Distributed user authentication protocol
A distributed authentication system that prevents unauthorized access to any computer system in a distributed environment. Authentication using the present invention involves three distinct phases. In the first phase, user passwords are generated by the computer system and encrypted on a coded card...
Gespeichert in:
| Hauptverfasser: | , |
|---|---|
| Format: | Patent |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | KUNG KENNETH C |
| description | A distributed authentication system that prevents unauthorized access to any computer system in a distributed environment. Authentication using the present invention involves three distinct phases. In the first phase, user passwords are generated by the computer system and encrypted on a coded card together with a message authentication code to prevent alterations prior to any access attempts. These are complex and impersonal enough not to be easily guessed. This coded card must be used whenever requesting access to the system. Second, in addition to supplying a password, the user is required to correctly respond to a set of randomly selected authentication challenges when requesting access. The correct responses may vary between the right response, a wrong response or no response depending on some predetermined variable, e.g., the day of the week or hour of the day. The dual randomness thus introduced significantly reduces the usefulness of observed logon information. Third, at random times during the session, the user is required again to respond to selected authentication challenges. This detects piggybacking attempts. Since authentication depends on the correctness of the entire set of responses rather than on the response to a single question, the present invention provides a significant increase in the probability of detecting and preventing unauthorized computer access. |
| format | Patent |
| fullrecord | <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_US5442342A</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>US5442342A</sourcerecordid><originalsourceid>FETCH-epo_espacenet_US5442342A3</originalsourceid><addsrcrecordid>eNrjZNBwySwuKcpMKi1JTVEoLU4tUkgsLclIzSvJTE4syczPUygoyi_JT87P4WFgTUvMKU7lhdLcDPJuriHOHrqpBfnxqcUFicmpeakl8aHBpiYmRsYmRo7GhFUAAIRcKF0</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>Distributed user authentication protocol</title><source>esp@cenet</source><creator>KUNG; KENNETH C</creator><creatorcontrib>KUNG; KENNETH C</creatorcontrib><description>A distributed authentication system that prevents unauthorized access to any computer system in a distributed environment. Authentication using the present invention involves three distinct phases. In the first phase, user passwords are generated by the computer system and encrypted on a coded card together with a message authentication code to prevent alterations prior to any access attempts. These are complex and impersonal enough not to be easily guessed. This coded card must be used whenever requesting access to the system. Second, in addition to supplying a password, the user is required to correctly respond to a set of randomly selected authentication challenges when requesting access. The correct responses may vary between the right response, a wrong response or no response depending on some predetermined variable, e.g., the day of the week or hour of the day. The dual randomness thus introduced significantly reduces the usefulness of observed logon information. Third, at random times during the session, the user is required again to respond to selected authentication challenges. This detects piggybacking attempts. Since authentication depends on the correctness of the entire set of responses rather than on the response to a single question, the present invention provides a significant increase in the probability of detecting and preventing unauthorized computer access.</description><edition>6</edition><language>eng</language><subject>CALCULATING ; CHECKING-DEVICES ; COIN-FREED OR LIKE APPARATUS ; COMPUTING ; COUNTING ; ELECTRIC DIGITAL DATA PROCESSING ; PHYSICS</subject><creationdate>1995</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=19950815&DB=EPODOC&CC=US&NR=5442342A$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,776,881,25543,76294</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=19950815&DB=EPODOC&CC=US&NR=5442342A$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>KUNG; KENNETH C</creatorcontrib><title>Distributed user authentication protocol</title><description>A distributed authentication system that prevents unauthorized access to any computer system in a distributed environment. Authentication using the present invention involves three distinct phases. In the first phase, user passwords are generated by the computer system and encrypted on a coded card together with a message authentication code to prevent alterations prior to any access attempts. These are complex and impersonal enough not to be easily guessed. This coded card must be used whenever requesting access to the system. Second, in addition to supplying a password, the user is required to correctly respond to a set of randomly selected authentication challenges when requesting access. The correct responses may vary between the right response, a wrong response or no response depending on some predetermined variable, e.g., the day of the week or hour of the day. The dual randomness thus introduced significantly reduces the usefulness of observed logon information. Third, at random times during the session, the user is required again to respond to selected authentication challenges. This detects piggybacking attempts. Since authentication depends on the correctness of the entire set of responses rather than on the response to a single question, the present invention provides a significant increase in the probability of detecting and preventing unauthorized computer access.</description><subject>CALCULATING</subject><subject>CHECKING-DEVICES</subject><subject>COIN-FREED OR LIKE APPARATUS</subject><subject>COMPUTING</subject><subject>COUNTING</subject><subject>ELECTRIC DIGITAL DATA PROCESSING</subject><subject>PHYSICS</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>1995</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNrjZNBwySwuKcpMKi1JTVEoLU4tUkgsLclIzSvJTE4syczPUygoyi_JT87P4WFgTUvMKU7lhdLcDPJuriHOHrqpBfnxqcUFicmpeakl8aHBpiYmRsYmRo7GhFUAAIRcKF0</recordid><startdate>19950815</startdate><enddate>19950815</enddate><creator>KUNG; KENNETH C</creator><scope>EVB</scope></search><sort><creationdate>19950815</creationdate><title>Distributed user authentication protocol</title><author>KUNG; KENNETH C</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_US5442342A3</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng</language><creationdate>1995</creationdate><topic>CALCULATING</topic><topic>CHECKING-DEVICES</topic><topic>COIN-FREED OR LIKE APPARATUS</topic><topic>COMPUTING</topic><topic>COUNTING</topic><topic>ELECTRIC DIGITAL DATA PROCESSING</topic><topic>PHYSICS</topic><toplevel>online_resources</toplevel><creatorcontrib>KUNG; KENNETH C</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>KUNG; KENNETH C</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>Distributed user authentication protocol</title><date>1995-08-15</date><risdate>1995</risdate><abstract>A distributed authentication system that prevents unauthorized access to any computer system in a distributed environment. Authentication using the present invention involves three distinct phases. In the first phase, user passwords are generated by the computer system and encrypted on a coded card together with a message authentication code to prevent alterations prior to any access attempts. These are complex and impersonal enough not to be easily guessed. This coded card must be used whenever requesting access to the system. Second, in addition to supplying a password, the user is required to correctly respond to a set of randomly selected authentication challenges when requesting access. The correct responses may vary between the right response, a wrong response or no response depending on some predetermined variable, e.g., the day of the week or hour of the day. The dual randomness thus introduced significantly reduces the usefulness of observed logon information. Third, at random times during the session, the user is required again to respond to selected authentication challenges. This detects piggybacking attempts. Since authentication depends on the correctness of the entire set of responses rather than on the response to a single question, the present invention provides a significant increase in the probability of detecting and preventing unauthorized computer access.</abstract><edition>6</edition><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | |
| ispartof | |
| issn | |
| language | eng |
| recordid | cdi_epo_espacenet_US5442342A |
| source | esp@cenet |
| subjects | CALCULATING CHECKING-DEVICES COIN-FREED OR LIKE APPARATUS COMPUTING COUNTING ELECTRIC DIGITAL DATA PROCESSING PHYSICS |
| title | Distributed user authentication protocol |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-23T08%3A03%3A16IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=KUNG;%20KENNETH%20C&rft.date=1995-08-15&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3EUS5442342A%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |