| 摘要 |
A security system and method for authenticating a user's access to a target system is disclosed. The security system receives an authentication request from the user and generates a security matrix which comprises a mapping between each symbol within a symbol set and a code value randomly selected from a distinct code set. The number of elements in the symbol set and in the code set are selected to provide a predetermined level of security against capture of a user-defined keyword by an unauthorised observer. The security system sends the security matrix to the user and awaits a one-time code in response. The user forms the one-time code based on the user keyword and the security matrix. The security system validates the one-time code against the security matrix and the keyword to determine an authentication result, permitting or denying the user access to the target system. |
