| 发明名称 | Distributed authentication against stored user identifiers and user templates via pseudonym association | ||
| 摘要 | An authentication system including a first server configured to store identifiers of respective users in association with respective pseudonyms, and a second server configured to store templates of the respective users in association with the respective pseudonyms. Input is received from a given user in conjunction with an authentication attempt. The first server is configured to determine if a first portion of the received input is associated with one of the user identifiers stored in the first server. If the first portion of the received input is associated with one of the user identifiers stored in the first server, the corresponding pseudonym is provided from the first server to the second server. The given user is authenticated based on a determination as to whether or not a second portion of the received input matches one of the stored user templates corresponding to the pseudonym provided to the second server. | ||
| 申请公布号 | US9043890(B1) | 申请公布日期 | 2015.05.26 |
| 申请号 | US201313905600 | 申请日期 | 2013.05.30 |
| 申请人 | EMC Corporation | 发明人 | Luo Guoying;Juels Ari |
| 分类号 | G06F21/00;G06F21/31;G06F21/32;H04L29/06 | 主分类号 | G06F21/00 |
| 代理机构 | Ryan, Mason & Lewis, LLP | 代理人 | Ryan, Mason & Lewis, LLP |
| 主权项 | 1. A method comprising: storing in a first server identifiers of respective users in association with respective pseudonyms; storing in a second server templates of the respective users in association with the respective pseudonyms; receiving input from a given user in conjunction with an authentication attempt; determining if a first portion of the received input is associated with one of the user identifiers stored in the first server; if the first portion of the received input is associated with one of the user identifiers stored in the first server, providing the corresponding pseudonym from the first server to the second server; and authenticating the given user based on a determination as to whether or not a second portion of the received input matches one of the stored user templates corresponding to the pseudonym provided to the second server; wherein the second portion of the received input comprises a sample provided by the given user, the sample comprising biometric data; wherein the first server and the second server are distinct from each other; wherein storing user identifiers in the first server in association with the respective pseudonyms comprises storing in the first server a set of first tuples, where one element of a given one of the first tuples denotes a given one of the user identifiers, and another element of the given first tuple denotes the corresponding one of the pseudonyms; wherein storing user templates in the second server in association with the respective pseudonyms comprises storing in the second server a set of second tuples, where one element of a given one of the second tuples denotes a given one of the user templates, and another element of the given second tuple denotes the corresponding one of the pseudonyms; and wherein the pseudonyms comprise respective random values. | ||
| 地址 | Hopkinton MA US | ||