| 摘要 |
A method and system for determining whether user accounts in a client-server architecture are legitimate is described, the method and system including determining a first integer value, hereinafter denoted N, and a second integer value, hereinafter denoted K, such that K<N, receiving a request at a server from one client device of a plurality of client devices, the request including a unique user identification and a password, the request being a request to access an object, the unique user identification and password being associated with a particular user, sending from the server, at least K times, to one client device of the plurality of client devices a share to be stored in a state object stored on the one client device to which any share is sent on behalf of the server, verifying at the server that one client device of the plurality of client devices has at least K stored shares in the state object, as a positive result of the verifying, flagging in a database that a user account associated with the unique user identification and password received by the server is a legitimate user account, as a negative result of the verifying, and only if at least N−(N/K)+1 shares have been sent, flagging the user account associated with the unique user identification and password received by the server as an illegitimate user account, after sending at least N−(N/K)+1 shares from the server, repeating the sending, determining, and verifying steps. Related methods, systems and hardware are also described. |
| 主权项 |
1. A method for determining whether user accounts in a client-server architecture are legitimate, the method comprising:
determining a first integer value, hereinafter denoted N, and a second integer value, hereinafter denoted K, such that 1<K<N; performing, by the server, the following steps, while the server is connected to a plurality of client devices ranging from at least two client devices to at most floor (N/K) client devices, the client devices associated with a particular user and at least K/N connections of the particular user connections to the server are from one client device, wherein the at most floor (N/K) client devices comprises a maximum number of client devices connectable to the server within a predetermined time period:
(a) receiving a request at the server from one of the plurality of client devices, the request including a unique user identification and a password, the request being a request to access an object, the unique user identification and password being associated with an account associated with the particular user;(b) providing a share to be stored in a state object to the one of the plurality of client devices, in response to the request, wherein the state object comprises an object received from the server to which the server has both read and write privileges;(c) after sending the share from the server, at least K times, to the plurality of client devices associated with the account associated with the particular user, and prior to sending at least N-floor(N/K)+1 shares from the server, verifying at the server that one client device of the plurality of client devices has at least K stored shares in the state object;as a positive result of the verifying, flagging in a database that the account associated with the particular user associated with the unique user identification and password received by the server is a legitimate user account;as a negative result of the verifying, flagging the account associated with the particular user associated with the unique user identification and password received by the server as an illegitimate user account;repeating steps (a)-(c) at least once after sending at least N-floor(N/K)+1 shares from the server, wherein the server zeros a counter of a number of shares sent prior to the repeating. |
