The disclosed subject matter relates generally to passwords and user authentication and, more particularly, to systems for generation of user authentication credentials, user authentication, and user authentication credential recovery facilitated by images, and supporting methods and devices.
Passwords, commonly implemented as a secret word or phrase, authenticate a user prior to being granted access to a place, organization, computer system, etc. Regarding computer system access, passwords traditionally comprise a sequence of characters that are required to be entered into a computer to gain access to a part of the computer system, and passwords traditionally comprise a combination of numerical, alphabetic, or symbolic characters.
However, computer systems can have different policies and technical requirements regarding password generation, use, and/or forgotten or lost password recovery. This, in turn, can result in users having to remember passwords, secret answers to questions, and so on from the multitude of systems with which they are associated. As a consequence, passwords are frequently chosen by users primarily on the basis that the password is easily remembered by the user. This can result in low security passwords being employed with attendant security risks. As an example, users can be tempted to use a previously memorized password character sequence, such as a significant date, a personal identification number, a telephone number, and so on.
As a result of a history of compromised passwords and user accounts, computer systems have used increasingly sophisticated password generation and recovery techniques, which have forced complicated and onerous password policies upon users. As an example, users may be obliged to change their passwords frequently, users may be forced to choose passwords having special characters or passwords of a certain length and character combinations that have no special personal significance to users, and/or users may be administratively prohibited from copying such passwords down to avoid security breaches due to an errant or misplaced password. Consequently, users are ideally expected to memorize each individual password for the multitude of computer systems that they access, without any consideration of the frequency that these passwords must be changed, without consideration for the ability to memorize such a large number of complex character combinations, and without any meaningful way to commit such complex character combinations to memory. Despite any restrictions to the contrary, users may opt to save their passwords in an insecure location, such as an easily accessed notepad or an unencrypted computer file, to avoid being inconvenienced by a computer system's rejection of erroneous password entries.
Thus, computer users and computer systems remain vulnerable to determined computer criminals using well-proven techniques, which can exploit the constantly conflicting goals of improving computer and user account security and computer system usability as evidenced by the inability to account for and remember passwords from a multitude of systems. Moreover, to allow users that forget their passwords to gain access to computer systems, increasing amounts of personal data are requested to facilitate user verification prior to sending or resetting a lost or forgotten password. Ultimately, a telephone call to a help desk can be the only step that can restore access to automated computer systems; a process that is cumbersome, costly, and partially negates the benefits of automated computer systems in the first instance.
In addition, although attempts have been made to implement user authentication using one or more image(s) or a combination of images and/or character strings, the problem of users having to remember passwords or their image related equivalents remains a formidable challenge. As such, a user authentication strategy that triggers a user's memory beyond simple visual memory triggering facilitated by image representations would provide users an enhanced ability to remember passwords or user authentication credentials and thereby limit cumbersome and costly tech support intervention for lost of forgotten passwords.
The above-described deficiencies are merely intended to provide an overview of some of the problems encountered in user authentication credential generation and recovery, user authentication, and supporting methods and devices and are not intended to be exhaustive. Other problems with conventional systems and corresponding benefits of the various non-limiting embodiments described herein may become further apparent upon review of the following description.
A simplified summary is provided herein to help enable a basic or general understanding of various aspects of exemplary, non-limiting embodiments that follow in the more detailed description and the accompanying drawings. This summary is not intended, however, as an extensive or exhaustive overview. The sole purpose of this summary is to present some concepts related to the various exemplary non-limiting embodiments of the disclosed subject matter in a simplified form as a prelude to the more detailed description that follows.
In consideration of the above-described deficiencies of the state of the art, the disclosed subject matter provides apparatuses, related systems, and methods associated with user authentication credential generation, user authentication, and user authentication credential recovery facilitated by images.
According to various non-limiting aspects, the disclosed subject matter provides device, systems, and methods for generating a user authentication credential and user authentication facilitated by images, where a selection of images can correspond to a grammatical structure comprising disparate parts of speech. In further non-limiting implementations, the disclosed subject matter can facilitate displaying or presenting images based on a random or pseudo-random determination of images to be presented or displayed and/or based on a language processing algorithm, to facilitate generating a user authentication credential and/or user authentication.
Thus, in various non-limiting implementations, the disclosed subject matter provides systems, devices, and methods that facilitate generating, storing, transmitting, and/or verifying a user authentication credential to facilitate permitting access to a restricted access system or device, comparing the user authentication credential to a stored user authentication credential, resetting a stored user authentication credential, determining that a user is authorized to access a another user authentication credential, or granting access to restricted access information, and so on, etc.
These and other embodiments are described in more detail below.
The disclosed techniques and related systems and methods are further described with reference to the accompanying drawings in which:
Simplified overviews are provided in the present section to help enable a basic or general understanding of various aspects of exemplary, non-limiting embodiments that follow in the more detailed description and the accompanying drawings. This overview section is not intended, however, to be considered extensive or exhaustive. Instead, the sole purpose of the following embodiment overviews is to present some concepts related to some exemplary non-limiting embodiments of the disclosed subject matter in a simplified form as a prelude to the more detailed description of these and various other embodiments of the disclosed subject matter that follow.
It is understood that various modifications may be made by one skilled in the relevant art without departing from the scope of the disclosed subject matter. Accordingly, it is the intent to include within the scope of the disclosed subject matter those modifications, substitutions, and variations as may come to those skilled in the art based on the teachings herein.
As used in this application, the terms “component,” “module,” “system”, or the like can refer to a computer-related entity, either hardware, a combination of hardware and software, software, or software in execution. For example, a component may be, but is not limited to being, a process running on a processor, a processor, an object, an executable, a thread of execution, a program, and/or a computer. By way of illustration, both an application running on a controller and the controller can be a component. One or more component(s) may reside within a process and/or thread of execution and a component may be localized on one computer and/or distributed between two or more computers.
Also, the terms “user,” “mobile user,” “device,” “mobile device,” “computer system,” and so on can be used interchangeably to describe technological functionality (e.g., device, components, or sub-components thereof, combinations, and so on etc.) configured to at least receive and transmit electronic signals and information, or a user thereof, according to various aspects of the disclosed subject matter. Furthermore, depending on context, the terms “images,” “graphical images,” or the like can refer to digital information related to a visual representation associated with a person, a place, and/or a thing, to include an action, an emotion, a symbol, a character, a number, a shape, a part of speech, and the like, without limitation, whether photographic and/or synthesized using computer graphics techniques, and/or whether concerning real and/or abstract phenomena. For example, an image can be, but is not limited to being, a visual representation associated with a single identifiable thing (e.g., a person, a place, and/or a thing, etc.) and/or a visual representation associated with a multiple identifiable things (e.g., persons, places, and/or things, etc.), a combination of sub-images composing a scene, each of which can be referred to as an image. Thus, an identifying characteristic of an image, in whatever form, is that the image can be presented or displayed to a user, as described herein, according to techniques for user authentication credential generation and user authentication of the disclosed subject matter.
As further used in this application, the terms “user authentication credential,” “password,” and the like can refer to digital information that can facilitate one or more of determining whether a user or a thing (e.g., a device, a computer, etc.) is, in fact, who or what it is declared to be, determining whether to allow, permit, and/or deny a pending process, action, or result, etc., determining whether to allow access to a restricted access entity (e.g., a restricted access system, computer, device, account, service, information store, component, sub-component, and so on, or other entity that, without the user authentication credential, cannot be accessed, etc.), and so on. For example, as described herein, a user authentication credential can comprise one or more images or sub-images, one or more characters (e.g., letters, numbers, symbols, special characters, textual or non-textual characters, dialect-specific characters or symbols, and so on, etc.), one or more character strings (e.g., a number of characters, etc.), combinations thereof, and so on, without limitation. In addition, as used herein, the term “grammatical structure” can refer to a character string associated with one or more part(s) of speech (e.g., subject, noun, pronoun, verb, adjective, complement, direct object, an indirect object, preposition, an object of the preposition, conjunctions, interjections, and so on, etc.) that can comprise a sentence or phrase and/or portions thereof, as further exemplified below. Moreover, depending on context, as further used herein, the term “grammatical structure” can refer to a character string that can comprise one or more characters that are not associated with the one or more parts of speech, in addition to the one or more parts of speech, in lieu of the one or more parts of speech, or any combination thereof.
As described above, deficiencies in conventional user authentication schemes result from the conflicting goals of providing device, system, account, and personal information security, and usability as a result of the limited capacity of a user to remember the multitude of user authentication credentials for the numerous systems with which the user interacts. In addition, users can be presented with multiple credentials with which to interact with a system, device, or component, for instance, based on the technical level of the operations the user wishes to perform (e.g., simple access such as device unlocking, access advanced or administrative functions, etc.).
As an example regarding wireless devices, Device Lock codes, Subscriber Identity Module (SIM) personal identification numbers (PINs), and PIN Unlock Key (PUK) codes illustrate the requirement of having to remember various user authentication credentials when interacting with the security and functionality of a wireless device. A Device Lock code can be a security code on a device, including wireless devices, that can prevent unauthorized use. In one example, devices can have a preprogrammed code from the manufacturer, whereas in other examples devices can have a user-defined code. Whereas a Device Lock Code can be used to unlock basic user functionality of a wireless device, a SIM PIN can be used to prevent unauthorized use of a SIM card. In addition, a PUK code can be required to unlock SIM cards that have become locked following a number of successive incorrect PIN entries. These examples illustrate that, even with one simple device, users can be required to remember a number of distinct user authentication credentials.
One method of enabling a particular user to remember his or her user authentication credentials (e.g., a password, a passphrase, one or more image(s), one or more character string(s) any combination thereof, etc.) is to attach a personal significance to the user authentication credentials beyond the simple fact that the user authentication credentials enable access to a computer system, device, account, etc. For instance, personal significance can be of a pre-existing nature such as a pet's name, a favorite color, a previously memorized character sequence, such as a significant date, a personal identification number, a telephone number, and so on. However, as these instances are subject to data collection, data mining, and possible compromise, another option that creates a new personal significance (e.g., aside from the mere fact of being authentication credentials) would enhance a user's ability to remember his or her authentication credentials, without relying on information that could have been catalogued and/or is subsequently exploitable. For example, as described above, user authentication using one or more image(s) or a combination of images and character strings can have the ability to trigger a user's visual memory. In addition, a funny or peculiar turn of phrase or sentence can create a lasting memory due to the peculiarity or humor of the phrase or sentence personally attributed to the phrase or sentence by a user.
Accordingly, in various non-limiting implementations, the disclosed subject matter provides devices, systems, and methods for user authentication credential generation, user authentication, and user authentication credential recovery. In a non-limiting aspect, exemplary systems and supporting methods and devices can employ a plurality of images determined based in part on artificial intelligence such as language processing and generation to facilitate password generation and recovery and user authentication.
As a non-limiting example, an exemplary interface implementation can comprise a presentation of a multiple digit (e.g., such as three or more digits) “drum” with one or more image(s) (e.g., with one or more symbol(s), picture(s), etc.) per digit presented to a user, where each digit can have a number of rotating image cells associated with a digit, for instance, as further described herein, regarding
In further non-limiting implementations, each digit can represent one of a number of disparate parts of speech responsible for a certain part of a sentence. For instance, a minimal exemplary sentence can comprise a subject (e.g., a noun, a pronoun, etc.) and a verb, non-limiting embodiments of such minimal sentences can include combinations of subject and verb as Follows: “Boy runs.; Sun rises.; Airplanes fly.;” and so on. More complex sentences can be of the form subject, verb, and adverb, non-limiting examples of such sentences can include as follows: “Boy runs slow.; Sun rises early.; Airplanes fly low.;” and so on. In addition, more complex sentences can include other parts of speech beyond subject, verb, and adverb, such as, without limitation, adjectives, prepositions, direct objects, and so on, for example. In themselves, these sentences are not particularly memorable and/or are not likely to generate personal significance for a user such that, as part of a user authentication credential, the user authentication credential is not likely to be particularly memorable.
However, according to a non-limiting aspect, upon a user, or a device on behalf of the user, initiating a run of the exemplary interface “drum,” the interface can generate a random (e.g., random or pseudo-random) combination of images, where the image cells associated with the one or more image(s) corresponding to each digit can be randomly or pseudo-randomly determined for each digit. Thus, images presented or displayed, and/or respective labels, can appear in a random or pseudo-random fashion, leading the user to experience humorous or peculiar turns of phrase or sentences that can facilitate generating memorable user authentication credentials.
For instance, in an exemplary implementation such as further described below regarding
For instance, as a result of a proposed artificially generated user authentication credential that does not coincide with the well-established figure of speech, the system can generate a nonsense sentence or turn of phrase (e.g., for a system that presents labels with the images), or the images can be interpreted by the user as a peculiar sentence or turn of phrase. For example, the nonsense verse poem, “Jabberwocky,” written by Lewis Carroll in the1872 novel, “Through the Looking-Glass, and What Alice Found There,” is particularly memorable in its peculiarity. Based on this principle of a peculiarity being innately memorable, which can cause a user authentication credential to be especially memorable (e.g., for a system that presents labels with the images), the user authentication credential can achieve personal significance for the user (e.g., via interpretation of the images into a peculiar sentence or turn of phrase, etc), which can be difficult to guess due to a user's distinct interpretation of the images in the presented image cells.
In another non-limiting aspect, if a user does not like a proposed user authentication credential in the form of the presented images of the image cells, or if it is inconvenient or difficult to the user to remember, systems and devices as described herein can generate a new user authentication credential in the form of newly presented image cells and/or respective labels.
In other non-limiting implementations as described above, each digit of the drum can comprise a number of images in the image cells, and each image of the image cells can comprise a number of images or sub-images to comprise a scene, as further described below regarding
As described in more detail below, a number of variations and options are possible within the scope of the disclosed subject matter. As a brief overview, in addition to the above-described variations, the number of instances that a user is permitted to respond with the user's authentication credentials can be varied, and/or the number of “digits,” parts of speech, “image cells,” images per image cell, and so on can also be varied. In addition, the type of user authentication credential can also be varied. As non-limiting examples, the credential can be in the form of a set of selected pictures, a system-generated nonsense sentence (e.g., for a system that presents labels with images), a user-generated nonsense sentence prompted by the exemplary interface presentation of the images of the image cells, combinations thereof, and so on. As a further non-limiting example, upon a user attempting to respond to a challenge soliciting a user authentication credential, the user can respond with the user authentication credential by manually spinning the “digits” of the “drum” (e.g., scrolling through sets of images) and submitting the user input based on the selection, the user can enter the user authentication credential in the form of a character string, or can enter the user input in any combination thereof.
Thus, in a particular non-limiting aspect, the user is not required to remember an exact secret phrase as a user authentication credential. Instead, the user can recall the user authentication credential, drawing on the user's visual memory while scrolling through each image of the image cells (e.g., either with or without labels presented), by manually scrolling the images of the “drum,” in addition to the utilizing an ability to recall the user authentication credential by virtue of the peculiar or nonsensical nature of the sentence or turn of phrase. In this sense, an exemplary interface can prompt the user visually and/or verbally in addition to drawing on the user's ability to memorize peculiar or nonsense sentences or turns of phrase.
In addition, in other non-limiting implementations, an exemplary system or device can periodically prompt a user to determine whether the user can remember the user authentication credential, and if the user has not, the exemplary system can present options to reset an expired user authentication credential and/or can present options recover a lost or forgotten user authentication credential. In still other non-limiting implementations, various embodiments of the disclosed subject matter can be employed to, for example, access other user authentication credentials, similar to the SIM/PIN/PUK examples, as described above.
In still further non-limiting implementations, one or more image(s) that are displayed or presented can be associated with one or more other character strings, which are not indicative of the content of the one or more image(s). As a non-limiting example, consider two images that comprise content that can be associated with respective labels, “silly” and “dog” (e.g., an image of a clown hat associated with “silly,” and an image associated with “dog,” etc.). These two images can also be associated with one or more other character string(s), such as, “H7t” and “k09J72,” respectively (e.g., an image associated with “H7t,” and an image associated with “k09J72”, etc.), such that user input accepted or received can comprise a character string, “H7tk09J72”, as a user authentication credential.
In a further non-limiting aspect, as further described herein, receiving or accepting input comprising a selection of images or a grammatical structure associated with a user authentication credential can include the one or more other character strings, which are not indicative of the content of the one or more image(s), as described above. For instance, receiving or accepting input comprising a selection of images or a grammatical structure associated with a user authentication credential can include the character string, “H7tk09J72”, as a user authentication credential, as described above. Thus, as further described below, for example, regarding
In still further exemplary implementations, as an alternative to users opting to save traditional passwords in an insecure location, such as an easily accessed notepad or an unencrypted computer file, various embodiments of the disclosed subject matter can facilitate printing one or more image(s) as a reminder of the user authentication credential, as a reminder of a grammatical structure, as a reminder of a character string, and or any combination thereof, according to still further non-limiting aspects. It can be understood that, in various non-limiting implementations, the one or more images can be different from the one or more image(s) employed as a user authentication credential for recovering the other user authentication credential as described above. In yet another non-limiting aspect, printing the one or more image(s) can include printing one or more image(s) that are suggestive of the user authentication credential (e.g., the character string, “H7tk09J72” or grammatical structure as a user authentication credential for use as a password or passphrase, etc.). As a further non-limiting example, in various aspects, a correlation between the one or more image(s) to be printed and one or more character string(s) or grammatical structure(s) that are suggestive of (but are not too obvious) the user authentication credential, can be employed as a reminder of the user authentication credential.
For instance, a rebus, an allusional device, can use one or more images to allude to words or parts of words, which devices have been traditionally used to denote surnames. In such traditional uses, images of animals or other items have been used as a symbol to allude to one or more parts of the surname. In the context of the disclosed subject matter, similar allusions can be employed in printing the one or more image(s) to suggest the correlations between the one or more image(s) to be printed and one or more character string(s) or grammatical structure(s), and which allusions can be suggestive of the user authentication credential. As a non-limiting example, images associated with the words “free,” “bee,” and “ear” can allude to the one or more character string(s) or grammatical structure(s), “‘free’+‘bee’+r+4+a+y+‘ear’,” where a user authentication credential might take one of the forms, “free beer for a year”, “free beer 4 a year”, and so on, etc.
In yet another non-limiting example, as described below regarding
While a brief overview of non-limiting examples has been provided, the following discussion is intended to provide a general description of exemplary environments suitable for use with aspects of the disclosed subject matter. For example,
Thus,
As described above, users are typically authenticated to computer system 102 and/or device 106 prior to being granted access (e.g., initial access, enhanced privilege access, access to personal information or special services available on computer system 102 or device 106, access to restricted access systems, devices, or information, etc.). This authentication can be accomplished via a password or user authentication credential presented based on a challenge as described above, or otherwise (e.g., biometric, electronic token, etc.). In the context of the disclosed subject matter, computer system 102 and/or device 106 can provide an opportunity to a user (e.g., user1 104 and/or user2 104) to generate a password or user authentication credential for access to computer system 102 (or device 106, or other devices or systems, etc.), authenticate the respective user via the generated password or user authentication credential, and/or allow recovery of a lost or forgotten password or user authentication credential via a series or a plurality of images presented or displayed to the user (e.g., user1 104 and/or user2 104), and so on according to aspects of the disclosed subject matter as described herein.
By way of non-limiting example, in facilitating access to computer system 102, for instance, a series or plurality of images presented or displayed to the user (e.g., user1 104 and/or user2 104) can be presented or displayed via a user interface of device 106, directly from computer system 102 to the user (e.g., from a user interface of computer system 102 to user1 104 and/or user2 104), via an intermediary (e.g., from computer system 102 via user2 104, or one or more device(s) 106 associated therewith, to user1 104 or one or more device(s) 106 associated therewith, etc.), or otherwise. In further non-limiting implementations, device 106 can provide an opportunity to a user (e.g., user1 104 and/or user2 104) to generate a password or user authentication credential that can facilitate access to device 106 (or computer system 102, or other devices or systems, etc.), authenticate the respective user via the generated password or user authentication credential, which can be stored or transmitted, can facilitate recovery of a lost or forgotten password or user authentication credential via the series or plurality of images presented to the user (e.g., user1 104 and/or user2 104), can facilitate resetting a user authentication credential, can facilitate permitting access to restricted access devices, systems, or information, and/or can allow access to other user authentication credentials according to aspects of the disclosed subject matter as described herein.
