CA2644272A1 - Method and system for securing interface access via visual array paths in combination with hidden operators - Google Patents
Method and system for securing interface access via visual array paths in combination with hidden operators Download PDFInfo
- Publication number
- CA2644272A1 CA2644272A1 CA002644272A CA2644272A CA2644272A1 CA 2644272 A1 CA2644272 A1 CA 2644272A1 CA 002644272 A CA002644272 A CA 002644272A CA 2644272 A CA2644272 A CA 2644272A CA 2644272 A1 CA2644272 A1 CA 2644272A1
- Authority
- CA
- Canada
- Prior art keywords
- values
- program instructions
- user
- elements
- display
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/36—User authentication by graphic or iconic representation
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- User Interface Of Digital Computer (AREA)
- Input From Keyboards Or The Like (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
A method and system for securing interface access via visual array patterns in combination with hidden operations improves the security of computer systems and dedicated terminals. A hint display is generated in at least a quasi-random fashion that may be an array of numerical digit values. A user input is received that represents selection of a pattern of elements chosen from the hint display and combined in an algorithm using one or more mathematical, relational and/or logical operations. A pre-defined pattern and algorithm are used to generate a token from the hint display that is compared with the user input to verify that the user knows the pattern and algorithm. Further ease of use can be provided by dividing a hint display array into sub-arrays while providing a clue such as color to indicate each sub-array to the user.
Claims (20)
1. A method for receiving input of a security token protecting a resource, comprising:
generating a hint display having at least a quasi-random character, said display made up, of elements each having a value and a unique position characteristic;
computing a token from values of a predetermined pattern of elements of said generated hint display and at least one operation performed on at least one of said elements falling within said pattern;
displaying said hint display to a user;
receiving input from said user;
comparing said token with said received input; and selectively providing access to a resource in conformity with a result of said comparing.
generating a hint display having at least a quasi-random character, said display made up, of elements each having a value and a unique position characteristic;
computing a token from values of a predetermined pattern of elements of said generated hint display and at least one operation performed on at least one of said elements falling within said pattern;
displaying said hint display to a user;
receiving input from said user;
comparing said token with said received input; and selectively providing access to a resource in conformity with a result of said comparing.
2. The method of Claim 1, wherein said values of said elements are assigned from a set of textual values, and wherein said displaying displays said textual value corresponding to the value of each element at said unique position of each element.
3. The method of Claim 2, wherein said values of said elements are assigned only from a set of numerical digits, and wherein said displaying displays said numerical digit corresponding to the value of each element at said unique position of each element.
4. The method of Claim 1, wherein said computing combines at least two of said values in at least one mathematical operation.
5. The method of Claim 1, wherein said computing selects between at least two of said values using a relational operator and excludes at least one unselected value in determining a result of said computing.
6. The method of Claim 1, wherein said displaying displays a matrix of said values corresponding to values of said elements.
7. The method of Claim 1, wherein said displaying displays a matrix comprising uniquely identifiable sub-arrays, wherein said position of each element is further indicated by membership in a corresponding sub-array, whereby said predetermined pattern is more easily memorized by said user.
8. The method of Claim 1, further comprising:
identifying said user; and in response to identifying said user, selecting said predetermined pattern and said at least one operation from storage in conformity with said identification.
identifying said user; and in response to identifying said user, selecting said predetermined pattern and said at least one operation from storage in conformity with said identification.
9. A computer system including a memory for storing program instructions and data, a processor coupled to said memory for executing said program instructions, a visual display coupled to said processor for displaying a user interface output and an input device coupled to said processor for providing a user interface input, wherein said program instructions within said general-purpose computer comprise program instructions for:
generating a hint display having at least a quasi-random character, said display made up of elements each having a value and a unique position characteristic;
computing a token from values of a predetermined pattern of elements of said generated hint display and at least one operation performed on at least one of said elements falling within said pattern;
displaying said hint display to a user;
receiving input from said user;
comparing said token with said received input; and selectively providing access to a resource in conformity with a result of said comparing.
generating a hint display having at least a quasi-random character, said display made up of elements each having a value and a unique position characteristic;
computing a token from values of a predetermined pattern of elements of said generated hint display and at least one operation performed on at least one of said elements falling within said pattern;
displaying said hint display to a user;
receiving input from said user;
comparing said token with said received input; and selectively providing access to a resource in conformity with a result of said comparing.
