What technology area does this patent fall under?

Primary CPC classification H04L63/1458. Mapped technology areas include Electricity.

When was this patent published?

Publication date Thu May 04 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Protection against end user account locking denial of service (dos)

US2017126733A1 · US · A1

Patent metadata
Field	Value
Publication number	US-2017126733-A1
Application number	US-201615298624-A
Country	US
Kind code	A1
Filing date	Oct 20, 2016
Priority date	Oct 22, 2015
Publication date	May 4, 2017
Grant date	—

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Techniques are disclosed for protecting a user from denial of service (DOS) to access his/her a user account that has been locked. An access management system can provide features that enable an owner of an account to prevent the account from becoming locked. Specifically, the techniques disclosed herein enable an account holder to circumvent procedures of the access management system that lock an account after several unsuccessful attempts to access the account. The access management system may operate according to a configuration for managing access to account. The access management system can manage access to an account by presenting a user with an interface to received access information (e.g., account information and credential information) for the account to determine whether to unlock the account. The access management system can deny access to an account upon determining that the credential information is not correct for the account.

First claim

Opening claim text (preview).

What is claimed is: 1 . A method comprising: determining, at a computing system of an access management system, that an access threshold has been satisfied, the access threshold being based on a maximum number of unsuccessful attempts to obtain access on behalf of a user from a device via the access management system; sending, to a destination associated with the user, first temporary access information for the user to authenticate the access management system; receiving, from the device, second temporary access information; determining whether the second temporary access information matches the first temporary access information sent to the destination; upon determining that the second temporary access information matches the first temporary access information sent to the destination, sending a message to the device, the message causing the device to enable the user with access from the device to a resource; and upon determining that the second temporary access information does not match the first temporary access information sent to the destination, sending a message to the device, the message causing the device to prevent the user with future access from the device to the resource. 2 . The method of claim 1 , further comprising: upon determining that the access threshold has been satisfied, sending to the device a request for credential information to enable the user to request access; receiving the credential information from the device; and authenticating the user based on the credential information; wherein the user is enabled to with access from the device to the resource further upon determining that the user is authenticated based on the credential information; and wherein the user is prevented with future access from the device to the resource upon determining that the user cannot be authenticated based on the credential information. 3 . The method of claim 1 , further comprising: generating the first temporary access information; and after sending the first temporary access information to the destination, sending to the device a request for the first temporary access information. 4 . The method of claim 1 , wherein the device is a first computing device and wherein the destination is a second computing device that is different from the first computing device. 5 . The method of claim 1 , wherein the destination is an email address or a telephone number accessible using a mobile device. 6 . The method of claim 1 , wherein the resource is accessed based on an account managed by the access management system, and wherein the account provides access to the resource that is enabled by the access management system. 7 . The method of claim 1 , wherein the first temporary access information is a password that is associated with a time period. 8 . The method of claim 1 , further comprising: generating a graphical interface to receive access information to determine access from the device to the resource; and sending the graphical interface to the device, wherein the device displays the graphical interface, wherein the device receives the first temporary access information as input by the user through the graphical interface, and wherein the first temporary access information that is received by the device is sent by the device as the second temporary access information that is received from the device. 9 . The method of claim 1 , further comprising: storing data in association with information about the user upon sending the first temporary access information to the destination. 10 . The method of claim 9 , further comprising: updating the data to indicate that the second temporary access information was received. 11 . The method of claim 9 , further comprising: upon determining that the second temporary access information matches the first temporary access information sent to the destination, updating the data to indicate that the user is enabled to request access on behalf of the user from the device via the access management system. 12 . The method of claim 11 , further comprising: receiving, from the device, a new request for access on behalf of the user; and enabling the new request for access based on the data indicating that the user is enabled to request access on behalf of the user from the device via the access management system. 13 . The method of claim 9 , further comprising: upon determining that the second temporary access information does not match the first temporary access information sent to the destination, updating the data to indicate that the user is prevented from future attempts to obtain access on behalf of the user from the device via the access management system. 14 . The method of claim 13 , further comprising: receiving, from the device, a new request for access on behalf of the user; and preventing the new request for access based on the data indicating that the user is prevented from future attempts to obtain access on behalf of the user from the device via the access management system. 15 . A system comprising: one or more processors; and a memory coupled accessible to the one or more processors, the memory storing one or more instructions that, upon execution by the one or more processors, causes the one or more processors to: determine, at an access management system, that an access threshold has been satisfied, the access threshold being based on a maximum number of unsuccessful attempts to obtain access on behalf of a user from a device via the access management system; send, to a destination associated with the user, first temporary access information for the user to authenticate the access management system; receive, from the device, second temporary access information; determine whether the second temporary access information matches the first temporary access information sent to the destination; upon determining that the second temporary access information matches the first temporary access information sent to the destination, send a message to the device, the message causing the device to enable the user with access from the device to a resource; and upon determining that the second temporary access information does not match the first temporary access information sent to the destination, send a message to the device, the message causing the device to prevent the user with future access from the device to the resource. 16 . The system of claim 15 , wherein the one or more instructions, upon execution by the one or more processors, further causes the one or more processors to: upon determining that the access threshold has been satisfied, send to the device a request for credential information to enable the user to request access; receive the credential information from the device; and authenticate the user based on the credential information; wherein the user is enabled to with access from the device to the resource further upon determining that the user is authenticated based on the credential information; and wherein the user is prevented with future access from the device to the resource upon determining that the user cannot be authenticated based on the credential information. 17 . The system of claim 15 , wherein the one or more instructions, upon execution by the one or more processors, further causes the one or more processors to: after sending the first temporary access information to the destination, send to the device a request for the first temporary access information. 18 . A non-transitory computer-readable medi

Assignees

Oracle Int Corp

Inventors

Classifications

H04L63/0861
using biometrical features, e.g. fingerprint, retina-scan (cryptographic mechanisms or cryptographic arrangements for entity authentication using biological data H04L9/3231) · CPC title
H04L63/083
using passwords (cryptographic mechanisms or cryptographic arrangements for entity authentication using a predetermined code H04L9/3226) · CPC title
H04L63/1458Primary
Denial of Service · CPC title

Patent family

Related publications grouped by family.

View patent family 58637479

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US2017126733A1 cover?: Techniques are disclosed for protecting a user from denial of service (DOS) to access his/her a user account that has been locked. An access management system can provide features that enable an owner of an account to prevent the account from becoming locked. Specifically, the techniques disclosed herein enable an account holder to circumvent procedures of the access management system that lock…
Who is the assignee on this patent?: Oracle Int Corp
What technology area does this patent fall under?: Primary CPC classification H04L63/1458. Mapped technology areas include Electricity.
When was this patent published?: Publication date Thu May 04 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).