For instance,
As a non-limiting example, in the simple case of a user authentication credential according to the disclosed subject matter employed as a device (e.g., of device 106, etc.) PIN (or a local computer system 102 account password for a personal computer, etc.), the machine associated with the user interface (e.g., of device 106, computer system 102, etc.) can, indeed, include the requisite functionality to employ user authentication credentials as described herein (e.g., storage of user authentication credentials, storage of sets of images to be displayed or presented, generating, displaying or presenting images, accepting or receiving user input, comparisons of and verifications of user input with stored user authentication credentials, transmitting of associated data, and so on, etc.) and supporting functionality. However, in a more complex example, such as in an exemplary situation requiring logging on to an account of financial institution via a web browser application on a user's smart phone over a cellular wireless service provider's network, it can understood that it would be prudent or perhaps necessary as a security consideration to provide some separation of the various functionality employed (e.g., storage of user authentication credentials, storage of sets of images to be displayed or presented, and/or comparisons of and verifications of user input with stored user authentication credentials, versus displaying or presenting images, accepting or receiving user input, and/or transmitting associated data, and so on, etc.) according to various aspects of the disclosed subject matter. Thus, it can be understood that various functionality as described herein, and/or portions thereof can be provided or facilitated by one or more of device 106, computer system 102, and/or other computer executable agents or intermediaries of device 106 and computer system 102.
In a non-limiting example,
Accordingly, computing environment 300 can comprise a number of components to facilitate user authentication and/or user authentication credential generation according to various aspects of the disclosed subject matter, among other related functions. While various embodiments are described with respect to the components of computing environment 300 and the further embodiments more fully described below, one having ordinary skill in the art would recognize that various modifications could be made without departing from the spirit of the disclosed subject matter. Thus, it can be understood that the description herein is but one of many embodiments that may be possible while keeping within the scope of the claims appended hereto.
Additionally, while devices 106 (e.g., device 308, mobile devices 312-320, etc.) are shown as a generic, network capable device, device 106 is intended to refer to a class of network capable devices that can one or more of receive, transmit, store, etc. information incident to facilitating various techniques of the disclosed subject matter. Note that device 106 is depicted distinctly from that of device 308, or any of the variety of devices (e.g., devices 312-320, etc.), for purposes of illustration and not limitation.
While for purposes of illustration, user 104 can be described as performing certain actions, it is to be understood that device 106 and/or other devices (e.g., via an operating system, application software, device drivers, communications stacks, etc.) can perform such actions on behalf of user 104. Similarly for users 104 and devices 106, which can be discussed or described as performing certain actions, it is to be understood that computing systems or devices associated with users 104 and devices 106 respectively (e.g., via an operating system, application software, device drivers, communications stacks, etc.) can perform such actions on behalf of users 104 and devices 106.
Accordingly, exemplary device 106 can include, without limitation, networked desktop computer 308, a cellular phone 312 connected to a network via access component 302 or otherwise, a laptop computer 314, a tablet personal computer (PC) device 316, and/or a personal digital assistant (PDA) 318, or other mobile device, and so on. As further examples, device 106 can include such devices as a network capable camera 320 and other such devices (not shown) as a pen computing device, portable digital music player, home entertainment devices, network capable devices, appliances, kiosks, and sensors, and so on. It is to be understood that device 106 can comprise more or less functionality than those exemplary devices described above, as the context requires, and as further described below in connection with
Wired network 322 (as well as communications network 304) can comprise any number of computers, servers, intermediate network devices, and the like to facilitate various functions as further described herein. As a non-limiting example, wired network 322 can include one or more computer system 102 system(s) (e.g., one or more appropriately configured computing device(s) associated with, operated by, or operated on behalf of computer system 102, etc.) as described above, that can facilitate user authentication and/or user authentication credential generation on behalf of computer system 102, for instance.
In further non-limiting implementations, a communications provider systems 324 can facilitate providing communication services (e.g., web services, email, SMS or text messaging, MMS messaging, Skype®, IM such as ICQ™, AOL® IM or AIM®, etc., Facebook™, Twitter™, IRC, etc.), and which can employ and/or facilitate user authentication and/or user authentication credential generation techniques according to various non-limiting aspects as described herein.
As a further non-limiting example, wired network 322 can also include systems 326 (e.g., one or more appropriately configured computing device(s) associated with, operated by, or operated on behalf of computer system 102, or otherwise for the purpose of user authentication, user authentication credential generation, presenting or displaying a series or a plurality of images, and/or accepting or receiving user input, transmitting, storing, and/or verifying user authentication credentials, and so on, as further described herein, as well as ancillary or supporting functions, etc.).
In addition, wired network 322 or systems (or components) thereof can facilitate performing ancillary functions to accomplish various techniques described herein. For example, in wired network 322 or systems (or components) thereof, functions can be provided that facilitate authentication and authorization of one or more of user 104, device 106, presentation of information via a user interface to user 104 concerning user authentication and/or user authentication credential generation, etc. as described below. In a further example, computing environment 300 can comprise such further components (not shown) (e.g., authentication, authorization and accounting (AAA) servers, e-commerce servers, database servers, application servers, etc.) in communication with one or more of computer system 102, communications provider systems 324, and/or systems 326, and/or device 106 to accomplish the desired functions or to provide additional services for which the techniques of user authentication and/or user authentication credential generation are employed.