10. The computer system of Claim 9, wherein said values of said elements are assigned from a set of textual values, wherein said program instructions for displaying display said textual value corresponding to the value of each element at said unique position of each element.
11. The computer system of Claim 9, wherein said values of said elements are assigned only from a set of numerical digits, and wherein said program instructions for displaying display a matrix of said numerical values.
12. The computer system of Claim 9, wherein said program instructions for computing combine at least two of said values in at least one mathematical operation.
13. The computer system of Claim 9, wherein said program instructions for computing select between at least two of said values using a relational operator and exclude at least one unselected value in determining a result of said computing.
14. The computer system of Claim 9, wherein said program instructions for displaying display a matrix of said values corresponding to values of said elements.
15. The computer system of Claim 9, wherein said program instructions for displaying display a matrix comprising uniquely identifiable sub-arrays, wherein said position of each element is further indicated by membership in a corresponding sub-array, whereby said predetermined pattern is more easily memorized by said user.
16. The computer system of Claim 15, further comprising program instructions for:
identifying said user; and in response to identifying said user, selecting said predetermined pattern and said at least one operation from storage in conformity with said identification.
identifying said user; and in response to identifying said user, selecting said predetermined pattern and said at least one operation from storage in conformity with said identification.
17 17. A computer program product comprising signal-bearing media encoding program instructions for execution within a computer system, wherein said program instructions comprise program instructions for:
generating a hint display having at least a quasi-random character, said display made up of elements each having a value and a unique position characteristic;
computing a token from values of a predetermined pattern of elements of said generated hint display and at least one operation performed on at least one of said elements falling within said pattern;
displaying said hint display to a user;
receiving input from said user;
comparing said token with said received input; and selectively providing access to a resource in conformity with a result of said comparing.
generating a hint display having at least a quasi-random character, said display made up of elements each having a value and a unique position characteristic;
computing a token from values of a predetermined pattern of elements of said generated hint display and at least one operation performed on at least one of said elements falling within said pattern;
displaying said hint display to a user;
receiving input from said user;
comparing said token with said received input; and selectively providing access to a resource in conformity with a result of said comparing.
18. The computer program product of Claim 17, wherein said program instructions for computing combine at least two of said values in at least one mathematical operation..
19. The computer program product of Claim 17, wherein said program instructions for computing select between at least two of said values using a relational operator and exclude at least one unselected value in determining a result of said computing.
20. The computer program product of Claim 17, further comprising program instructions for:
identifying said user; and in response to identifying said user, selecting said predetermined pattern and said at least one operation from storage in conformity with said identification.
identifying said user; and in response to identifying said user, selecting said predetermined pattern and said at least one operation from storage in conformity with said identification.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CA002689850A CA2689850A1 (en) | 2006-03-01 | 2006-03-01 | Secure access by a user to a resource |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/CA2006/000287 WO2007098569A1 (en) | 2006-03-01 | 2006-03-01 | Method and system for securing interface access via visual array paths in combination with hidden operators |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA002689850A Division CA2689850A1 (en) | 2006-03-01 | 2006-03-01 | Secure access by a user to a resource |
