Altpass LLC v. Apple Inc
Filing
1
COMPLAINT ( Filing fee $ 402 receipt number 0542-15080913), filed by Altpass LLC. (Attachments: #1 Exhibit Exhibit A, #2 Exhibit Exhibit A-1, #3 Exhibit Exhibit B, #4 Exhibit Exhibit B-1, #5 Exhibit Exhibit C, #6 Exhibit Exhibit C-1, #7 Civil Cover Sheet Civil Cover Sheet)(Massand, Neal)
<![CDATA[
EXHIBIT A
US007350078B1
(54)
United States Patent
(10) Patent N0.:
Odom
(12)
(45) Date of Patent:
Mar. 25, 2008
Inventor:
5,867,647 A *
#1332, Portland, OR (Us) 97209
*
(
_
)
_
Nome:
_
3/1999
5,896,497 A *
Gary Odom, 123 NW- 12th Ave,
2/1999 Haigh et a1. ................ .. 726/23
5,889,866 A *
(76)
USER SELECTION OF COMPUTER LOGIN
US 7,350,078 B1
4/1999 Halstead .................... .. 726/35
Cyras et a1. .............. .. 713/192
5,913,024 A *
_
6/1999 Green et al. ................. .. 726/3
6,052,468
_
4/2000
A
*
Hillhouse
................. .. 380/281
subleclto any dlsclalmerathetenn Ofthls
6,193,153 B1 *
l’latselg 11S si’égngedl 3°; gdlusted under 35
6,205,204 B1 * 3/2001 Morganstein et a1. .... .. 379/67.1
'
'
y
6,209,104 B1*
ays'
6,219,707 B1*
APPL NO; 10/090520
(22) Filed:
3/2001
4/2001 Gooderum et a1. ....... .. 709/225
6,292,790 B1*
(21)
'
2/2001 Lambert ................... .. 235/380
Jalili
......................... ..
9/2001
Krahn e161. ......... ..
726/18
705/50
Mar. 4, 2002
Related US. Application Data
(60) Provisional application No. 60/286,457, ?led on Apr.
(Commued)
26, 2001~
(51)
FOREIGN PATENT DOCUMENTS
Int. Cl.
JP
H04L 9/00
11102345 A *
4/1999
(2006.01)
(52)
US. Cl. ......................................... .. 713/176; 726/2
(58)
Field of Classi?cation Search .............. .. 713/176,
OTHER PUBLICATIONS
713/1 83, 1 84
See application ?le for complete search history.
References Cited
Feldmeier et al., UNIX Password SecurityiTen Years Later, 1990,
Springer-Verlag, pp. 44-63.*
U.S. PATENT DOCUMENTS
(Continued)
(56)
4,218,738 A *
8/1980
Matyas et al. .............. .. 705/72
Primary ExamineriNasser MoaZZami
4,288,659 A *
9/1981
Atalla ...................... .. 380/281
Assistant ExamineriDavid Garcia Cervetti
4,621,334 A *
11/1986
4,805,222 A *
Garcia ...... ..
382/115
2/1989 Young et al.
4,962,530 A *
10/1990
Cairns ...... ..
4,964,163 A *
10/1990
382/115
Berry .... ..
5,091,939 A *
5,161,190 A *
2/1992 Cole et al.
11/1992
(57)
713/183
.. 713/183
Computer login may comprise any user-determined submis
Cairns ...................... .. 713/183
5,204,966 A *
5,226,080 A *
5,226,172 A *
5,229,764 A *
7/1993 Matchett et al.
5,442,342 A *
8/1995
sion. A user may select the input devices used, and Which
types of signals from input devices are to be used for login
authentication. Account identi?cation may be inferred by
signature rather than explicitly stated. A plurality of discon
tiguous data blocks in a plurality of ?les may be employed
for validation. The paths to data used in validation may be
multifarious, regardless of the prospects for successful
authorization.
4/1993 Wittenberg et al. .......... .. 726/6
7/1993 Cole et al. .......... ..
713/183
7/1993 Seymour et a1.
.... .. 709/222
5,491,752 A *
5,680,462 A *
5,682,475 A *
Kung
.............. ..
340/552
.. 340/527
2/1996 Kaufman et al.
10/1997
10/1997
ABSTRACT
713/183
380/30
Miller et al. .............. .. 380/263
Johnson et al. ............. .. 726/18
5,696,686 A * 12/1997 Sanka et a1.
700/110
5,721,780 A *
2/1998
Ensor et al. .............. .. 713/155
5,768,387 A *
6/1998 Akiyama et al. ......... .. 713/182
23 Claims, 10 Drawing Sheets
9
suamssiou
2 mm
. SIGNALS
1x VALIDATION
5 72m
:7 Arxsss
Demo
1
US 7,350,078 B1
Page 2
US. PATENT DOCUMENTS
6,311,272 B1*
10/2001
6,332,195 Bl*
6,363,153 Bl*
12/2001 Green et 81
3/2002 Parker er a1
2002/0002678 A1*
Gressel ..................... .. 713/186
726/14
380/263
1/2002 Chow et a1. .............. .. 713/169
2002/0002685 A1*
2002/00g3339 A1>1<
1/2002
6/2002
2002/0087894 A1*
2002/0091937 A1*
7/2002 Foley etal. .............. .. 713/202
7/2002 Ortiz ........ ..
.713/200
Shim ........... ..
.713/200
Blumenau et a1‘ ________ __ 713/201
6421453 131*
7/2002 Kfmevsky eta1~
382/115
2002/0141586 A1* 10/2002 Margalitetal. .......... .. 380/270
6,442,692 Bl*
8/2002 Zllberman
713/184
2003/0056120 A1*
6,466,781 131* 10/2002 Bromba eta1~
455/411
2004/0128508 A1*
7/2004 Wheeler et al.
6,618,806 Bl*
713/186
2006/0036547 A1*
2/2006 YaSuhaIa ................... .. 705/44
9/2003 Brown er a1
6,636,975 B1* 10/2003 Khidekeletal.
6,647,400 B1*
11/2003
6’647’498 Bl *
Moran ......... ..
707/205
726/17
6,651,168 B1*
11/2003
Kao et a1.
713/185
6,657,614 B1*
12/2003
116 etal.
345/168
6,751,734 B1*
.
6/2004 Uch1da
6’766’456 Bl *
7/2004 McKeeth """ "
6,948,154 B1*
9/2005 Rothermel et al.
2001/0047488 A1*
10/2005
Chainer et a1.
713/170
726/10
110003 Cho """ "
6,957,337 B1*
3/2003 Liii etal. .................. .. 713/202
713/186
726/2
.... ..
717/128
713/186
11/2001 Verplaetse et al. ........ .. 713/202
OTHER PUBLICATIONS
Syukri et al., AUser Identi?cation System Using Signature Written
.
.
W1th Mouse, 1998, Spr1nger-Verlag, pp. 403-414. *
.
.
.
Harn et al., Integrat1on of User Authent1cat1on and Access Control,
,,
1992, IEEE, V01. 139, N0. 2, pp. 139-143.
Monrose et al. Password Hardening Based on Keystroke Dynam
M 1999 ACM
’
’
7382,,
’pp'
* cited by examiner
'
U.S. Patent
Mar. 25, 2008
100 COMPUTER
101 DISPLAY DEVICE
US 7,350,078 B1
Sheet 1 0f 10
9 SUBMISSION
3 IDENTIFICATION
TRANSMISSION(S)
102 CPU
2I SIGNAL(s)
103 STORAGE
104 MEMORY
4A SIGNATURE
105 RETENTION
DEvICEs(s)
TRANSMISSION(S)
SIGNAL(s)
106 INPUT DEV1CE(S)
107 POINTING DEVICE
(E.G. MOUsE)
FIGURE 3
108 KEYBOARD
9 SUBMISSION
109 BIOMETRIC DEVICE
4sv SIGNATURE
TRANsMIssION(s)
FIGURE 1
SIGNALS
FIGURE 4
97 ACCESS
AUTHENTICATION
9 SUBMISSION
1 1 TRANSMISSION TYPE
2 SIGNAL
21 SIGNAL-TYPE
18 VALIDATION
22 SIGNAL DATA -
27 AUTHORIZATION
FIGURE 2
FIGURE 5
U.S. Patent
Mar. 25, 2008
Sheet 2 0f 10
US 7,350,078 B1
108 KEYBOARD
2SIGNAL
0000000000 [3000
OODCIDCIOUCIC] OCICJU
UODDCJUCJCJCIJ DOC]
UUUCIUCJUCIUCI DOCIU
DC] (:3 00 [3C]
I'IRANSMISSION
_________ —->
2s SIMPLE SIGNAL
107 MOUSE
OR
1 TRANSMISSION
—> 2s SIMPLE SIGNAL
108 KEYBOARD
DUUUUDUUDC] GU08
CIUUCJDUDCJUU UCJCI
IMTRANSMISSION
89000000‘: DUO
CICICIDUDUCIC] DOD
———————————————> ZCCOMPOsITESIGNAL
U Cl (:1 DD [:30 j
\
[30
AND —
FIGURE 6
107 MOUSE
U.S. Patent
Mar. 25, 2008
Sheet 3 0f 10
US 7,350,078 B1
78 ACTIVE TERMINATION
77 PASSIVE TERMINATION
9
SUBMISSION
9
SUBMISSION
2 INPUT
SIGNALS
1 TRANSMISSION
\
1 TRANSMISSION
/
\
/
26
TERMINATION
CONDITION
?
23 SUBMISSION TERMINATION
FIGURE 7
23 SUBMISSION TERMINATION
FIGURE 8
U.S. Patent
Mar. 25, 2008
Sheet 4 0f 10
US 7,350,078 B1
( 41 TEXT INPUT DIALOG
( 40 SCREEN
\
\
42 TEXT INPUT CONTROL
TEXT INPUT N\/
‘
43 ACKNOWLEDGE BUTTON
OK \
1 TRANSMISSION
<25
TERMINATE
FIGURE 9
2 SIGNAL
El LOCATION
\
21 SIGNAL TYPE
'3 SPEED
X VECTOR
_|j SHAPE
TEXT INPUT
OK
FIGURE 10
U.S. Patent
Mar. 25, 2008
Sheet 5 0f 10
US 7,350,078 B1
99
ACCOUNT INPUT
2 INPUT
M
10 ACCOUNT CREATION
13 PACKAGING
14 ENCRYPTION
15 SEQUENCING
KEY
CREATION / EMPLOYMENT
FIGURE 1 1
6KEY
7 NEXT KEY TRAJECTORY
\®
13
PACKAGING
FIGURE 12
16 KEY UNIT
6 KEY
8 KEY ‘FILE
1 10 ACCOUNT
FIGURE 1 3
U.S. Patent
Mar. 25, 2008
Sheet 6 0f 10
US 7,350,078 B1
801 KEY FILE
62 KEY
INDEX
61 KEY INDEX
(61 l INITIAL KEY INDEX)
210 KEY CODE
212 MOUSE CLICKS
MOUSE VECTOR
214 MOUSE LOCATION
215 MOUSE SHAPE
MOUSE SPEED
217 KEY & MOUSE CLICK
6210
FIGURE 14
§_/
/ ENTRY
U.S. Patent
Mar. 25, 2008
Sheet 7 0f 10
US 7,350,078 B1
180 POST-SUBMISSION VALIDATION
/
SUBMISSION
2 INPUT
L- SIGNALS
47 ACCUMULATE
SIGNAL DATA
1
‘SUBMISSION
NO
COMPLETED
18 VALIDATION
27 AUTHORIZATION
181 INCREMENTAL VALIDATION
FIGURE 1 5
_
9
SUBMISSION
I
88
CONTINUING INPUT
2 INPUT
L SIGNALS
v
' 18 VALIDATION
1
27 AUTHORIZATION
FIGURE 16
U.S. Patent
Mar. 25, 2008
18 VALIDATION
Sheet 8 0f 10
Q)
I
50 ACCUMULATE
INITIAL SIGNAL KEYs
52 FOR EAcH POssIBLE
US 7,350,078 B1
I
818 ®
51 DISCARD
UNMATCHED KEYS
,
FOR EACH SIGNAL
INITIAL SIGNAL KEY
FOR EACH REMAINING KEY
@
¢
61
6
SIGNAL
MATCH?
SIGNAL
MATCH?
55 ACCUMULATE
POssIBLE KEYS
59 DISCARD KEY
%
CD
33 MATCH RESULTS
75 NO
TO: 27 AUTHORIZATION
v
FIGURE 17
TRAJECTORY
?
74 YES
U.S. Patent
Mar. 25, 2008
Sheet 9 0f 10
US 7,350,078 B1
2 INPUT
'“"'"’
SUBMISSION
i
i
:
i
L SIGNALS
18 VALIDATION
FIRST KEY TRAJECTORY
INITIAL
KEY FILE
WRONG
KEY FILE
I
SECOND KEY
TRAJECTORY
I
THIRD KEY
TRAJECTORY
mmMm
H
LA S T. m Y
TRAJECTORY
33 MATCH RESULTS
I
AUTHORIZATION
+
F B U RE 1 8
oo 6 NO
.+
NO
37 ACCESS
DENIED
72 YEs — AUTHORIZATION
SUccEss
U.S. Patent
Mar. 25, 2008
9
: SUBMISSION
Sheet 10 0f 10
US 7,350,078 B1
2 INPUT
L SIGNALS
l8 VALIDATION
FIRST KEY TRAJECTORY
INITIAL
KEY FILE
7w WRONG KEY TRAJECTORY
SECOND KEY
TRAJECTORY
LAST KEY
TRAJECTORY
33 MATCH RESULTS
$
.
63 YES
FIGURE 19
86 N0
RETRY
?
:NO
‘0
37 ACCESS
DENIED
<
AUTHORIZATION
FAILURE
US 7,350,078 B1
1
2
USER SELECTION OF COMPUTER LOGIN
DRAWINGS
CROSS REFERENCE TO RELATED
APPLICATIONS
FIG. 1 is a block diagram of a computer suitable for
practicing the invention.
FIG. 2 depicts the access authentication process.
FIG. 3 depicts an embodiment of identi?cation and sig
This application claims priority from provisional appli
cation 60/286,457, ?led on Apr. 26, 2001.
nature comprising submission.
FIG. 4 depicts an embodiment of signature solely com
BACKGROUND
prising submission.
FIG. 5 depicts classifying signals by their transmission
and signal types.
FIG. 6 depicts simple and composite signals.
Computer login traditionally consists of a user typing in
an account name and a passWord.
Historically, access validation, such as authenticating a
FIG. 7 depicts active submission termination.
FIG. 8 depicts passive submission termination.
passWord for an account, has been through reading data from
a single passWord ?le comprising account name and
encrypted passWord. Once a single account and a typed
FIGS. 9 & 10 depict example submission screens.
FIG. 11 depicts account creation.
FIG. 12 depicts a key.
FIG. 13 depicts a key unit.
passWord is knoWn, system security can be compromised.
Once encryption for a single passWord is broken, all other
passWords are potentially comprised, as all passWords and
account names are conveniently located in the single pass
Word ?le and use the same encryption.
20
US. Pat. No. 6,442,692 [Zilberman] disclosed a special
microcontroller embedded Within a keyboard. The micro
controller Was employed “to measure certain characteristics
of the user’s keystroke dynamics” independent of the typed
text, including the timing, intervals, and durations of key
FIG. 14 depicts an example of key indexing.
FIG. 15 depicts validation after submission termination.
FIG. 16 depicts incremental validation.
FIG. 17 depicts the validation process.
FIG. 18 depicts an example of validation key trajectory
25
resulting in access.
FIG. 19 depicts an example of validation key trajectory
resulting in authoriZation failure.
presses and pauses. These measured characteristics Were
then used as integral information for authenticating a user’s
identity.
DESCRIPTION
US. Pat. No. 6,766,456 [McKeeth] disclosed user input
from one or a combination of input devices as a basis for
user authentication. McKeeth used matching of “implicit
input” as part of the authentication, Where the implicit input
is related to the timing and/or duration of explicit inputs.
Zilberman and McKeeth used surreptitious surveillance
of user input, Where the user could not choose or control data
30
FIG. 1 is a block diagram of a desktop computer 100
Which comprises a CPU 102; storage 103, Which comprises
memory 104 and optionally one or more devices With
35
one or more input devices 106, examples of Which include
vital to authentication. McKeeth disclosed the possible
usage of multiple input devices, used singularly or in com
but are not exclusive to: a keyboard 108; one or more
pointing devices 107, such as a mouse; or a biometric device
109, such as a ?ngerprint reader. The mouse is the most
bination, but only disclosed that “the computer system may
be con?gured,” never anticipating that a user may choose the
input device con?guration.
retention medium(s) 105 such as hard disks, diskettes,
compact disks, or tape; an optional display device 101; and
40
popular pointing device 107 for desktop computers 100. In
the description beloW, mention of a mouse is meant to
SUMMARY
include pointing devices 107 of any type, including, for
Computer login may comprise any user-determined sub
mission, including a plurality of transmissions for Which
a user may “Write” upon a screen. The described softWare
example, a pen or stylus used in computing devices Where
may be employed on such a computer 100. As Well, the
softWare described may ?nd application in other computer
like devices requiring secured access, including hand-held
submission may be passively terminated. Preferably a user
determines the signal types as Well as content of signals.
This makes submission theft more difficult and less likely.
Account identi?cation may be inferred by signature rather
than explicitly stated. Overt account identi?cation provides
an entry point for hacking; With inferred account identi?
cation, this entry point is eliminated.
or embedded devices.
In the folloWing description, softWare-determined proto
50
including, for example, fuZZy logic or neural netWork pat
tern matching; or, random or pseudo-random determina
tions. A random or pseudo-random technique that results in
Aplurality of discontiguous data blocks (keys) in a one or
more ?les may be employed for validation. This ameliorates
having a single authentication key that, once accessed, may
col includes exemplary methods or techniques such as
algorithms; or non-algorithmic methods or techniques,
55
seemingly arbitrary selection, the equivalent of softWare
be deciphered and security compromised.
Multiple trajectories to keys, hence multiple paths to
rolling dice, is referred to as non-deterministic.
authoriZation as Well as ersatZ trajectories and paths When
submission Will not garner authorized access, obfuscate
validation protocol to spy softWare and devices.
These aspects are independent: one does not rely upon the
other. Any one or all may be employed to enhance computer
data types, and types of data, such as transmission 11, signal
21, packaging 13, sequencing 15, or encryption 14 types or
protocols, are identi?able using binary identi?cation codes
In the folloWing description, protocols, algorithm types,
60
(type identi?ers), by data length, or other data signature,
such as a uniquely identi?able bit pattern, or by convention,
login security.
Access privileges for accounts are not germane. Deter
mining or setting account access privileges are separate
operations that occur after submission validation and autho
riZation.
such as knoWn location (offset) Within a data structure.
FIG. 2 depicts the access authentication process 97,
65
comprising submission 9, validation 18, and authorization
27. Naturally, an account must be created 10 before any
access authentication process 97 may occur.
US 7,350,078 B1
3
4
Submission 9 comprises one or more transmissions 1
intended for authenticating access to a computer 100 or
typically been used for a signature 4, namely a passWord,
Which is a signature 4 of a single Word of text. A pass-phrase
is a signature 4 of a plurality of Words of text.
Aplurality of transmissions 1 or signals 2 may be used for
network of computers 100. As depicted in FIG. 3, in one
embodiment, a submission 9 comprises identi?cation 3 and
signature 4. Historically, an account name Would be an
5
sion type(s) 11, or signal type(s) 21 that comprise a sub
mission 9. Alternately, transmission 1 or signal 2 determi
nation accords With a softWare-determined protocol.
Historically, validation 18 has required an absolute signal
match 5 to input 22: for example, no deviance from a
character-based passWord has been permitted. With mouse
107 movements, or other dif?cult-to-exactly-replicate sig
nals 2, hoWever, some tolerance may be permitted. Signal 22
tolerance should be alloWed When appropriate, and may be
set by softWare-determined protocol or user selection. For
example, deviance up to 10% from recorded signal match 5
FIG. 4, supplanting separate identi?cation 3 & signature 411
While providing for the dual components of identi?cation 3
and signature 4. With submission 9 solely comprising sig
nature 4s, an account may be identi?ed by the signature 4s
data itself, or by having an account identi?er 110 embedded
Within a key 6 that has been accessed during validation 18
of the signature 4s.
A transmission 1 is user input into the computer 100 via
one or more input devices 106, Whereupon termination of
transmission 1 is recognizable, and resulting in at least one
for keystroke timing 211 may be acceptable. Similarly, as
signal 2. There may be different types 11 of transmissions 1,
examples of Which include mouse 107 movements or clicks,
another example, mouse click location may vary Within a
20
radius of 10 pixels and still be tolerated. As multiple signals
25
2 may comprise a submission 9, the need for exactness for
any single signal 2 to properly authenticate access 97 is
lessened.
Termination of submission 9 may be active or passive.
FIGS. 7 & 8 illustrate. Inputting a passWord or pass-phrase,
keyboard 108 entry, or combinations thereof. Other types 11
of transmissions 1 are possible With different input devices
106, such as, for example, voice transmission 1 if the
computer 100 is equipped With a microphone and speakers.
Multiple-device 106 transmission 1m is conceivable. An
for example, is typically terminated by pressing the ‘Enter’
key or clicking an equivalent acknoWledge button 43 using
example of a multiple-device 106 transmission 1 is a com
bination of mouse 107 movement While one or more keys
108 are pressed, as depicted in FIG. 6.
A signal 2 is a set of related softWare-recogniZable data
from a single transmission 1. A plurality of signals 2 of
identi?cation 3 or signature 4. In some embodiments, a user
may determine the transmission(s) 1, signal(s) 2, transmis
identi?cation 3, and a passWord a signature 4. If surety of
uniqueness may be assured, in an alternate embodiment, a
submission 9 comprises a single signature 4s, as depicted in
30
the mouse 107. As another example, inputting mouse 107
movement may be actively terminated by a mouse 107 click.
With active termination 78, a user terminates submission 9
different types 21 may emanate from a single transmission
through a prescribed indication 25. With passive termination
1. For example, typing a Word may yield the signals 2 of
entered keys 210 and the timing betWeen keystrokes 211.
77, software terminates submission 9 Without overt user
action, but instead When a predetermined condition is met
26. Examples of passive termination 77 include: recording
Another example: mouse 107 movement of the cursor may
yield signals 2 of locations 214, velocities, duration; and
shape pattern(s) (such as script signatures, draWn characters,
35
and so on) 215.
A transmission 1 of composite signals 20 comprising a
plurality of simple signals 2s is conceivable. For example, a
multiple-device 106 transmission 1m produces a composite
signal 20 if matching to signals 2 of both devices 106 is
required, as does requiring signal match 5 of multiple signal
40
types 21 from a single-device transmission 1.
Signal data 22 may be categoriZed by its transmission
type 11 and/or signal type 21, as depicted in FIG. 5. For easy
identi?cation, each possible transmission type 11 or signal
type 21 may be assigned a unique ordinal. Hypothetically, if
key-mouse transmission 1 could be considered as compris
ing key 108 plus mouse 107 signals 2, rather than some
Termination 23 of identi?cation 3 or signature 4 may
50
occur using any number of protocols: passively 77 by a
predetermined or user-selected number of transmissions 1;
?nal transmission 1 by a particular type of action; active
55
passive termination 77 by time out of a predetermined
duration or suf?ciency of data collection. Another example:
incremental validation 181 permits passive termination 77
via absence of next key trajectory 7, or, alternately, com
termination 78 by a ?nal gesture, such a key or button press;
pleted signal matching 5 of all relevant keys 6.
Identi?cation 3 is at least one transmission 1 of an account
identi?er. Historically, identi?cation 3 has been a keyed-in
account name. Employing the invention, identi?cation 3
60
security precaution to preclude unauthorized access 39.
Historically, a single signal 2 of a single transmission 1 has
FIGS. 9 & 10 depict an example account input 99 or
post-account creation submission 9 screen 40, employed to
input at least a signature 4. (In one embodiment, account
identi?ers 3 may be assigned.) Text transmission(s) 1 can be
input in the text input dialog 41 comprising a text input
control 42 and acknoWledge button 43. Signature 4 trans
mission(s) 1 can be input, and input signals 2 recorded. FIG.
9 depicts dragging the text input dialog 41 doWn the screen
1. A translation table, algorithmic method, or other softWare
determined protocol, With or Without encryption 14, may be
employed if identi?cation 3 or signature 4s does not repre
sent the actual account identi?er.
A signature 4 is at least one transmission 1 intended as a
77: softWare terminates submission 9 When suf?cient bio
metric signals 2 have been recorded.
uniquely identi?able key-mouse signal type 21.
comprises at least one signal 2 from at least one transmission
a certain elapsed time absent further input; until suf?cient
signal 2 has been input to alloW a signal match 5; or until a
succeeding transmission 1 of another transmission type 11 or
signal type 21 commences, the change of type 11 itself
indicative of previous transmission 1 termination. For
example, changing from cursor/mouse movement to mouse
button clicking may be considered a change in signal type
21, and hence a possible basis for passive termination.
