发明名称 |
Access request authentication and authorization information generation |
摘要 |
An access request authentication method, an authorization information generation method, an access request authentication system, and a hardware device. The access request authentication method includes: obtaining the current clock information; receiving a first access request, where the first access request includes a first input code; and determining whether to authorize the first access request based on the current clock information and the first input code. |
申请公布号 |
US9032507(B2) |
申请公布日期 |
2015.05.12 |
申请号 |
US201313778310 |
申请日期 |
2013.02.27 |
申请人 |
International Business Machines Corporation |
发明人 |
Guo Chang Jie;Lin Hongbin;Ji Peng;Li Feng;Ma Qian;Yang Lin;Zhang Yu |
分类号 |
G06F21/31;G06F21/62 |
主分类号 |
G06F21/31 |
代理机构 |
|
代理人 |
Edwards Mark G.;Tang Jeff |
主权项 |
1. An access request authentication method, comprising:
receiving a first access request that includes a first input code,
wherein the first input code is generated by an authorization generation system configured to select a password from a password matrix according to a first pointer that moves randomly with time, andwherein the first input code includes an authorization duration condition and a first password that corresponds with an authorization start time; and determining, by an authentication system configured to generate a same password as the first password, whether to authorize the first access request by:
obtaining a current clock information;generating a password sequence having a plurality of passwords based on the current clock information;determining the authorization start time by searching for the first password in the password sequence;authorizing access when a result of the search indicates that the current clock information is not earlier than the authorization start time; providing a temporary code by the authentication system in response to determining to authorize the first access request, wherein the first input code has a first length, and the temporary input code has a second length shorter than the first length; granting the temporary code validity while the first access request is authorized; receiving a second access request, wherein the second access request includes a second input code; and determining whether to authorize the second access request by comparing the temporary code with the second input code. |
地址 |
Armonk NY US |