Publications (2)
Publication Number | Publication Date |
---|---|
CA2644272A1 true CA2644272A1 (en) | 2007-09-07 |
CA2644272C CA2644272C (en) | 2011-08-16 |
Family
ID=38458599
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA002689850A Pending CA2689850A1 (en) | 2006-03-01 | 2006-03-01 | Secure access by a user to a resource |
CA2644272A Expired - Fee Related CA2644272C (en) | 2006-03-01 | 2006-03-01 | Method and system for securing interface access via visual array paths in combination with hidden operators |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA002689850A Pending CA2689850A1 (en) | 2006-03-01 | 2006-03-01 | Secure access by a user to a resource |
Country Status (5)
Country | Link |
---|---|
EP (1) | EP2002371A4 (en) |
JP (1) | JP2009528601A (en) |
CN (1) | CN101421737B (en) |
CA (2) | CA2689850A1 (en) |
WO (1) | WO2007098569A1 (en) |
Families Citing this family (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100043079A1 (en) * | 2006-09-07 | 2010-02-18 | France Telecom | Code securing for a personal entity |
GB0910545D0 (en) | 2009-06-18 | 2009-07-29 | Therefore Ltd | Picturesafe |
CN101882188B (en) * | 2010-06-07 | 2012-11-07 | 天地融科技股份有限公司 | Method and device for enhancing data input security of electronic signature tool |
US8650635B2 (en) | 2010-12-16 | 2014-02-11 | Blackberry Limited | Pressure sensitive multi-layer passwords |
US9258123B2 (en) | 2010-12-16 | 2016-02-09 | Blackberry Limited | Multi-layered color-sensitive passwords |
US8650624B2 (en) | 2010-12-16 | 2014-02-11 | Blackberry Limited | Obscuring visual login |
US8863271B2 (en) | 2010-12-16 | 2014-10-14 | Blackberry Limited | Password entry using 3D image with spatial alignment |
US8661530B2 (en) | 2010-12-16 | 2014-02-25 | Blackberry Limited | Multi-layer orientation-changing password |
US8769641B2 (en) | 2010-12-16 | 2014-07-01 | Blackberry Limited | Multi-layer multi-point or pathway-based passwords |
US8745694B2 (en) | 2010-12-16 | 2014-06-03 | Research In Motion Limited | Adjusting the position of an endpoint reference for increasing security during device log-on |
US8931083B2 (en) | 2010-12-16 | 2015-01-06 | Blackberry Limited | Multi-layer multi-point or randomized passwords |
EP2466517B1 (en) * | 2010-12-16 | 2017-05-24 | BlackBerry Limited | Simple algebraic and multi-layered passwords |
US9135426B2 (en) | 2010-12-16 | 2015-09-15 | Blackberry Limited | Password entry using moving images |
US8635676B2 (en) | 2010-12-16 | 2014-01-21 | Blackberry Limited | Visual or touchscreen password entry |
US8631487B2 (en) | 2010-12-16 | 2014-01-14 | Research In Motion Limited | Simple algebraic and multi-layer passwords |
GB2488310B8 (en) * | 2011-02-02 | 2016-01-27 | Winfrasoft Corp | A method and system for authenticating a user of a computerised system |
US8769668B2 (en) | 2011-05-09 | 2014-07-01 | Blackberry Limited | Touchscreen password entry |
US9223948B2 (en) | 2011-11-01 | 2015-12-29 | Blackberry Limited | Combined passcode and activity launch modifier |
GB2498350B (en) * | 2012-01-09 | 2015-10-21 | Gopalan Ketheeswaran | Input device |
Family Cites Families (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPS60207956A (en) * | 1984-04-02 | 1985-10-19 | Toshiba Corp | Identification matching system |
JPS63661A (en) * | 1986-06-19 | 1988-01-05 | Omron Tateisi Electronics Co | Card processing system |
JPS6473449A (en) * | 1987-09-14 | 1989-03-17 | Hitachi Ltd | Password number inputting system |
DK136192D0 (en) * | 1992-11-09 | 1992-11-09 | John Reipur | FILTER |
US5425102A (en) * | 1994-06-09 | 1995-06-13 | Datasonix Corporation | Computer security apparatus with password hints |
GB9424791D0 (en) * | 1994-12-08 | 1995-02-08 | Philips Electronics Uk Ltd | Security code input |
US6209104B1 (en) * | 1996-12-10 | 2001-03-27 | Reza Jalili | Secure data entry and visual authentication system and method |
AU2001251202A1 (en) | 2000-04-07 | 2001-10-23 | Rsa Security, Inc. | System and method for authenticating a user |
GB2381603B (en) * | 2001-10-30 | 2005-06-08 | F Secure Oyj | Method and apparatus for selecting a password |
AU2003211960B2 (en) * | 2002-02-13 | 2009-12-10 | Passlogy Co., Ltd. | User authentication method and user authentication system |