Biometric transmission 1 is typically passively terminated
45
a multiple-device 106 transmission 1 is identi?ed as a
unique transmission type 11, the range of transmission types
11 may extend to the factorial of all possible input devices
106, depending upon the embodiment employed. To avoid
unnecessary complication, consider signal type 21 as poten
tially additive (rather than combinatorial): for example, a
mouse 107 movement or sound for a limited time, or until
65
40 as a transmission 1 (by pressing the proper mouse 107
button When the cursor is over an appropriate section of
dialog 41, thus selecting the dialog 41, then moving the
US 7,350,078 B1
6
5
As a suggestion for encryption 14, initial input signals 2
mouse 107 While keeping the button pressed). The dragging
action in this example is terminated by a mouse-up (releas
ing the mouse 107 button).
in the ?rst transmission 1 may comprise a parametric seed
In one embodiment, a user may determine as part of
non-exact signal matching 5 is tolerated, as close may not
account creation 10 Which signal types 21 are to be consid
ered for validation 18 of subsequent submissions 9. This is
for encrypting one or more keys 6. Caution is advised if
5
good be enough for decryption using such a seed technique,
but it is possible to incorporate tolerance into an encryption
14 algorithm, so that an acceptable margin of error for signal
matching 5 may also suffice for decryption as Well. Math
an editing process that may be construed as part of account
input 99. For example, after submission termination 23,
having recorded signals 2 for account input 99, as depicted
ematical rounding is a suggested technique alloWing such
tolerance; as Well employing a subset of possible signals 2,
in the example of FIG. 10, the user may select, via checkbox
controls as shoWn, Which signal types 21 of the transmission
such as a high and loW, or using one or more algorithmically
derived values, such as median or mean.
1 depicted in FIG. 9 are to be considered for the transmission
Signal sequencing 15 is codi?cation of the order of
1 being recorded. The checkboxes are speci?c to types of
signals 21 appropriate to the type of transmission 11
employed. In the described example, the checkboxes (for
signals 2. Signal sequencing 15 may be predetermined
(software-determined), such as, for example, input order, or,
alternately, a predetermined prioritization. In alternative
embodiments, signal sequencing 15 may vary by softWare
signal type 21 selection) appear only for account input 99,
not When a user is making an submission 9 after an account
has been created, as the prerequisite signals 2 for signature
determined protocol or by user selection. If a plurality of
4 or identi?cation 3 have already been stored.
FIG. 9 depicts a button 25 for submission termination 78.
A termination button 25 or its equivalent is necessary only
With active termination 78. Initial input for account creation
10 may use active termination 78 Which is later edited out
protocols are used for signal sequencing 15, the protocol
during a subsequent signal 2 and transmission 1 selection
process, resulting in passive termination 77.
20
Sequencing 15 and encryption 14 may be combined,
offering further opportunity for obscuring decipherment of
packaging 13 protocols.
During account creation 10, each selected signal 2 is
25
?les 8, for subsequent access authentications 97.
As in the prior art, each account must be unique. For
accounts Where submission 9 comprises identi?cation 3 and
signature 4a, identi?cation 3 must be unique. For accounts
Where submission 9 comprises signature 4s, the signature 4s
itself must be unique. During account creation 10, this can
be veri?ed by attempting to validate 18 the appropriate
component of a submission 9 for a neW account prior to
35
alternate embodiment, account input 99 may be passively
signals 2 from account input 99 may be edited, the user
single key 6 may have a plurality of signal matches 5, and
selecting signals 2 and termination, such that only select,
edited signals 2 and termination types are employed as
account submission 9. In alternate embodiments, as aspects
of account input 99, signals 2 may not be edited or user
selected, or termination 23 type user-determined.
FIG. 11 depicts account creation 10, in the beginning of
45
one or more transmissions 1 for packaging into one or more
keys 6. Each user account has at least one key 6 for access
authentication 97.
There are tWo aspects to account creation 10: packaging
50
13, and key 6 creation or employment 16.
Packaging 13 tells hoW to interpret keys 6, including
stored match signals 5. Overt packaging 13 is optional, and
may vary by embodiment. Packaging 13 may be implicit by
softWare-determined protocol, obviating the need for overt,
unrelated data or even executable code.
55
key trajectory 7. In alternate embodiments, key 6 composi
tion varies; the minimum requirement is that a key 6
comprises at least one signal match 5. Packaging 13 and next
60
or algorithm is used throughout (thus, predetermined). In
alternative embodiments, encryption 14 may vary by soft
submission 9 signal 2. A key 6 may comprise a plurality of
signal matches 5.
Ware-determined protocol or by user selection on a per-user
able.
key trajectory 7 inherency may vary.
A signal match 5 is a signal 2 stored in a key 6 during
account creation 10, used for validation 18 of a subsequent
ment. In one embodiment, the same encryption 14 protocol
or per-signal 2 basis. If a plurality of protocols are used for
As depicted in FIG. 12, a key 6 may comprise packaging
13, at least one signal match 5 facility, and at least one next
Encryption 14 refers to encrypting or decrypting all or
encryption 14, the protocol 14 employed must be identi?
thereby function as a plurality of keys 5 in alternate embodi
ments, a key 6 may comprise a key unit 16. A key ?le 8 as
an actual or potential collection of keys 6 a key unit 8. An
established account may be considered a virtual aggregation
of the keys 6 used to validate 18 submission 9 for that
account, hence also represents a key unit 16.
Akey ?le 8 comprises at least one key 6. Akey ?le 8 may
comprise a plurality of keys 6, or What deceptively may be
keys 6: a key ?le 8 may have pseudo-keys as key ?le 8 ?ller.
In one embodiment, key ?les 8 may be a uniform number of
bytes, regardless of the number of keys 6 stored in a key ?le
8. Keys 6 may be in ?les 8 not exclusively comprising keys
6 (or pseudo-keys); in other Words, a key ?le 8 may as Well
be employed for other purposes, including ?les 8 comprising
data-based packaging 13. There may be tWo optional aspects
to packaging 13: encryption 14 and signal sequencing 15.
part of key 6 data. Encryption 14 is optional, but recom
mended. Encryption 14 employment may vary by embodi
establishing the account 10.