In view of the exemplary embodiments described supra, methods that can be implemented in accordance with the disclosed subject matter will be better appreciated with reference to the flowcharts of
For instance, in exemplary methods 400, the presenting can include presenting the sets of images in a row of images, such as in the drum analogy described above and below regarding
Additionally, in further non-limiting implementations of exemplary methods 400, presenting sets of images can also include generating one or more set(s) of images from a second set of images based on a random or pseudo-random selection of images to be presented in the sets of images. Thus, one or more of the set(s) of images can comprise a subset of images from the second set of images.
Moreover, at 402, methods 400 can further include presenting the sets of images, where one or more of the set(s) of images can be associated with disparate parts of speech (e.g., one a number of disparate parts of speech, one of three disparate parts of speech, etc.). For instance, in further non-limiting implementations of methods 400, presenting the sets of images can include presenting one or more of the set(s) of images based on determining which of the disparate parts of speech (e.g., subject, verb, and adverb, and so on, etc.) associated with the sets of images is to be presented (e.g., via a language processing algorithm, etc.). In still further non-limiting embodiments of methods 400, presenting the sets of images can also include presenting the sets of images, where one or more image(s) of the sets of images can comprise one or more sub-image(s), and where one or more of the one or more sub-image(s) can be associated with one of the number of disparate parts of speech.
In other non-limiting implementations of methods 400, at 402, the presenting can include presenting respective labels associated with the sets of images, where one or more of the respective label(s) can be associated with a subset of the number of disparate parts of speech (e.g., subject, verb, and adverb, and so on, etc.). For instance, any of the images of the sets of images can be associated with a label (e.g., tree, cat, dog, boy, plane, house, etc.), which in turn can be associated with a subset of the number of disparate parts of speech (e.g., noun or subject, etc.). In addition, the presenting the sets of images can further include presenting one or more further set(s) of images associated with an additional disparate part of speech. For instance, additional disparate parts of speech can include one or more of an adjective, a pronoun, a complement, a direct object, an indirect object, a preposition, an object of the preposition, or other parts of speech, and the one or more further set(s) of images associated with such additional disparate parts of speech can be presented at 402, in methods 400.
In addition, at 404, methods 400 can further include receiving input that indicates a selection of a subset of images of the sets of images, where the selection can correspond to a grammatical structure, as further described herein, regarding
At 406, methods 400 can include a determination as to whether a user rejects the sets of images (e.g., because a user desires a different series or combination of images, etc.). For example, a particular series or combination of images may provide a user an uninteresting sample of images for which to derive a memorable user authentication credential. In addition, at 408, methods 400 can include a determination as to whether there is an applicable requirement pending to reset the user authentication credential. For instance, due to security policies associated with a system or device, due to administrative intervention, or otherwise, a requirement can be specified that a user authentication credential should be reset. Additionally, at 410, methods 400 can include a determination as to whether passage of a predetermined period of time has occurred. As a non-limiting example, security policies associated with a system can specify that a user authentication credential should expire after passage of a predetermined period of time, which can present another opportunity to generate a user authentication credential.
Otherwise, at 412, methods 400 can comprise storing or transmitting one or more of the selection or the grammatical structure as the user authentication credential as further described herein, regarding
In the instance that one or more of the determination(s) at 406, 408, or 410 justify an additional presentation of sets of images, second sets of images can be presented. Thus, at 414 methods 400 can further include presenting second sets of images based on one or more of a rejection by a user (e.g., user 104, etc.) of the sets of images, a requirement to reset the user authentication credential, passage of a predetermined period of time, etc., as described. Accordingly, at 416, methods 400 can also include receiving the input based on the second sets of images. That is, methods 400 can include receiving input that indicates a selection of a subset of images of the second sets of images, where the selection can correspond to a grammatical structure, as further described herein, regarding
In addition, at 502, methods 500 can also include presenting the sets of images, where one or more of the set(s) of images can be associated with disparate parts of speech (e.g., one a number of disparate parts of speech, one of three disparate parts of speech, etc.). For instance, in further non-limiting embodiments of methods 500, presenting the sets of images can include presenting one or more of the set(s) of images based on determining which of the disparate parts of speech associated with the sets of images is to be presented (e.g., via a language processing algorithm, etc.). In yet other non-limiting implementations of methods 500, presenting the sets of images can also include presenting the sets of images, where one or more image(s) of the sets of images can comprise one or more sub-image(s), and where one or more of the one or more sub-image(s) can be associated with one of the number of disparate parts of speech, as further described herein, for example, regarding
Moreover, in other non-limiting embodiments of methods 500, at 502, the presenting can include presenting respective labels associated with the sets of images, where one or more of the respective label(s) can be associated with a subset of the number of disparate parts of speech. As an example described above, any of the sets of images can be associated with a label (e.g., tree, cat, dog, boy, plane, house, etc.), which in turn can be associated with a subset of the number of disparate parts of speech (e.g., noun or subject, etc.). Additionally, presenting the sets of images can further include presenting one or more further set(s) of images associated with an additional disparate part of speech. As a non-limiting embodiment, additional disparate parts of speech can include one or more of an adjective, a pronoun, a complement, a direct object, an indirect object, a preposition, an object of the preposition, and the one or more further set(s) of images associated with such additional disparate parts of speech can be presented at 502, in various non-limiting embodiments of methods 500.