JP4090251B2 (en) * | 2002-03-05 | 2008-05-28 | パスロジ株式会社 | Authentication device, authentication method, and program |
JP3789462B2 (en) * | 2002-09-12 | 2006-06-21 | 三菱電機株式会社 | Authentication system, authentication device, terminal device, and authentication method |
US7644433B2 (en) * | 2002-12-23 | 2010-01-05 | Authernative, Inc. | Authentication system and method based upon random partial pattern recognition |
US7577987B2 (en) | 2002-12-23 | 2009-08-18 | Authernative, Inc. | Operation modes for user authentication system based on random partial pattern recognition |
JP4316311B2 (en) * | 2003-07-03 | 2009-08-19 | 株式会社日立製作所 | Authentication method using logical password, information processing apparatus, program, and recording medium |
KR101108660B1 (en) * | 2003-10-14 | 2012-01-25 | 사이퍼락 테크놀로지 코포레이션 | Authentication system |
-
2006
- 2006-03-01 WO PCT/CA2006/000287 patent/WO2007098569A1/en active Application Filing
- 2006-03-01 EP EP06705241A patent/EP2002371A4/en not_active Withdrawn
- 2006-03-01 CA CA002689850A patent/CA2689850A1/en active Pending
- 2006-03-01 CA CA2644272A patent/CA2644272C/en not_active Expired - Fee Related
- 2006-03-01 JP JP2008556618A patent/JP2009528601A/en active Pending
- 2006-03-01 CN CN 200680054245 patent/CN101421737B/en not_active Expired - Fee Related
Also Published As
Publication number | Publication date |
---|---|
WO2007098569A1 (en) | 2007-09-07 |
CA2689850A1 (en) | 2007-09-07 |
CA2644272C (en) | 2011-08-16 |
CN101421737B (en) | 2011-04-20 |
CN101421737A (en) | 2009-04-29 |
JP2009528601A (en) | 2009-08-06 |
EP2002371A4 (en) | 2010-05-05 |
EP2002371A1 (en) | 2008-12-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA2644272A1 (en) | Method and system for securing interface access via visual array paths in combination with hidden operators | |
Timms et al. | Does species‐level resolution matter? Taxonomic sufficiency in terrestrial arthropod biodiversity studies | |
US7221474B2 (en) | Method for visualizing large volumes of multiple-attribute data without aggregation using a pixel bar chart | |
Yoon et al. | Detecting violations of factorial invariance using data-based specification searches: A Monte Carlo study | |
US9727981B2 (en) | Visualizing data model sensitivity to variations in parameter values | |
US20080007554A1 (en) | Two Dimensional User Interface For Multidimensional Data Analysis | |
JP2009528601A5 (en) | ||
US9348881B1 (en) | Visual content query for multi-dimensional datasets | |
CA2391829A1 (en) | Timeshared electronic catalog system and method | |
CN103164222A (en) | Multidimensional modeling system and multidimensional modeling method | |
CN104391799B (en) | Internal storage access control in memory device | |
US9043376B2 (en) | Custom configuration for a calculator based on a selected functionality | |
CN113345052A (en) | Classified data multi-view visualization coloring method and system based on similarity significance | |
Finch | Performance of the Roy-Bargmann stepdown procedure as a follow up to a significant MANOVA | |
CN111282264B (en) | Virtual object control method and device | |
CN116610583A (en) | SCA tool maturity evaluation method, SCA tool maturity evaluation device, SCA tool maturity evaluation equipment, SCA tool maturity evaluation medium and SCA tool maturity evaluation product | |
US10402838B2 (en) | Multivariable regression analysis | |
US20140032182A1 (en) | Computer-Implemented Method For Optimising The Design Of A Product | |
Kang et al. | A constrained randomization approach to interactive visual data exploration with subjective feedback | |
WO2017062026A1 (en) | Generating cohorts using automated weighting and multi-level ranking | |
KR101854266B1 (en) | Apparatus for providing work information, and recording medium | |
CN111176644A (en) | Automatic layout method and device of operation interface and response method and device thereof | |
KR20180068556A (en) | Apparatus and method for providing work information, and recording medium | |
CN102156831A (en) | Method and system for protecting interface access security by combining visual array path with hidden operational character | |
CN117632365A (en) | Method, device, computer equipment and storage medium for monitoring accelerator state |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
EEER | Examination request | ||
MKLA | Lapsed |
Effective date: 20190301 |