A key 6 may contain account identi?cation 3.
As depicted in FIG. 11, a key unit 16 is a virtual or actual
collection of signal matches 5. As in one embodiment a
terminated 77. In one embodiment, transmissions 1 and
Which account input 99 provides one or more signals 2 from
optionally encrypted 14, encoded for subsequent signal
matching 5, and stored in keys 6, Which are stored in key
There is an embodiment Whereby a user may determine
some or all of the transmissions 1 or transmission types 11
comprising account input 99. There is an embodiment
Whereby a user may determine Which signal types 21 of
select transmissions 1 comprise account input 99. Other
Wise, software-determined protocol may determine all or
some transmissions 1 or signals 2 comprising account input
99.
In one embodiment, account input 99 captures all trans
mission 1 signals 2 until actively terminated 78. In an
employed must be identi?able.
65
A next key trajectory 7 vectors validation 18 to the next
key 6, or, if the terminal key 62, results in forWarding match
results 33 for authoriZation 27, by absence of next key
US 7,350,078 B1
7
8
trajectory 7 in one embodiment. Next key trajectories 7 are
Alternately, an initial key ?le 81 may comprise all possible
a sequential organizational facility for keys 6.
Next key trajectories 7 may be obviated by having a single
key 6 With suf?cient contiguous signal matches 5 for vali
dation 18, Whereupon the signal matches 5 Within the key 6
initial keys 61 (of ?rst signal matches 5), possibly organized
or indexed by signal type 21. One or more key ?les 8 may
contain one or more indexes 61 to keys 6 Within their
respective ?les 8.
A key ?le 8 may include an index 61, or key ?les 8
themselves be indexed. The next key trajectory 7 may
provide next key 6 lookup via an index 61. Akey ?le 8 may
include an index 611 to initial signal keys 61. The index 61
are sequenced, organized, indexed, or otherWise knoWable
by softWare-determined protocol in relation to packaging 13.
As the correspondence of signal match 5 to key 6 varies
by embodiment, so too Where a next key trajectory 7 leads.
Depending upon restrictions that may be imposed in an
embodiment, a next key trajectory 7 may lead to a key 6 in
the same key ?le 8 as the last key 6, a key 6 in another key
?le 8, or the same key 6 if the key 6 holds a plurality of
may comprise key trajectories 7, including key trajectories
7 to possible ?rst keys 61, Which may be organized by
transmission type 11 and/or signal type 21.
FIG. 14 depicts an example of key 6 indexing. Key 6
indexing 61 or organization is recommended When submis
sion solely comprises signature 4s Where a user may input
signal matches 5.
Next key trajectory 7 provides all or part of a reference to
the next key 6 used in validation 18, if there is a next key 6.
signals 2 in any user-determined manner. Depicted in FIG.
14 is a key ?le 801 With a key index 61, speci?cally an initial
A next key trajectory 7 may be encrypted 14.
A next key trajectory 7 may be combined With other data
key index 611. The depicted initial key index 611 contains
that may have been or need to be mathematically transposed
to determine the next key 6. For example, all or a portion of
references to keys 61 that contain at least initial signals 2.
In the FIG. 14 example, only initial keys 61 are indexed.
an account identi?er 3, part of a signal match 5, or some
20
may comprise or reference an offset in a key ?le 8. A next
key trajectory 7 may reference a key index entry 62.
A key 6 may include a plurality of next key trajectories 7,
In this example, checking possible initial keys 61 constitutes
initial key trajectory 71. One or more next key trajectories
7 in an initial key 61 may indicate keys 8 for succeeding
signal matching 5, like links in a chain, so only an index of
portion of packaging 13 may be combined With the next key
trajectory 7 as a next key 6 identi?er. Next key trajectory 7
initial keys 61 is required. Alternately, a single key 6 may
25
in Which case a different next key trajectory 7 may be
selected based upon signal match 5 results4one or more
next key trajectories 7 for a correct signal match 5, likeWise
for an Wrong signal match 5. With a plurality of next key
trajectories 7, a next key trajectory 7 may be selected based
upon signal match 5 results, or by software-determined
contain all necessary signal matches 5 for validation 18.
A key index 61 may reference keys 6 in different ?les 8.
As depicted in the FIG. 14 example, initial key index 611
entries 62 reference keys 6 of the same input signal type 21.
Initial key code keys 210, for example, reference keys 6210
in the same ?le 801 as the index 611, While keystroke timing
keys 6211 referenced by the keystroke timing index entry
protocol, or a combination thereof.
211 reside in another key ?le 802. Key indexing 61 is an
Packaging 15 may be encoded as part of the next key
trajectory 7. For example, a next key trajectory 7 may
optimization.
include the signal sequencing 15 that identi?es next signal
match 5 type 21. In this instance, if the next input signal 2
in FIG. 14 as an example of a composite signal 2. The key
code & mouse click key index entry 217 may reference keys
Akey code & mouse click key index entry 217 is depicted
35
cannot be of the same type 21 as the next signal match 5,
authorization 27 may fail 86. Knowing that at that point, a
6 comprising multiple signal matches 5, one for each simple
signal 2 (key code 210 and mouse click 212), or, alternately,
Wrong trajectory protocol 7w may be invoked to avoid
identifying a proper key unit 16.
A submission 9 comprising identi?cation 3 folloWed by
reference multiple keys 6, each With simple signal matches
5 that altogether comprise the composite signal 2.
40
signature 4a is easier to validate 18 than a submission 9
solely comprising signature 4s: knoWing an account identi
?er 3 provides the means to knoW What the signature 411
should be.
Historically, identi?cation 3 has not been relied upon for
ring to subsequent keys 6, optimally, only potential initial
keys 61 need be searched to commence validation 18.
45
FIG. 15 depicts post-submission validation 180: input
50
signals 2 are accumulated 47 and submission 9 completed 46
before validation 18 commences. FIG. 16 depicts incremen
tal validation 181: validation 18 is concurrent With submis
sion 9 transmission 1. In other Words, With incremental
validation 181, validation 18 may progress With each signal
security. Signature 4 has played gate-keeper to unauthorized
access 39, not account identi?cation 3.
An initial key 61 that may ultimately lead to authorized 27
access 39 must associate to an account, either directly or by
reference. There may be keys 6 for Which authorization 27
Without key ?le 8 organization or key indexing 61, more
keys 6 may need to be considered than just those keys 61 for
initial signal matches 5. With next key trajectories 7 refer
cannot succeed 86 that may not associate to an account for
2 or transmission 1.
