CA2644272A1 - Method and system for securing interface access via visual array paths in combination with hidden operators - Google Patents

Method and system for securing interface access via visual array paths in combination with hidden operators Download PDF

Info

Publication number
CA2644272A1
CA2644272A1 CA002644272A CA2644272A CA2644272A1 CA 2644272 A1 CA2644272 A1 CA 2644272A1 CA 002644272 A CA002644272 A CA 002644272A CA 2644272 A CA2644272 A CA 2644272A CA 2644272 A1 CA2644272 A1 CA 2644272A1
Authority
CA
Canada
Prior art keywords
values
program instructions
user
elements
display
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CA002644272A
Other languages
French (fr)
Other versions
CA2644272C (en
Inventor
Norman Frank Goertzen
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CA002689850A priority Critical patent/CA2689850A1/en
Publication of CA2644272A1 publication Critical patent/CA2644272A1/en
Application granted granted Critical
Publication of CA2644272C publication Critical patent/CA2644272C/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • User Interface Of Digital Computer (AREA)
  • Input From Keyboards Or The Like (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

A method and system for securing interface access via visual array patterns in combination with hidden operations improves the security of computer systems and dedicated terminals. A hint display is generated in at least a quasi-random fashion that may be an array of numerical digit values. A user input is received that represents selection of a pattern of elements chosen from the hint display and combined in an algorithm using one or more mathematical, relational and/or logical operations. A pre-defined pattern and algorithm are used to generate a token from the hint display that is compared with the user input to verify that the user knows the pattern and algorithm. Further ease of use can be provided by dividing a hint display array into sub-arrays while providing a clue such as color to indicate each sub-array to the user.

Claims (20)

1. A method for receiving input of a security token protecting a resource, comprising:
generating a hint display having at least a quasi-random character, said display made up, of elements each having a value and a unique position characteristic;
computing a token from values of a predetermined pattern of elements of said generated hint display and at least one operation performed on at least one of said elements falling within said pattern;

displaying said hint display to a user;
receiving input from said user;
comparing said token with said received input; and selectively providing access to a resource in conformity with a result of said comparing.
2. The method of Claim 1, wherein said values of said elements are assigned from a set of textual values, and wherein said displaying displays said textual value corresponding to the value of each element at said unique position of each element.
3. The method of Claim 2, wherein said values of said elements are assigned only from a set of numerical digits, and wherein said displaying displays said numerical digit corresponding to the value of each element at said unique position of each element.
4. The method of Claim 1, wherein said computing combines at least two of said values in at least one mathematical operation.
5. The method of Claim 1, wherein said computing selects between at least two of said values using a relational operator and excludes at least one unselected value in determining a result of said computing.
6. The method of Claim 1, wherein said displaying displays a matrix of said values corresponding to values of said elements.
7. The method of Claim 1, wherein said displaying displays a matrix comprising uniquely identifiable sub-arrays, wherein said position of each element is further indicated by membership in a corresponding sub-array, whereby said predetermined pattern is more easily memorized by said user.
8. The method of Claim 1, further comprising:
identifying said user; and in response to identifying said user, selecting said predetermined pattern and said at least one operation from storage in conformity with said identification.
9. A computer system including a memory for storing program instructions and data, a processor coupled to said memory for executing said program instructions, a visual display coupled to said processor for displaying a user interface output and an input device coupled to said processor for providing a user interface input, wherein said program instructions within said general-purpose computer comprise program instructions for:
generating a hint display having at least a quasi-random character, said display made up of elements each having a value and a unique position characteristic;
computing a token from values of a predetermined pattern of elements of said generated hint display and at least one operation performed on at least one of said elements falling within said pattern;
displaying said hint display to a user;
receiving input from said user;
comparing said token with said received input; and selectively providing access to a resource in conformity with a result of said comparing.
10. The computer system of Claim 9, wherein said values of said elements are assigned from a set of textual values, wherein said program instructions for displaying display said textual value corresponding to the value of each element at said unique position of each element.
11. The computer system of Claim 9, wherein said values of said elements are assigned only from a set of numerical digits, and wherein said program instructions for displaying display a matrix of said numerical values.
12. The computer system of Claim 9, wherein said program instructions for computing combine at least two of said values in at least one mathematical operation.
13. The computer system of Claim 9, wherein said program instructions for computing select between at least two of said values using a relational operator and exclude at least one unselected value in determining a result of said computing.
14. The computer system of Claim 9, wherein said program instructions for displaying display a matrix of said values corresponding to values of said elements.
15. The computer system of Claim 9, wherein said program instructions for displaying display a matrix comprising uniquely identifiable sub-arrays, wherein said position of each element is further indicated by membership in a corresponding sub-array, whereby said predetermined pattern is more easily memorized by said user.
16. The computer system of Claim 15, further comprising program instructions for:
identifying said user; and in response to identifying said user, selecting said predetermined pattern and said at least one operation from storage in conformity with said identification.
17 17. A computer program product comprising signal-bearing media encoding program instructions for execution within a computer system, wherein said program instructions comprise program instructions for:
generating a hint display having at least a quasi-random character, said display made up of elements each having a value and a unique position characteristic;
computing a token from values of a predetermined pattern of elements of said generated hint display and at least one operation performed on at least one of said elements falling within said pattern;
displaying said hint display to a user;
receiving input from said user;
comparing said token with said received input; and selectively providing access to a resource in conformity with a result of said comparing.
18. The computer program product of Claim 17, wherein said program instructions for computing combine at least two of said values in at least one mathematical operation..
19. The computer program product of Claim 17, wherein said program instructions for computing select between at least two of said values using a relational operator and exclude at least one unselected value in determining a result of said computing.
20. The computer program product of Claim 17, further comprising program instructions for:
identifying said user; and in response to identifying said user, selecting said predetermined pattern and said at least one operation from storage in conformity with said identification.
CA2644272A 2006-03-01 2006-03-01 Method and system for securing interface access via visual array paths in combination with hidden operators Expired - Fee Related CA2644272C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CA002689850A CA2689850A1 (en) 2006-03-01 2006-03-01 Secure access by a user to a resource

