US2006294390A1PendingUtilityA1

Method and apparatus for sequential authentication using one or more error rates characterizing each security challenge

47
Assignee: IBMPriority: Jun 23, 2005Filed: Jun 23, 2005Published: Dec 28, 2006
Est. expiryJun 23, 2025(expired)· nominal 20-yr term from priority
G06F 2221/2103G06F 21/31H04L 63/0861H04L 63/104
47
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

Methods and apparatus are provided for sequential authentication of a user that employ one or more error rates characterizing each security challenge. According to one aspect of the invention, a user is challenged with at least one knowledge challenge to obtain an intermediate authentication result; and the user challenges continue until a cumulative authentication result satisfies one or more criteria. The intermediate authentication result is based, for example, on one or more of false accept and false reject error probabilities for each knowledge challenge. A false accept error probability describes a probability of a different user answering the knowledge challenge correctly. A false reject error probability describes a probability of a genuine user not answering the knowledge challenge correctly. The false accept and false reject error probabilities can be adapted based on field data or known information about a given challenge.

Claims

exact text as granted — not AI-modified
1 . A method for sequential authentication of a user, comprising: 
 challenging said user with at least one knowledge challenge to obtain an intermediate authentication result, wherein said intermediate authentication result is based on one or more of false accept and false reject error probabilities for each knowledge challenge; and    repeating said step of challenging said user with at least one knowledge challenge until a cumulative authentication result satisfies one or more criteria.    
   
   
       2 . The method of  claim 1 , wherein said false accept error probability describes a probability of a different user answering said knowledge challenge correctly.  
   
   
       3 . The method of  claim 1 , wherein said false reject error probability describes a probability of a genuine user not answering said knowledge challenge correctly.  
   
   
       4 . The method of  claim 1 , wherein one or more of said false accept and false reject error probabilities are defined for a population of users.  
   
   
       5 . The method of  claim 1 , wherein one or more of said false accept and false reject error probabilities are defined for said user.  
   
   
       6 . The method of  claim 1 , wherein one or more of said false accept and false reject error probabilities are adapted based on field data.  
   
   
       7 . The method of  claim 1 , wherein one or more of said false accept and false reject error probabilities are adapted based on known information about a given challenge.  
   
   
       8 . The method of  claim 1 , wherein said intermediate authentication result is a continuous score.  
   
   
       9 . The method of  claim 1 , wherein said intermediate authentication result is based on log likelihood ratio.  
   
   
       10 . The method of  claim 1 , wherein said cumulative authentication result is a sum of individual log likelihood ratios.  
   
   
       11 . The method of  claim 1 , wherein one or more of said intermediate authentication results and said cumulative authentication result are combined with a result from a biometric verification method.  
   
   
       12 . The method of  claim 1 , wherein one or more of said intermediate authentication results and said cumulative authentication result are combined with a result from a speaker verification method.  
   
   
       13 . A system for sequential authentication of a user, the apparatus comprising: 
 a memory; and    at least one processor, coupled to the memory, operative to:    challenge said user with at least one knowledge challenge to obtain an intermediate authentication result, wherein said intermediate authentication result is based on one or more of false accept and false reject error probabilities for each knowledge challenge; and    repeating said challenge until a cumulative authentication result satisfies one or more criteria.    
   
   
       14 . The system of  claim 13 , wherein said false accept error probability describes a probability of a different user answering said knowledge challenge correctly and said false reject error probability describes a probability of a genuine user not answering said knowledge challenge correctly.  
   
   
       15 . The system of  claim 13 , wherein one or more of said false accept and false reject error probabilities are defined for a population of users.  
   
   
       16 . The system of  claim 13 , wherein one or more of said false accept and false reject error probabilities are defined for said user.  
   
   
       17 . The system of  claim 13 , wherein one or more of said false accept and false reject error probabilities are adapted based on field data or known information about a given challenge.  
   
   
       18 . The system of  claim 13 , wherein said intermediate authentication result is based on log likelihood ratio and said cumulative authentication result is a sum of individual log likelihood ratios.  
   
   
       19 . The system of  claim 13 , wherein one or more of said intermediate authentication results and said cumulative authentication result are combined with one or more of a result from a biometric verification method and a result from a speaker verification method.  
   
   
       20 . An article of manufacture for sequential authentication of a user, comprising a machine readable medium containing one or more programs which when executed implement the steps of: 
 challenging said user with at least one knowledge challenge to obtain an intermediate authentication result; and    repeating said step of challenging said user with at least one knowledge challenge until a cumulative authentication result satisfies one or more criteria.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.