Which access 39 may be obtained. A key unit 16 for Which
Submission termination 23 must be knoWn using post
submission validation 180. This is a potential draWback:
authorized 27 access 39 is unobtainable is referred to as a
fake key 6w.
Organize key units 16 as an optmization. Various con
ventions of organizing or indexing accounts, keys 6, and key
unless softWare-determined protocol determines submission
55
termination 23, passive termination 77 cannot be accom
plished using post-submission validation 180; active termi
?les 8 may be employed. In alternate embodiments, the
same organizing principles may be applied at the level of
key 6, key ?le 8, or account.
Optimally, keys 6 are organized to facilitate rapid search
nation 78 must be used. For full user-determined submission
9, employ incremental validation 181, Which has the con
comitant advantage of immediate knoWledge of authoriza
for signal matches 5, particularly for ?nding initial signals
21 When submission 9 solely comprises signature 4s. Keys
tion failure 86, alloWing Wrong key trajectory 7w protocol
6 may be sorted. For example, keys 6 for initial signals 21
may be arranged in binary sorted order by signal type 21 and
FIG. 17 depicts the validation 18 process, Which is similar
regardless Whether post-submission validation 180 or incre
mental validation 181 is employed.
interposing.
signal 2.
Key ?les 8 may be organized by account, or by transmis
sion type 11. Key ?les 8 may be organized by signal type 21,
With keys 6 Within ?les 8 organized by input ordinal.
65
Incremental validation 181 may commence once the ?rst
transmission 1 completes, or, in a more sophisticated
embodiment, ongoing 88 With signal input 2. In a concurrent
US 7,350,078 B1
10
validation 181 embodiment, initial signal keys may be
accumulated 50 and subsequent unmatched keys discarded
While access 39 may marginally be accelerated by incre
51 concurrent With transmission 1, on a signal-by-signal 2
basis.
rapidly facilitated, as continued input 2 of a submission 9
that cannot possibly be validated 18 may be interrupted so
mental validation 18, only lack is authorization 86 is notably
Validation 18 commences by accumulating possible keys
that a user may retry 63.
FIG. 19 depicts an example of an embodiment employing
55 based upon signal match 54 betWeen signals 2 of the ?rst
transmission 1 and possible initial signal keys 52. For
subsequent transmissions 1, accumulated keys are discarded
59 by failure to match signals 57. Match results 33 are
passed to authorization 27 When there are no keys remaining
73 or no next key trajectories 7 for remaining keys 75. As
long as there are remaining keys 34 With next key traj ecto
ries 74, the process of discarding keys that don’t match 51
a Wrong trajectory protocol 7w. Wrong trajectory protocol
7w is employed as a means of obfuscation targeted at
computer monitoring devices. In the depicted example, keys
6 are constructed With multiple key trajectories 7, With at
least one trajectory to a succeeding key 6 Whereupon autho
rization 27 may succeed 72, and at least one trajectory 7w
Whereupon access 39 is hopeless (fake keys 6w). In the
example, signal match 77 in the initial key 77 in the initial
key ?le 81 mismatches. In this case, key trajectory 7w leads
continues 818.
FIGS. 18 & 19 depict examples of the access authenti
cation 97 process. FIGS. 18 & 19 illustrate an example of
to a fake key 6w that cannot result in successful authoriza
one-to-one correspondence betWeen signal match 5 and key
tion 86: Whatever key 6 or key ?le 8 pinball is used,
6. Through access to one or more keys 6 Which may reside
authorization fails 86.
in one or more key ?les 8, validation 18 produces signal
match results 33, upon Which authorization 27 permits
Trajectories 7 may be selected non-deterministically. This
suggestion is most effective When there are multiple possible
access 29, alloWs retry 28 of submission 9, or denies access
37.
20
augur either for authorization success 72 or failure 86.
For example, a key 6 may contain six next key trajectories
7, three of Which are Wrong key trajectories 7w. Depending
Full submission 9 comprises a set of signals 2 upon Which
access 39 may be granted 72. Incomplete submission 9
comprises a set of signals 2 to Which additional user input is
ongoing 88, and for Which by themselves 2 authorization 27
25
Would not succeed 86.
is to a key 61 in a key ?le 81 determined by signal type 21.
Keep in mind that this process may be repeated for all
35
40
45
recording user input signals by type from at least one
user-selected device among a plurality of selectable
user input devices,
50
2 narroW validation 18 to a single account by a sequential
process of elimination.
So, With incremental validation 181 there may need to be
least one input device, and
Wherein at least one user-selectable input device alfords
recording a plurality of signal types, and
Wherein a signal type comprises a category, among a
plurality of possible categories, of measurable variable
55
input associated With at least one user-selectable input
device;
terminating said recording;
be considered.
In the example of FIG. 18, validation 18 accesses three
creating a signature based at least in part upon said
key ?les 8 through successive key trajectories 7, bundling
60
recording; and
storing said signature.
2. The method according to claim 1, Wherein said record
example, input signals 2 are validated 18 in input order
interactively With input 2. In other Words, validation 18 is
ing comprises signals from a plurality of user-selected
devices.
incrementally contemporaneous 88 With submission 9. In an
3. The method according to claim 1, further comprising
alternate embodiment With alternate sequencing 15, input
9 is completed 46. The described example facilitates rapid
authorization 27 by incremental validation 18. Actually,
1. A computer-implemented method for creating a signa
ture for subsequent authentication comprising:
Wherein a signal comprises a set of related softWare
recognizable data of the same type received from at
transmission 1 to tWo possible accounts meriting validation
signal 2 validation 18 may not commence until submission
The invention claimed is:
recording;
tiple signal matches 5, narroWing possibilities in the initial
match results 33 for authorization 27. In the depicted
one example. In some embodiments, validation protocol 18
authorizing 27 access 39 may use different trajectories 7.