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CA2006/000287 WO2007098569A1 (en) 2006-03-01 2006-03-01 Method and system for securing interface access via visual array paths in combination with hidden operators

Related Child Applications (1)

Application Number Title Priority Date Filing Date
CA002689850A Division CA2689850A1 (en) 2006-03-01 2006-03-01 Secure access by a user to a resource

Publications (2)

Publication Number Publication Date
CA2644272A1 true CA2644272A1 (en) 2007-09-07
CA2644272C CA2644272C (en) 2011-08-16

Family

ID=38458599

Family Applications (2)

Application Number Title Priority Date Filing Date
CA002689850A Pending CA2689850A1 (en) 2006-03-01 2006-03-01 Secure access by a user to a resource
CA2644272A Expired - Fee Related CA2644272C (en) 2006-03-01 2006-03-01 Method and system for securing interface access via visual array paths in combination with hidden operators

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CA002689850A Pending CA2689850A1 (en) 2006-03-01 2006-03-01 Secure access by a user to a resource

Country Status (5)

Country Link
EP (1) EP2002371A4 (en)
JP (1) JP2009528601A (en)
CN (1) CN101421737B (en)
CA (2) CA2689850A1 (en)
WO (1) WO2007098569A1 (en)

Families Citing this family (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100043079A1 (en) * 2006-09-07 2010-02-18 France Telecom Code securing for a personal entity
GB0910545D0 (en) 2009-06-18 2009-07-29 Therefore Ltd Picturesafe
CN101882188B (en) * 2010-06-07 2012-11-07 天地融科技股份有限公司 Method and device for enhancing data input security of electronic signature tool
US8650635B2 (en) 2010-12-16 2014-02-11 Blackberry Limited Pressure sensitive multi-layer passwords
US9258123B2 (en) 2010-12-16 2016-02-09 Blackberry Limited Multi-layered color-sensitive passwords
US8650624B2 (en) 2010-12-16 2014-02-11 Blackberry Limited Obscuring visual login
US8863271B2 (en) 2010-12-16 2014-10-14 Blackberry Limited Password entry using 3D image with spatial alignment
US8661530B2 (en) 2010-12-16 2014-02-25 Blackberry Limited Multi-layer orientation-changing password
US8769641B2 (en) 2010-12-16 2014-07-01 Blackberry Limited Multi-layer multi-point or pathway-based passwords
US8745694B2 (en) 2010-12-16 2014-06-03 Research In Motion Limited Adjusting the position of an endpoint reference for increasing security during device log-on
US8931083B2 (en) 2010-12-16 2015-01-06 Blackberry Limited Multi-layer multi-point or randomized passwords
EP2466517B1 (en) * 2010-12-16 2017-05-24 BlackBerry Limited Simple algebraic and multi-layered passwords
US9135426B2 (en) 2010-12-16 2015-09-15 Blackberry Limited Password entry using moving images
US8635676B2 (en) 2010-12-16 2014-01-21 Blackberry Limited Visual or touchscreen password entry
US8631487B2 (en) 2010-12-16 2014-01-14 Research In Motion Limited Simple algebraic and multi-layer passwords
GB2488310B8 (en) * 2011-02-02 2016-01-27 Winfrasoft Corp A method and system for authenticating a user of a computerised system
US8769668B2 (en) 2011-05-09 2014-07-01 Blackberry Limited Touchscreen password entry
US9223948B2 (en) 2011-11-01 2015-12-29 Blackberry Limited Combined passcode and activity launch modifier
GB2498350B (en) * 2012-01-09 2015-10-21 Gopalan Ketheeswaran Input device

