Techniques for presenting network identities at a human interface
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-007/58
G06F-015/16
G06K-019/00
출원번호
UP-0045664
(2005-01-29)
등록번호
US-7552464
(2009-07-01)
발명자
/ 주소
Turner, Bryan
Toebes, John
출원인 / 주소
Cisco Technology, Inc.
대리인 / 주소
Stolowitz Ford Cowger LLP
인용정보
피인용 횟수 :
2인용 특허 :
5
초록▼
Techniques for presenting identification of a remote network entity to a human user include determining one or more vectors of presentation elements that are readily distinguishable and memorable to a user. Message data is received from a remote process on the network and includes a network identity
Techniques for presenting identification of a remote network entity to a human user include determining one or more vectors of presentation elements that are readily distinguishable and memorable to a user. Message data is received from a remote process on the network and includes a network identity that uniquely identifies an associated remote entity. The network identity is input to a secure function to produce a secure number. A secure function produces dissimilar output values for similar input values. A particular presentation element is selected from a vector based only on the secure number and presented to the user. Even when the network identity is similar to that of a trusted entity, the particular presentation element is expected to be dissimilar to one associated with the trusted entity.
대표청구항▼
What is claimed is: 1. A method for presenting, to a human user, identification for a remote entity on a computer network, comprising: determining a first vector that contains a sequence of a first plurality of presentation elements that are readily distinguishable by a particular human user and re
What is claimed is: 1. A method for presenting, to a human user, identification for a remote entity on a computer network, comprising: determining a first vector that contains a sequence of a first plurality of presentation elements that are readily distinguishable by a particular human user and readily remembered by the particular human user, wherein the first vector contains a first number of presentation elements; receiving, from a remote process on the computer network, message data that includes network identification data that uniquely identifies a remote entity associated with the remote process; after determining the first vector, inputting the network identification data to a first secure function to produce a first secure number, wherein the first secure function produces dissimilar output values for similar input values; selecting a first particular presentation element from the first vector based only on the first secure number; and presenting to the particular human user the first particular presentation element, whereby when a portion of the network identification data is similar to a portion of a trusted network identification data for a trusted remote entity, the first particular presentation element is expected to be dissimilar compared to a trusted presentation element selected from the first vector based on a trusted secure number generated by inputting the trusted network identification data into the first secure function. 2. The method as recited in claim 1, further comprising: determining a second vector that contains a sequence of a second plurality of presentation elements that are readily distinguishable by the particular human user and readily remembered by the particular human user, wherein the second vector contains a second number of presentation elements; selecting a second particular presentation element from the second vector based on a second secure number; and presenting to the particular human user the second particular presentation element. 3. The method as recited in claim 2, wherein the second secure number is the same as the first secure number. 4. The method as recited in claim 2, further comprising after determining the second vector, inputting the network identification data and fixed data associated with the network identification data to the first secure function to produce the second secure number that is different than the first secure number. 5. The method as recited in claim 2, further comprising after determining the second vector, inputting the network identification data to a second secure function to produce the second secure number that is different than the first secure number. 6. The method as recited in claim 2, wherein the second vector is the same as the first vector. 7. The method as recited in claim 2, said step of determining the second vector further comprising determining the second vector that is different than the first vector by performing at least one of the following steps: forming the sequence of the second plurality of presentation elements by establishing a different sequence of the first plurality of presentation elements; selecting the second number of elements from the first plurality of presentation elements, wherein the second number is different than the first number; and including in the second plurality of presentation elements a presentation element that is not in the first plurality of presentation elements. 8. The method as recited in claim 2, further comprising: determining a third vector that contains a sequence of a third plurality of presentation elements that are readily distinguishable by the particular human user and readily remembered by the particular human user, wherein the third vector contains a third number of presentation elements; selecting a third particular presentation element from the third vector based on a third secure number; and presenting to the particular human user the third particular presentation element. 9. The method as recited in claim 1, said step of generating the first secure number further comprising inputting the network identification data into a hash function. 10. The method as recited in claim 1, said step of generating the first secure number further comprising inputting the network identification data and fixed data associated with the network identification data into a hash function. 11. The method as recited in claim 1, said step of determining the first vector further comprising: receiving data that defines a plurality of different vectors that include the first vector; and receiving data that indicates a selection of the first vector without making the selection known over the network. 