Who is the assignee on this patent?

Corn Thomas S, Juels Ari, Triandopoulos Nikolaos, and 1 more

What technology area does this patent fall under?

Primary CPC classification H04L19/06755. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Apr 14 2015 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We do not list related publications for this record yet—either no in-corpus citations or no shared primary CPC matches in our current data slice.

Methods and apparatus for knowledge-based authentication using historically-aware questionnaires

US9009844B1 · US · B1

Patent metadata
Field	Value
Publication number	US-9009844-B1
Application number	US-201213436080-A
Country	US
Kind code	B1
Filing date	Mar 30, 2012
Priority date	Mar 30, 2012
Publication date	Apr 14, 2015
Grant date	Apr 14, 2015

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.
Not available on this page yet.

Abstract

Official abstract text for this publication.

Knowledge-based authentication (KBA) is provided using historically-aware questionnaires. The KBA can obtain a plurality of historically different answers from the user to at least one question; challenge the user with the question for a given period of time; receive a response from the user to the question; and grant access to the restricted resource if the response is accurate for the given period of time based on the historically different answers. Alternatively, the KBA can be based on historically aware answers to a set of inter-related questions. The user is challenged with the inter-related questions for a given period of time. Historically different answers can comprise answers with applicable dates, or correct answers to the question over time. Historically aware answers can comprise an answer that is accurate for an indicated date or period of time. An accurate response demonstrates knowledge of multiple related personal events.

First claim

Opening claim text (preview).

What is claimed is: 1. A knowledge-based authentication method performed by a server for restricting access of a user to a restricted resource, comprising the steps of: obtaining a plurality of historically different answers from said user for each of at least one question during a registration phase with said user, wherein said plurality of historically different answers for a given question are different for at least two different periods of time; challenging said user with at least one question that tests the historical knowledge of said user within said historically different answers to said given question for a given period of time; receiving a response from said user to said at least one question; and granting access to said restricted resource if said response is accurate for said given period of time based on said historically different answers, wherein at least one of said steps are performed by at least one hardware device. 2. The method of claim 1 , wherein said historically different answers comprise answers with applicable dates. 3. The method of claim 1 , wherein said historically different answers comprise a series of correct answers to said question over time. 4. The method of claim 1 , wherein said historically different answers comprise a series over time of one or more of facts, traits and characteristics of said user. 5. The method of claim 1 , further comprising the step of determining a confidence score based on said accuracy of said response for said given period of time based on said historically different answers. 6. The method of claim 5 , wherein said confidence score assesses a credibility of said user. 7. The method of claim 5 , wherein said confidence score is evaluated relative to a threshold. 8. The method of claim 7 , further comprising the step of employing a fraud remediation method when said confidence score is within a predefined tolerance of said threshold. 9. The method of claim 8 , wherein said fraud remediation method comprises one or more of denying access and sending a notification of said access attempt. 10. The method of claim 8 , wherein said fraud remediation method comprises classifying said response as plausible or correct. 11. The method of claim 10 , further comprising the steps of calculating a distance between an actual answer and a received answer and labeling a plausible response as a data mining access attempt. 12. The method of claim 8 , wherein said fraud remediation method comprises further interrogation of said user. 13. The method of claim 8 , wherein said fraud remediation method comprises granting access to said user and investigating said user to determine an identity of said user. 14. The method of claim 1 , wherein an accurate response demonstrates with measurable confidence that said user has global knowledge of multiple related events. 15. A knowledge-based authentication method performed by a server for restricting access of a user to a restricted resource, comprising the steps of: obtaining a plurality of historically aware answers from said user to a set of inter-related questions during a registration phase with said user, wherein each of said historically aware answers comprises an answer to a given question that is accurate for an indicated period of time; challenging said user with one or more of said inter-related questions for a given period of time; receiving a response from said user to said one or more inter-related questions; and granting access to said restricted resource if said response is accurate for said given period of time based on said historically aware answers, wherein at least one of said steps are performed by at least one hardware device. 16. The method of claim 15 , further comprising the step of determining a confidence score based on said accuracy of said response for said given period of time based on said historically aware answers. 17. The method of claim 16 , wherein said confidence score assesses a credibility of said user. 18. The method of claim 15 , wherein said confidence score is evaluated relative to a threshold. 19. The method of claim 18 , further comprising the step of employing a fraud remediation method when said confidence score is within a predefined tolerance of said threshold. 20. The method of claim 19 , wherein said fraud remediation method comprises one or more of denying access and sending a notification of said access attempt. 21. The method of claim 19 , wherein said fraud remediation method comprises classifying said response as plausible or correct. 22. The method of claim 21 , further comprising the steps of calculating a distance between an actual answer and a received answer and labeling a plausible response as a data mining access attempt. 23. The method of claim 19 , wherein said fraud remediation method comprises further interrogation of said user. 24. The method of claim 19 , wherein said fraud remediation method comprises granting access to said user and investigating said user to determine an identity of said user. 25. The method of claim 19 , wherein an accurate response demonstrates with measurable confidence that said user has global knowledge of multiple related events. 26. A knowledge-based authentication server for restricting access of a user to a restricted resource, comprising: a memory; and at least one hardware device, coupled to the memory, operative to implement the following steps: obtaining a plurality of historically different answers from said user for each of at least one question during a registration phase with said user, wherein said plurality of historically different answers for a given question are different for at least two different periods of time; challenging said user with at least one question that tests the historical knowledge of said user within said historically different answers to said given question for a given period of time; receiving a response from said user to said at least one question; and granting access to said restricted resource if said response is accurate for said given period of time based on said historically different answers. 27. The server of claim 26 , wherein said historically different answers comprise answers with applicable dates. 28. The server of claim 26 , wherein said historically different answers comprise a series of correct answers to said question over time. 29. The server of claim 26 , wherein said historically different answers comprise a series over time of one or more of facts, traits and characteristics of said user. 30. The server of claim 26 , further comprising the step of determining a confidence score based on said accuracy of said response for said given period of time based on said historically different answers. 31. The server of claim 30 , wherein said confidence score assesses a credibility of said user. 32. The server of claim 30 , wherein said confidence score is evaluated relative to a threshold. 33. The server of claim 32 , further comprising the step of employing a fraud remediation server when said confidence score is within a predefined tolerance of said threshold. 34. An article of manufacture for knowledge-based authentication by a server for restricting access of a user to a restricted resource, comprisi

Assignees

Inventors

Classifications

H04L19/06755Primary
Electricity · mapped topic
H04L9/3271Primary
using challenge-response · CPC title
H04L9/0618Primary
Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation · CPC title

Patent family

Related publications grouped by family.

View patent family 52782437

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US9009844B1 cover?: Knowledge-based authentication (KBA) is provided using historically-aware questionnaires. The KBA can obtain a plurality of historically different answers from the user to at least one question; challenge the user with the question for a given period of time; receive a response from the user to the question; and grant access to the restricted resource if the response is accurate for the given p…
Who is the assignee on this patent?: Corn Thomas S, Juels Ari, Triandopoulos Nikolaos, and 1 more
What technology area does this patent fall under?: Primary CPC classification H04L19/06755. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Apr 14 2015 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We do not list related publications for this record yet—either no in-corpus citations or no shared primary CPC matches in our current data slice.