In addition, at 504, methods 500 can also comprise receiving input comprising one or more of a selection of a subset of images of the sets of images or a grammatical structure, where the selection can be associated with a user authentication credential, as further described herein. In addition, in further non-limiting examples of methods 500, the receiving input can also include receiving a combination of an image of the selection and a subset of the grammatical structure, as further described above. In yet other non-limiting implementations, at 504, methods 500 can include receiving input comprising the grammatical structure that can include one or more of an adjective, a pronoun, a complement, a direct object, an indirect object, a preposition, or an object of the preposition, and so on, as described herein.
Moreover, at 506, methods 500 can further include a determination as to whether the input matches a stored user authentication credential. For instance, methods 500 can also include verifying the input matches a stored user authentication credential. In addition, at 508, methods 500 can include a determination as to whether the verification has failed greater than a predetermined number, X, attempts. For instance, due to security policies associated with a system or device (e.g., computer system 102, device 106, etc.), a user (e.g., user 104, etc.) can be limited in the number of attempts at verifying the input matches a stored user authentication credential, before administrative intervention, or other manual or automated action (e.g., account lockout, user authentication credential recovery, user authentication credential etc.) is implemented. If it is determined that the input does not match the stored user authentication credential at 506, methods 500 can include denying user access, at 510, based on the determining that the input that does not match (e.g., after a predetermined number of attempts, etc.). Otherwise, at 512 non-limiting examples of methods 500 can facilitate one or more of permitting access to a restricted access system, permitting access to a restricted access device, resetting the stored user authentication credential to the reset user authentication credential, determining that a user (e.g., user 104, etc.) is authorized to access a second user authentication credential, or granting access to restricted access information, as further described herein, regarding
In further non-limiting embodiments of the disclosed subject matter,
In addition, at 602, methods 600 can also include presenting the sets of images, where one or more of the set(s) of images can be associated with disparate parts of speech (e.g., one a number of disparate parts of speech, one of three disparate parts of speech, etc.). For instance, in further non-limiting embodiments of methods 600, presenting the sets of images can include presenting one or more of the set(s) of images based on determining which of the disparate parts of speech associated with the sets of images is to be presented (e.g., via a language processing algorithm, etc.). In yet other non-limiting implementations of methods 400, presenting the sets of images can also include presenting the sets of images, where one or more image(s) of the sets of images can comprise one or more sub-image(s), and where one or more of the one or more sub-image(s) can be associated with one of the number of disparate parts of speech.
Moreover, in other non-limiting embodiments of methods 600, at 602, the presenting can include presenting respective labels associated with the sets of images, where one or more of the respective label(s) can be associated with a subset of the number of disparate parts of speech. As an example described above, any of the sets of images can be associated with a label (e.g., tree, cat, dog, boy, plane, house, etc.), which in turn can be associated with a subset of the number of disparate parts of speech (e.g., noun or subject, etc.), as described above. Additionally, presenting the sets of images can further include presenting one or more further set(s) of images associated with an additional disparate part of speech. As a non-limiting embodiments, additional disparate parts of speech can include one or more of an adjective, a pronoun, a complement, a direct object, an indirect object, a preposition, an object of the preposition, and so on, and the one or more further set(s) of images associated with such additional disparate parts of speech can be presented at 602, in various non-limiting embodiments of methods 600.
In addition, at 604, methods 600 can also comprise receiving input comprising one or more of a selection of a subset of images of the sets of images or a grammatical structure, where the selection can be associated with a user authentication credential, as further described herein. In addition, in further non-limiting examples of methods 600, the receiving input can also include receiving a combination of an image of the selection and a subset of the grammatical structure, as further described above. In yet other non-limiting implementations of methods 600, at 604, methods 600 can include receiving input comprising the grammatical structure that can include one or more of an adjective, a pronoun, a complement, a direct object, an indirect object, a preposition, or an object of the preposition, as further described herein, for example, regarding
Moreover, at 606, methods 600 can further include a determination as to whether the input matches a stored user authentication credential. For instance, methods 600 can also include verifying the input matches a stored user authentication credential. In addition, at 608, methods 600 can include a determination as to whether the verification has failed greater than a predetermined number, X, attempts. For instance, due to security policies associated with a system, a user can be limited in the number of attempts at verifying the input matches a stored user authentication credential, before administrative intervention, or other manual or automated action (e.g., account lockout, user authentication credential recovery, user authentication credential etc.) is implemented. If it is determined that the input does not match the stored user authentication credential at 606, methods 600 can include denying user access, at 610, based on the determining that the input that does not match (e.g., after a predetermined number of attempts, etc.).
