Browse Prior Art Database

VOICE CYBERVAULT FOR LOCAL AND INTERNET LOGINS

IP.com Disclosure Number: IPCOM000014164D
Original Publication Date: 2000-Mar-01
Included in the Prior Art Database: 2003-Jun-19
Document File: 4 page(s) / 78K

Publishing Venue

IBM

Abstract

Disclosed is the use of text-independent speaker recognition and continuous speech recognition (at least in command and control form) to build a secure and user friendly Voice Cybervault for logins and password to multiple local and remote services. Recently with multiple machines, softwares and remote services offered on the internet and intranet, it is becoming extremely difficult for an average user to keep track of all the user Ids, logins and passwords or password procedures associated with each service. Besides being frustrating to the user, it leads to serious security breaches. Indeed, in order to remember the information appropriately, the user will either always use the same password for all the services or write down or store the information. In the first case if one login is compromised most of the other services accessible to the user becomes also compromised. In the second case, if the password booklet, paper or file is lost, all the services are compromised. Different alternatives have been proposed in the literature or on the market place to solve these problems. Biometrics are a first approach which allows to avoid passwords and even logins provided that the performances of the system are good enough. With the current state of the art, biometric-based access to a large network of numerous users is still shaky and needs to be complemented by password or knowledge-based information.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 21% of the total text.

Page 1 of 4

VOICE CYBERVAULT FOR LOCAL AND INTERNET LOGINS

Disclosed is the use of text-independent speaker recognition and continuous speech recognition (at least in command and control form) to build a secure and user friendly Voice Cybervault for logins and password to multiple local and remote services.

Recently with multiple machines, softwares and remote services offered on the internet and intranet, it is becoming extremely difficult for an average user to keep track of all the user Ids, logins and passwords or password procedures associated with each service. Besides being frustrating to the user, it leads to serious security breaches. Indeed, in order to remember the information appropriately, the user will either always use the same password for all the services or write down or store the information. In the first case if one login is compromised most of the other services accessible to the user becomes also compromised. In the second case, if the password booklet, paper or file is lost, all the services are compromised.

   Different alternatives have been proposed in the literature or on the market place to solve these problems.

   Biometrics are a first approach which allows to avoid passwords and even logins provided that the performances of the system are good enough. With the current state of the art, biometric-based access to a large network of numerous users is still shaky and needs to be complemented by password or knowledge-based information.

   Alternatively, different services have been provided on intranet to allow the user to connect to one service and upon authentication receive all the credentials to access other parts of the network. This can be achieved across operating systems or even across locations. It can be implemented by distributing upon authentication a token or certificate of authentication that all the networked resources can use in place of their conventional login procedure. Kerebos authentication by token is typical example of such method. Another implementation simply relies on the central system to act as a proxy server with all the other networked resources, upon authentication, login automatically to all the registered network. In the first case, all the resources must be adapted to recognize the authentication token used by the central system. In the latter case, the central system must know (i.e. by registration) all the resources available the system. It automatically connects to all the service provider to whom the user is entitled to and does not login on-demand. Such approach is problematic for internet applications, where pages and networked resources are remote, and sometimes not associated with the same IP address (or other network addresses for non TCP/IP protocols). Indeed in such cases all the resources (e.p. html pages and cgi pages) are not known by the system.

   To answer that shortcoming, while reducing the burden to provide a login and password, web applications and server servers use the con...