Family Cites Families (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS60207956A (en) * 1984-04-02 1985-10-19 Toshiba Corp Identification matching system
JPS63661A (en) * 1986-06-19 1988-01-05 Omron Tateisi Electronics Co Card processing system
JPS6473449A (en) * 1987-09-14 1989-03-17 Hitachi Ltd Password number inputting system
DK136192D0 (en) * 1992-11-09 1992-11-09 John Reipur FILTER
US5425102A (en) * 1994-06-09 1995-06-13 Datasonix Corporation Computer security apparatus with password hints
GB9424791D0 (en) * 1994-12-08 1995-02-08 Philips Electronics Uk Ltd Security code input
US6209104B1 (en) * 1996-12-10 2001-03-27 Reza Jalili Secure data entry and visual authentication system and method
AU2001251202A1 (en) 2000-04-07 2001-10-23 Rsa Security, Inc. System and method for authenticating a user
GB2381603B (en) * 2001-10-30 2005-06-08 F Secure Oyj Method and apparatus for selecting a password
AU2003211960B2 (en) * 2002-02-13 2009-12-10 Passlogy Co., Ltd. User authentication method and user authentication system
JP4090251B2 (en) * 2002-03-05 2008-05-28 パスロジ株式会社 Authentication device, authentication method, and program
JP3789462B2 (en) * 2002-09-12 2006-06-21 三菱電機株式会社 Authentication system, authentication device, terminal device, and authentication method
US7644433B2 (en) * 2002-12-23 2010-01-05 Authernative, Inc. Authentication system and method based upon random partial pattern recognition
US7577987B2 (en) 2002-12-23 2009-08-18 Authernative, Inc. Operation modes for user authentication system based on random partial pattern recognition
JP4316311B2 (en) * 2003-07-03 2009-08-19 株式会社日立製作所 Authentication method using logical password, information processing apparatus, program, and recording medium
KR101108660B1 (en) * 2003-10-14 2012-01-25 사이퍼락 테크놀로지 코포레이션 Authentication system

Also Published As

Publication number Publication date
WO2007098569A1 (en) 2007-09-07
CA2689850A1 (en) 2007-09-07
CA2644272C (en) 2011-08-16
CN101421737B (en) 2011-04-20
CN101421737A (en) 2009-04-29
JP2009528601A (en) 2009-08-06
EP2002371A4 (en) 2010-05-05
EP2002371A1 (en) 2008-12-17

Similar Documents

Publication Publication Date Title
CA2644272A1 (en) Method and system for securing interface access via visual array paths in combination with hidden operators
Timms et al. Does species‐level resolution matter? Taxonomic sufficiency in terrestrial arthropod biodiversity studies
US7221474B2 (en) Method for visualizing large volumes of multiple-attribute data without aggregation using a pixel bar chart
Yoon et al. Detecting violations of factorial invariance using data-based specification searches: A Monte Carlo study
US9727981B2 (en) Visualizing data model sensitivity to variations in parameter values
US20080007554A1 (en) Two Dimensional User Interface For Multidimensional Data Analysis
JP2009528601A5 (en)
US9348881B1 (en) Visual content query for multi-dimensional datasets
CA2391829A1 (en) Timeshared electronic catalog system and method
CN103164222A (en) Multidimensional modeling system and multidimensional modeling method
CN104391799B (en) Internal storage access control in memory device
US9043376B2 (en) Custom configuration for a calculator based on a selected functionality
CN113345052A (en) Classified data multi-view visualization coloring method and system based on similarity significance
Finch Performance of the Roy-Bargmann stepdown procedure as a follow up to a significant MANOVA
CN111282264B (en) Virtual object control method and device
CN116610583A (en) SCA tool maturity evaluation method, SCA tool maturity evaluation device, SCA tool maturity evaluation equipment, SCA tool maturity evaluation medium and SCA tool maturity evaluation product
US10402838B2 (en) Multivariable regression analysis
US20140032182A1 (en) Computer-Implemented Method For Optimising The Design Of A Product
Kang et al. A constrained randomization approach to interactive visual data exploration with subjective feedback
WO2017062026A1 (en) Generating cohorts using automated weighting and multi-level ranking
KR101854266B1 (en) Apparatus for providing work information, and recording medium
CN111176644A (en) Automatic layout method and device of operation interface and response method and device thereof
KR20180068556A (en) Apparatus and method for providing work information, and recording medium
CN102156831A (en) Method and system for protecting interface access security by combining visual array path with hidden operational character
CN117632365A (en) Method, device, computer equipment and storage medium for monitoring accelerator state

Legal Events

Date Code Title Description
EEER Examination request
MKLA Lapsed

Effective date: 20190301