12. The method as recited in claim 11, said step of receiving data that indicates the selection of the first vector further comprising receiving the data manually input by the particular human user. 13. The method as recited in claim 11, said step of receiving data that indicates the selection of the first vector further comprising receiving the data stored on a device controlled only by the particular human user. 14. The method as recited in claim 1, further comprising: determining whether the network identification data is included on a trustworthy list of one or more network identification data values; and if it is determined that the network identification data is not included on the trustworthy list, then presenting to the particular human user warning data that indicates that the message data is from a remote entity that is not trusted. 15. The method as recited in claim 11, said step of receiving data that indicates the selection of the first vector further comprising receiving the data securely from a trusted server on the network. 16. A computer-readable medium carrying one or more sequences of instructions for presenting, to a human user, identification for a remote entity on a computer network, wherein execution of the one or more sequences of instructions by one or more processors causes the one or more processors to perform the steps of: determining a first vector that contains a sequence of a first plurality of presentation elements that are readily distinguishable by a particular human user and readily remembered by the particular human user, wherein the first vector contains a first number of presentation elements; receiving, from a remote process on the computer network, message data that includes network identification data that uniquely identifies a remote entity associated with the remote process; after determining the first vector, inputting the network identification data to a first secure function to produce a first secure number, wherein the first secure function produces dissimilar output values for similar input values; selecting a first particular presentation element from the first vector based only on the first secure number; and presenting to the particular human user the first particular presentation element, whereby when a portion of the network identification data is similar to a portion of a trusted network identification data for a trusted remote entity, the first particular presentation element is expected to be dissimilar compared to a trusted presentation element selected from the first vector based on a trusted secure number generated by inputting the trusted network identification data into the first secure function. 17. The computer-readable medium as recited in claim 16, wherein the execution of the one or more sequences of instructions further causes the one or more processors to perform the steps of: determining a second vector that contains a sequence of a second plurality of presentation elements that are readily distinguishable by the particular human user and readily remembered by the particular human user, wherein the second vector contains a second number of presentation elements; selecting a second particular presentation element from the second vector based on a second secure number; and presenting to the particular human user the second particular presentation element. 18. The computer-readable medium as recited in claim 16, said step of determining the first vector further comprising: receiving data that defines a plurality of different vectors that include the first vector; and receiving data that indicates a selection of the first vector without making the selection known over the network. 19. The computer-readable medium as recited in claim 18, said step of receiving the data that indicates the selection of the first vector further comprising receiving the data manually input by the particular human user. 20. The computer-readable medium as recited in claim 18, said step of receiving the data that indicates the selection of the first vector further comprising receiving the data stored on a device controlled only by the particular human user. 21. The computer-readable medium as recited in claim 16, wherein the execution of the one or more sequences of instructions further causes the one or more processors to perform the steps of: determining whether the network identification data is included on a trustworthy list of one or more network identification data values; and if it is determined that the network identification data is not included on the trustworthy list, then presenting to the particular human user warning data that indicates that the message data is from a remote entity that is not trusted. 22. An apparatus for presenting, to a human user, identification for a remote entity on a computer network, comprising: means for determining a first vector that contains a sequence of a first plurality of presentation elements that are readily distinguishable by a particular human user and readily remembered by the particular human user, wherein the first vector contains a first number of presentation elements; means for receiving, from a remote process on the computer network, message data that includes network identification data that uniquely identifies a remote entity associated with the remote process; means for inputting the network identification data to a first secure function to produce a first secure number, wherein a secure function produces dissimilar output values for similar input values; means for selecting a first particular presentation element from the first vector based only on the first secure number; and means for presenting to the particular human user the first particular presentation element, whereby when a portion of the network identification data is similar to a portion of a trusted network identification data for a trusted remote entity, the first particular presentation element is expected to be dissimilar compared to a trusted presentation element selected from the first vector based on a trusted secure number generated by inputting the trusted network identification data into the first secure function. 