-
公开(公告)号:US20080201578A1
公开(公告)日:2008-08-21
申请号:US11707590
申请日:2007-02-15
IPC分类号: H04L9/32
摘要: A physical token to the user in the form of a unique card having a grid of images thereon. Each column and row of images has a unique text string of text. In addition, each user knows a special image, not necessarily present on the token card, on which one particular point or zone functions as an extra authentication feature. Users may be queried for a username, then shown a random one of the images on their card, and asked for the row text string plus column text string identifying the image. Users are also prompted to select their particular point or zone within their known special image, which is displayed, among a jumble of other images, by the computer system requesting authorization, such display serving to authenticate the computer system to the user. The system may be combined with password protection and methods to identify a user's machine.
摘要翻译: 以具有其上的图像网格的唯一卡的形式向用户提供物理令牌。 每列和每行的图像都有一个唯一的文本文本字符串。 此外,每个用户都知道不一定存在于令牌卡上的特殊图像,其中一个特定点或区域用作额外的认证特征。 可以查询用户的用户名,然后在其卡片上显示随机的图像之一,并请求行文本字符串加上标识图像的列文本字符串。 还提示用户通过请求授权的计算机系统在其已知的特殊图像中显示它们的特定点或区域,这些特征图像在混合的其它图像之间,用于向用户认证计算机系统。 该系统可以与密码保护和用于识别用户机器的方法相结合。
-
公开(公告)号:US08176332B2
公开(公告)日:2012-05-08
申请号:US11707590
申请日:2007-02-15
IPC分类号: G06F21/00
摘要: A physical token to the user in the form of a unique card having a grid of images thereon. Each column and row of images has a unique text string of text. In addition, each user knows a special image, not necessarily present on the token card, on which one particular point or zone functions as an extra authentication feature. Users may be queried for a username, then shown a random one of the images on their card, and asked for the row text string plus column text string identifying the image. Users are also prompted to select their particular point or zone within their known special image, which is displayed, among a jumble of other images, by the computer system requesting authorization, such display serving to authenticate the computer system to the user. The system may be combined with password protection and methods to identify a user's machine.
摘要翻译: 以具有其上的图像网格的唯一卡的形式向用户提供物理令牌。 每列和每行的图像都有一个唯一的文本文本字符串。 此外,每个用户都知道不一定存在于令牌卡上的特殊图像,其中一个特定点或区域用作额外的认证特征。 可以查询用户的用户名,然后在其卡片上显示随机的图像之一,并请求行文本字符串加上标识图像的列文本字符串。 还提示用户通过请求授权的计算机系统在其已知的特殊图像中显示它们的特定点或区域,这些特征图像在混合的其它图像之间,用于向用户认证计算机系统。 该系统可以与密码保护和用于识别用户机器的方法相结合。
-
公开(公告)号:US6006328A
公开(公告)日:1999-12-21
申请号:US679077
申请日:1996-07-12
CPC分类号: G06F21/554 , G06F21/14 , G06F21/36 , G06F21/54 , H04L63/0428 , H04L63/1441 , G06F2207/7219 , G06F2221/2149
摘要: A software-based computer security enhancing process and graphical software-authenticity method, and a method to apply aspects of the two are disclosed. The process provides protection against certain attacks on executable software by persons or other software used on the computer. Software using this process is protected against eavesdropping (the monitoring of software, applications, the operating system, disks, keyboard, or other devices to record (steal) identification, authentication or sensitive data such as passwords, User-ID's, credit-card numbers and expiry dates, bank account and PIN numbers, smart-card data, biometric information (for example: the data comprising a retina or fingerprint scan), or encryption keys), local and remote tampering (altering software to remove, disable, or compromise security features of the altered software) examination (viewing the executable program, usually with the intent of devising security attacks upon it), tracing (observing the operating of an executable program step-by-step), and spoofing (substituting counterfeit software to emulate the interface of authentic software in order to subvert security) by rogues (eg: Trojan Horses, Hackers, Viruses, Terminate-and-stay-resident programs, co-resident software, multi-threaded operating system processes, Worms, Spoof programs, key-press password capturers, macro recorders, sniffers, and other software or subversions). Aspects include executable encryption, obfuscation, anti-tracing, anti-tamper & self-verification, runtime self-monitoring, and audiovisual authentication (math, encryption, and graphics based method permitting users to immediately recognise the authenticity and integrity of software). FIG. 5 in the specification depicts the many components and their interaction.
摘要翻译: 公开了基于软件的计算机安全增强过程和图形软件真实性方法,以及应用两者的方面的方法。 该过程提供了针对计算机上使用的人或其他软件的可执行软件的某些攻击的保护。 使用此过程的软件可以防止窃听(监视软件,应用程序,操作系统,磁盘,键盘或其他设备以记录(窃取)识别,身份验证或敏感数据,如密码,用户ID,信用卡号码 以及到期日期,银行帐户和PIN号码,智能卡数据,生物特征信息(例如:包括视网膜或指纹扫描的数据)或加密密钥),本地和远程篡改(更改软件以删除,禁用或妥协) 更改的软件的安全功能)检查(查看可执行程序,通常旨在设计安全攻击),跟踪(逐步观察可执行程序的操作)和欺骗(代替假冒软件来模拟 真实软件的接口,以颠覆安全)由流氓(例如:特洛伊木马,黑客,病毒,终止和驻留程序,共同驻留软件,多域名 推送操作系统进程,蠕虫,欺骗程序,按键密码捕获器,宏记录器,嗅探器以及其他软件或颠覆)。 方面包括可执行加密,混淆,反追踪,防篡改和自我验证,运行时自我监控和视听认证(数学,加密和基于图形的方法,允许用户立即识别软件的真实性和完整性)。 图。 规范中的5描述了许多组件及其相互作用。
-
-
搜索结果
3 条记录 (耗时 0.013 秒)
