Browse Prior Art Database

Method and System for Task-Based Authentication of a User

IP.com Disclosure Number: IPCOM000206711D
Publication Date: 2011-May-03
Document File: 2 page(s) / 26K

Publishing Venue

The IP.com Prior Art Database

Abstract

A method and system is disclosed for task-based authentication of a user for granting access to a secure system.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 51% of the total text.

Page 01 of 2

Method and System for Task-Based Authentication of a User

Disclosed is a method and system for task-based authentication of a user for granting access to a secure system.

In accordance with the method and system disclosed herein, a user is presented with one or more puzzles and questions on a Graphical User Interface (GUI) of the secure system. The user is required to input solutions to the one or more puzzles and questions in a predefined time duration. Based on the solutions provided by the user, the secure system grants access to the user.

One or more puzzles and questions required for authentication are selected from a predefined pool of tasks for each user. A predefined pool of tasks for a user is created by the system when the user registers for an account with the secure system.

The one or more puzzles are created as different types of GUI activities with a context and a goal. Given the context, the goal can be achieved quite easily. Therefore, the user must memorize a context of an activity in order to solve all future puzzles of the similar type.

Figure 1 illustrates an exemplary puzzle that can be created and used in a task-based authentication scheme.

(This page contains 00 pictures or other non-text object)

Figure 1

The puzzle involves three tools (a shovel, a hammer and a fork) and three hats. During authentication the tools are concealed with the hats and shuffled before the user's eyes. The goal of the puzzle is for the user to correctly identify the hat concealing the object of interest. Without additional information about the puzzle, it is difficult for a user to know which tool among the three tools is the object of interest. Furthermore, the user cannot easily identify the correct hat after the tools are concealed and shuffled. To solve the puzzle, a legitimate user is given the context. Specifically, during registration, the user is informed that "tools used to eat dinner" is the criterion to be used for the "hat shuffle puzzle". When the user applies the context only one solution emerges. In the exemplary puzzle above the solution is...