23. An apparatus for presenting, to a human user, identification for a remote entity on a computer network, comprising: a network interface that is coupled to a network for communicating therewith a data packet; a human interface presentation device; one or more processors; a computer-readable medium; and one or more sequences of instructions stored in the computer-readable medium, which, when executed by the one or more processors, causes the one or more processors to carry out the steps of: determining a first vector that contains a sequence of a first plurality of presentation elements that are readily distinguishable by a particular human user and readily remembered by the particular human user, wherein the first vector contains a first number of presentation elements; receiving on the network interface from a remote process on the computer network, message data that includes network identification data that uniquely identifies a remote entity associated with the remote process; after determining the first vector, inputting the network identification data to a first secure function to produce a first secure number, wherein a secure function produces dissimilar output values for similar input values; selecting a first particular presentation element from the first vector based only on the first secure number; and presenting on the human interface presentation device the first particular presentation element, whereby when a portion of the network identification data is similar to a portion of a trusted network identification data for a trusted remote entity, the first particular presentation is expected to be dissimilar compared to a trusted presentation element selected from the first vector based on a trusted secure number generated by inputting the trusted network identification data into the first secure function. 24. The apparatus as recited in claim 23, wherein the execution of the one or more sequences of instructions further causes the one or more processors to carry out the steps of: determining a second vector that contains a sequence of a second plurality of presentation elements that are readily distinguishable by the particular human user and readily remembered by the particular human user, wherein the second vector contains a second number of presentation elements; selecting a second particular presentation element from the second vector based on a second secure number; and presenting to the particular human user the second particular presentation element. 25. The apparatus as recited in claim 24, wherein the second secure number is the same as the first secure number. 26. The apparatus as recited in claim 24, wherein the execution of the one or more sequences of instructions further causes the one or more processors to carry out the step of, after determining the second vector, inputting the network identification data and fixed data associated with the network identification data to the first secure function to produce the second secure number that is different than the first secure number. 27. The apparatus as recited in claim 24, wherein the execution of the one or more sequences of instructions further causes the one or more processors to carry out the step of, after determining the second vector, inputting the network identification data to a second secure function to produce the second secure number that is different than the first secure number. 28. The apparatus as recited in claim 24, wherein the second vector is the same as the first vector. 29. The apparatus as recited in claim 24, said step of determining the second vector further comprising determining that the second vector is different than the first vector by performing at least one of the following steps: forming the sequence of the second plurality of presentation elements by establishing a different sequence of the first plurality of presentation elements; selecting the second number of presentation elements from the first plurality of presentation elements, wherein the second number is different than the first number; and including in the second plurality of presentation elements a presentation element that is not in the first plurality of presentation elements. 30. The apparatus as recited in claim 24, wherein the execution of the one or more sequences of instructions further causes the one or more processors to carry out the steps of: determining a third vector that contains a sequence of a third plurality of presentation elements that are readily distinguishable by the particular human user and readily remembered by the particular human user, wherein the third vector contains a third number of presentation elements; selecting a third particular presentation element from the third vector based on a third secure number; and presenting to the particular human user the third particular presentation element. 31. The apparatus as recited in claim 23, said step of generating the first secure number further comprising inputting the network identification data into a hash function. 32. The apparatus as recited in claim 23, said step of generating the first secure number further comprising inputting the network identification data and fixed data associated with the network identification data into a hash function. 33. The apparatus as recited in claim 23, said step of determining the first vector further comprising: receiving data that defines a plurality of different vectors that include the first vector; and receiving data that indicates a selection of the first vector without making the selection known over the network. 34. The apparatus as recited in claim 33, said step of receiving the data that indicates the selection of the first vector further comprising receiving data manually input by the particular human user. 35. The apparatus as recited in claim 33, said step of receiving the data that indicates the selection of the first vector further comprising receiving data stored on a device controlled only by the particular human. 36. The apparatus as recited in claim 23, wherein the execution of the one or more sequences of instructions further causes the one or more processors to carry out the steps of: determining whether the network identification data is included on a trustworthy list of one or more network identification data values; and if it is determined that the network identification data is not included on the trustworthy list, then presenting to the particular human user warning data that indicates that the message data is from a remote entity that is not trusted. 37. The apparatus as recited in claim 33, said step of receiving the data that indicates the selection of the first vector further comprising receiving data securely from a trusted server on the network.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (5)
Robert W. Means ; Richard Calmbach, Cortronic neural networks with distributed processing.
Aziz Ashar (Fremont CA) Mulligan Geoffrey (Fremont CA) Patterson Martin (Grenoble FRX) Scott Glenn (Sunnyvale CA), System for signatureless transmission and reception of data packets between computer networks.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.