Duplicate signal matches 5 in different keys 6 in the same or
indicating to a user commencement of signature input
time (in this example) for the correct user. In this example,
the key 6 With rhythm 211 signal match 5 may have
a plurality of input signals 2 before signal match 5 may
effectively commence. In the example above, Where key
rhythm 211 is the ?rst signal 2 to be matched 5, tWo key code
210 signals 2 must be input before key rhythm 211 may even
As described, validation protocols 18 may vary, and
different protocols may be combined. Multiple non-deter
different key ?les 8 may be employed to have various paths
to authorization 27. As another suggestion, different signal
sequencing 15 may be employed to differ trajectories 7.
rhythm is the timing betWeen successive keystrokes), this
18 consideration. In this example, subsequent input signals
to the same key 6.
ministic trajectory 7 paths, including Wrong trajectory 7w, is
21 Would also ?nd a match 5 after the second key code (as
sequence packaging 15 indicating that key code 210 is
ignored for this transmission 1. So, in this example of
incremental validation 181, initial signal input 2 has mul
example presupposes sequences of keys 6 strung together by
different (possibly duplicate) keys 6 that later converge back
30
signals 2: key (character) codes 210, and timing of key
strokes (rhythm) 211. As an example, a key unit 16 of key
code signal type 21 might be accessed to search keys 6 for
signal matches 5 of key code 210 signals 2. It may be, for
example, that user-selected signal selection Was employed,
With initial key code 210 signals 2 for the ?rst input to be
ignored, and key rhythm 211 used. A key code 210 match 5
may be found, but it Would be Wrong in this example, though
With incremental signal matching 5, this Would not be
knoWn at ?rst. A key unit 8 of key rhythm 211 signal types
upon signal match 5 results, one of the three right or Wrong
trajectories 7 are non-deterministically chosen. This
next key trajectories 7 that play out to authorization 27. It is
possible for different next key trajectories 7 to diverge to
In an example depicted by FIG. 18, the ?rst trajectory 71
possible initial keys 61. For example, consider key 108
transmission 1 input 2, With tWo possible corresponding
trajectories 7, including Wrong key trajectories 7w, that
65
receiving user selection of at least one signal type from a
plurality of signal types associated With at least one user
input device.
US 7,350,078 B1
11
12
4. The method according to claim 1, further comprising
passively terminating authentication comparison of a sub
sequent signature submission to said recording,
Wherein a key comprises at least in part a portion of a
previously stored signature,
Wherein said signature divisible into portions,
thereby authenticating said subsequent signature; and
Wherein said keys associating portions sequentially either
integrally or by reference;
subsequently, iteratively receiving a plurality of portions
Wherein said signature comprises at least in part signal
input that is user-controllable in duration.
5. The method according to claim 1, further comprising:
comparing a subsequent signature submission to said
of user input data and performing a corresponding
authentication step for each portion,
recording,
Wherein, upon receiving each subsequent portion after
said ?rst portion, discarding from further processing
and accepting said comparison Within a predetermined
degree of inexactness,
previously accumulated keys based upon failure in
matching respective key data to said user input data
thereby authenticating said subsequent signature.
6. The method according to claim 5, Wherein said prede
termined degree comprises a user-designated tolerance.
7. The method according to claim 1, further comprising
portion; and
Whereby continuing said iterative process until complet
ing authentication by matching said last key to corre
presenting at least a portion of said recording to said user for
sponding said user input data portion, or by process of
editing,
elimination determining authentication impossible.
Wherein said recording does not entirely comprise text
17. The method according to claim 16, Wherein accepting
character codes.
said match Within a designated tolerance of inexactness.
8. The method according to claim 1, further comprising
18. The method according to claim 16, Wherein accessing
at least one key by reference from another key.
19. The method according to claim 16, Wherein said ?rst
editing said recording,
Wherein said signature is not entirely comprised of text
character codes.
portion comprises input from a plurality of devices.
20. A computer-implemented method for storing the sig
9. A computer-implemented method for creating a signa
ture for subsequent authentication comprising:
natures of a plurality of users comprising:
receiving user selection of at least one signal type among
recording a plurality of signatures comprising data of a
a plurality of selectable signal types;
recording input data of at least one signal type from at
plurality of transmission types and signal types,
Wherein a transmission type comprises indicia of a user
least one user-selected input device among a plurality
of selectable user input devices,
30
Wherein a signal type comprises a category, among a
Wherein a signal type comprises a category, among a
plurality of possible categories, of measurable variable
plurality of possible categories, of measurable variable
input associated With at least one user-selectable input
device,
and Wherein at least one user-selectable input device
selected input device among a plurality of user-select
able devices,
35
input associated With at least one user input device, and
Wherein at least tWo signals types are associated With at
least one single input device; and
partitioning said signature data by transmission type and
affords recording a plurality of signal types; and
creating a signature comprising at least in part at least a
by signal type.
portion of said input data of said user-selected signal
types; and
21. The method according to claim 20, further comprising
storing a signature at least in part by partitioning said
storing said signature.
10. The method according to claim 9, Wherein said
recording comprises a plurality of user-selected devices.
11. The method according to claim 9, such that said
signature into portions by signal type,
recording precedes said receiving signal type selection.
22. A computer-implemented method for creating a sig
nature comprising:
recording user input of a plurality of signal types from at
12. The method according to claim 9, Wherein at least one
such that at least one portion references another portion of
said signature.
45
said signal type comprises input from a plurality of devices.
13. The method according to claim 9, further comprising:
comparing a subsequent signature submission to said
least one user-selected device among a plurality of
user-selectable devices,
recording,
and accepting said comparison Within a designated toler
Wherein a signal type comprises a category, among a
50
ance of inexactness,
receiving user selection among those signal types
14. The method according to claim 9, further comprising
recorded,
editing said recording,
Wherein said signature is not entirely comprised of text
55
character codes.
15. The method according to claim 9, Wherein said
authenticating a signature While receiving user input com
receiving a ?rst portion of user input data;
accumulating keys based upon matching correspondingly
key data to said ?rst portion of user input data,
Whereby receiving user selection of at least one less signal
type than recorded for said device;
creating a signature comprising at least in part said
user-selected signal types.
recording comprises a plurality of user-selected signal types.
16. A computer-implemented method for incrementally
prising:
plurality of possible categories, of measurable variable
input associated With at least one user input device;
thereby authenticating said subsequent signature.
60
23. The method according to claim 22, further comprising
receiving user indication to edit said signature,
Wherein said signature is not entirely comprised of text
character codes.
]]>
Disclaimer: Justia Dockets & Filings provides public litigation records from the federal appellate and district courts. These filings and docket sheets should not be considered findings of fact or liability, nor do they necessarily reflect the view of Justia.
Why Is My Information Online?
