Challenge-response authentication based on internet of things information
US-10231122-B2 · Mar 12, 2019 · US
Challenge-response user authentication based on information collected by internet of things devices
US11096050B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11096050-B2 |
| Application number | US-201916672767-A |
| Country | US |
| Kind code | B2 |
| Filing date | Nov 4, 2019 |
| Priority date | Apr 27, 2015 |
| Publication date | Aug 17, 2021 |
| Grant date | Aug 17, 2021 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Approaches presented herein enable challenge-response authentication of a user based on information captured by devices associated with the user. Specifically, in one approach, a plurality of devices associated with the user that each dynamically track and store on-device data points over a period of time are identified. A request initiated by a party claiming to be the user is received to authenticate the party as the user. An authentication question is generated in a natural language, the answer to which is a data point selected from data points on at least one device of the plurality, wherein the selected data point is discoverable by viewing data points on the at least one device. The requesting party is prompted to find the data point by presenting the authentication question to the requesting party. In the case that the requesting party returns the answer, the requesting party is authenticated as the user.
First claim
Opening claim text (preview).
What is claimed is: 1. A computer-implemented method for authenticating a user, the method comprising: identifying a plurality of devices associated with the user that each dynamically track and store on-device data points over a period of time; receiving a request initiated by a party claiming to be the user to authenticate the party as the user and a designation from the requesting party of at least one device of the plurality of devices as currently accessible to the requesting party; generating an authentication question in a natural language, the answer to which is a data point readable in the natural language selected from dynamically tracked data points on at least one device designated as accessible to the requesting party, wherein the selected data point is discoverable by viewing dynamically tracked data points in the natural language on a display of the at least one designated device; prompting the requesting party to find the data point in the natural language on the display of the at least one designated device by presenting the authentication question to the requesting party in the natural language; and authenticating the requesting party as the user in the case that the requesting party returns the answer to the authentication question. 2. The method of claim 1 , wherein the data point is a personal metric corresponding to the user. 3. The method of claim 1 , wherein in the case that the requesting party returns an incorrect answer to the authentication question, the method further comprises: determining a second authentication question based on a data point selected from dynamically tracked data points on at least one device of the plurality of devices; and prompting the requesting party with the second authentication question. 4. The method of claim 1 , further comprising: comparing a set of data points to historical data points tracked by the plurality of devices associated with the user; and lowering a confidence of a user authentication if the comparison is outside of a pre-determined threshold. 5. The method of claim 1 , further comprising receiving a registration of a plurality of devices from the user, wherein the user designates a subset of the plurality of devices as currently accessible devices. 6. The method of claim 1 , the method further comprising selecting by an authentication system one of the designated as accessible devices on which to base the authentication question, the selecting by the authentication system being based on at least one of: a human factor, an ease of access, data points on the device, security, a recentness of data, and a random selection. 7. The method of claim 1 , wherein the authentication question is at least one of: a primary authentication, a supplementary authentication, a challenge authentication, and an unusual activity authentication. 8. A computer system for authenticating a user, the computer system comprising: a memory medium comprising program instructions; a bus coupled to the memory medium; and a processor, for executing the program instructions, coupled to a challenge-response authentication tool via the bus that when executing the program instructions causes the system to: identify a plurality of devices associated with the user that each dynamically track and store on-device data points over a period of time; receive a request initiated by a party claiming to be the user to authenticate the party as the user and a designation from the requesting party of at least one device of the plurality of devices as currently accessible to the requesting party; generate an authentication question in a natural language, the answer to which is a data point readable in the natural language selected from dynamically tracked data points on at least one device designated as accessible to the requesting party, wherein the selected data point is discoverable by viewing dynamically tracked data points in the natural language on a display of the at least one designated device; prompt the requesting party to find the data point in the natural language on the display of the at least one designated device by presenting the authentication question to the requesting party in the natural language; and authenticate the requesting party as the user in the case that the requesting party returns the answer to the authentication question. 9. The system of claim 8 , wherein the data point is a personal metric corresponding to the user. 10. The system of claim 8 , wherein in the case that the requesting party returns an incorrect answer to the authentication question, the program instructions further cause the system to: determine a second authentication question based on a data point selected from dynamically tracked data points on at least one device of the plurality of devices; and prompt the requesting party with the second authentication question. 11. The system of claim 8 , the program instructions further causing the system to: compare a set of data points to historical data points tracked by the plurality of devices associated with the user; and lower a confidence of a user authentication if the comparison is outside of a pre-determined threshold. 12. The system of claim 8 , the program instructions further causing the system to receive a registration of a plurality of devices from the user, wherein the user designates a subset of the plurality of devices as currently accessible devices. 13. The system of claim 8 , the program instructions further causing the system to select by an authentication system one of the designated as accessible devices on which to base the authentication question, the selecting by the authentication system being based on at least one of: a human factor, an ease of access, data points on the device, security, a recentness of data, and a random selection. 14. The system of claim 8 , wherein the authentication question is at least one of: a primary authentication, a supplementary authentication, a challenge authentication, and an unusual activity authentication. 15. A computer program product for authenticating a user, the computer program product comprising at least one computer readable storage device, and program instructions collectively stored on the at least one computer readable storage device, to: identify a plurality of devices associated with the user that each dynamically track and store on-device data points over a period of time; receive a request initiated by a party claiming to be the user to authenticate the party as the user and a designation from the requesting party of at least one device of the plurality of devices as currently accessible to the requesting party; generate an authentication question in a natural language, the answer to which is a data point readable in the natural language selected from dynamically tracked data points on at least one device designated as accessible to the requesting party, wherein the selected data point is discoverable by viewing dynamically tracked data points in the natural language on a display of the at least one designated device; prompt the requesting party to find the data point in the natural language on the display of the at least one designated device by presenting the authentication question to the requesting party in the natural language; and authenticate the requesting party as the user in the case that the requesting party returns the answer to the authentication question. 16. The computer program product of claim 15 , wherein the data point is a personal metric corresponding to the user. 17. The computer program
Assignees
Inventors
Classifications
User authentication · CPC title
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks · CPC title
using an additional device, e.g. smartcard, SIM or a different communication terminal (cryptographic mechanisms or cryptographic arrangements for entity authentication involving additional secure or trusted devices H04L9/3234) · CPC title
- H04W12/06Primary
Authentication · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11096050B2 cover?
- Approaches presented herein enable challenge-response authentication of a user based on information captured by devices associated with the user. Specifically, in one approach, a plurality of devices associated with the user that each dynamically track and store on-device data points over a period of time are identified. A request initiated by a party claiming to be the user is received to auth…
- Who is the assignee on this patent?
- IBM
- What technology area does this patent fall under?
- Primary CPC classification H04W12/06. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Aug 17 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 10 related publications on this page (citations in our corpus or others sharing the same primary CPC).