication using objective and subjective credentials, the method comprising: a setting-up procedure and an authentication procedure, where the setting-up procedure comprises: receiving from a user, by the user-authentication system, a selection of an objective log-in credential; recognizing, by the user-authentication system, an identification by the user of a first subjective challenge; and receiving further from the user, by the user-authentication system, a first subjective description of an emotional response of the user to the first subjective challenge, where the first subjective description consists of a natural-language description entered by the user in response to an interactive request for such a response made by the system; and where the authentication procedure comprises: identifying, by the user-authentication system, a request from the user to log onto a secured system; accepting from the user, by the user-authentication system, the objective log-in credential; communicating to the user, by the user-authentication system, a second subjective challenge that is different from the first subjective challenge, where the second subjective challenge is correlated with the first subjective challenge; accepting further from the user, by the user-authentication system, a second subjective description of a user's emotional response to the second subjective challenge; confirming, by the user-authentication system, that the second subjective description is consistent with the first subjective description, where the confirming comprises inferring, by the user-authentication system, that the first subjective challenge and the first subjective description share identical objective characteristics with the sec
Assignees
Inventors
Classifications
using a predetermined code, e.g. password, passphrase or PIN (network architectures or network communication protocols for supporting authentication of entities using passwords in a packet data network H04L63/083) · CPC title
using challenge-response · CPC title
applying multi-factor authentication · CPC title
- H04L63/083Primary
using passwords (cryptographic mechanisms or cryptographic arrangements for entity authentication using a predetermined code H04L9/3226) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10791111B2 cover?
- Multi-step user authentication combines steps of authenticating both objective and subjective credentials. A user selects objective credentials, such as a password, and enters subjective credentials, such as a subjective description of the user's emotional response to a subjective challenge, such as a musical recording or image. The system identifies other content likely to elicit a similar emo…
- Who is the assignee on this patent?
- IBM
- What technology area does this patent fall under?
- Primary CPC classification H04L63/083. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Sep 29 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 6 related publications on this page (citations in our corpus or others sharing the same primary CPC).