In addition, at 612, methods 600 can include a determination as to whether there is an applicable requirement to reset the user authentication credential. For instance, as described above, due to security policies associated with a system or device (e.g., computer system 102, device 106, etc.), administrative intervention, or otherwise, a requirement can be specified that a user authentication credential should be reset. Moreover, at 614, methods 600 can include a determination as to whether passage of a predetermined period of time has occurred. As a non-limiting example, security policies associated with a system or device (e.g., computer system 102, device 106, etc.) can specify that a user authentication credential should expire after passage of a predetermined period of time, which can present another opportunity to generate a user authentication credential. Otherwise, at 616 non-limiting examples of methods 600 can facilitate one or more of permitting access to a restricted access system, permitting access to a restricted access device, resetting the stored user authentication credential to the reset user authentication credential, determining that a user (e.g., user 104, etc.) is authorized to access a second user authentication credential, or granting access to restricted access information, as further described herein, regarding
As a non-limiting example of facilitating access to a restricted access system or device (e.g., computer system 102, device 106, etc.) such as an Automated Teller Machine (ATM), point of sale (POS) terminal, and/or a mobile device, and so on, consider a user (e.g., user 104, etc.) attempting to remember an ATM PIN. Various embodiments as described herein can facilitate permitting access to a restricted access system or device. In a further non-limiting example, PINs or other user authentication credentials can be stored, transmitted, and/or verified employing various aspects of the disclosed subject matter to facilitate permitting access to a restricted access system or device. In yet another non-limiting example, one or more PINs or other user authentication credentials can be stored on a system or device (e.g., computer system 102, device 106, etc.), and exemplary embodiments of the disclosed subject matter (e.g., presenting or displaying images, accepting or receiving user input, verifying, storing, and/or transmitting, etc.) can be employed to recover, verify, and/or transmit such user authentication credentials to another system or device (e.g., computer system 102, device 106, etc.), such as in an exemplary implementation of an ATM PIN stored on a mobile device. Thus, various non-limiting implementations can flexibly and securely facilitate password recovery via mobile device (e.g., device 106, etc.), as well as other convenient and secure options for use of user authentication credentials, whether in traditional form or otherwise according to aspects of the disclosed subject matter, across multiple systems and devices.
In the instance that one or more of the determination(s) at 606, 612, or 614 justify an additional presentation of sets of images, second sets of images can be presented. Thus, at 618 methods 600 can further include presenting second sets of images based on one or more of a rejection (e.g., by a user, by user 104, etc.) of the plurality of sets of images, a requirement to reset the user authentication credential, passage of a predetermined period of time, etc., as described. As described above regarding
Accordingly, at 620, methods 600 can also include receiving the input based on the second sets of images. That is, methods 600 can include receiving input that indicates a selection of a subset of images of the second sets of images, where the selection can correspond to a grammatical structure, as further described herein, for example, regarding
In view of the methods described supra, systems and devices that can be implemented in accordance with the disclosed subject matter will be better appreciated with reference to the functional block diagrams of
Thus, in exemplary non-limiting implementations (e.g., systems 700 that facilitate creating a user authentication credential), user interface component 702 can be configured to display a series of images to a user (e.g., user 104, etc.), as further described herein, for example, regarding
In other non-limiting implementations, the user interface component 702 can be further configured to display a second series of images based on one or more of a rejection (e.g., by a user, by user 104, etc.) of the series of images, a requirement to reset the user authentication credential, or passage of a predetermined period of time, as described above. Additionally, user interface component 702 can be further configured to user interface component 702 can be configured to display a series of images to a user, where one or more of the series of images can be associated with disparate parts of speech, according to further non-limiting aspects, as further described herein, for example, regarding
In further non-limiting implementations of system 700, input component 704 can be configured to accept input that indicates a selection of a subset of images of the series of images, where the selection corresponds to a grammatical structure, as further described herein, for instance, regarding
In other non-limiting implementations of system 700, output component 706 can be configured to store or transmit one or more of the selection or the grammatical structure as the user authentication credential. Still other non-limiting implementations can comprise output component 706 configured to store or transmit the user authentication credential based on the second series of images.
In addition, in exemplary non-limiting implementations (e.g., systems 700 that facilitate user authentication), user interface component 702 can be configured display a series of images to a user, as further described herein, for example, regarding
In yet other non-limiting embodiments, user interface component 702 can be further configured to display the series of images, where one or more image(s) of the series of images can comprise a number of sub-images, and where one or more of the sub-image(s) can be associated with one of the disparate parts of speech, as further described herein, for example, regarding
In addition, as further described herein, for example, regarding
In further non-limiting implementations of system 700, input component 704 can be configured to accept input comprising one or more of a selection of a subset of images of the series of images or a grammatical structure, where the selection can be associated with a user authentication credential, for instance, as further described herein, for example, regarding
In addition, authentication component 708 can be configured to verify the input matches a stored user authentication credential. As a non-limiting example, the authentication component 708 can be configured to compare the input to a stored user authentication credential. For instance, authentication component 708 configured to compare the input to a stored user authentication credential can also facilitate permitting access to a restricted access system, permitting access to a restricted access device, resetting the stored user authentication credential to a reset user authentication credential, determining that a user (e.g., user 104, etc.) can be authorized to access a second user authentication credential, transmitting the comparison results, and/or granting access to restricted access information, based on the comparison, and so on, according to further non-limiting aspects.
In still other non-limiting implementations of the disclosed subject matter, an authentication component 708 of system 700 can be further configured to determine that the input does not match the stored user authentication credential. As a non-limiting example, authentication component 708 configured to determine that the input does not match the stored user authentication credential can also facilitate denying access to a restricted access system, denying access to a restricted access device, preventing the stored user authentication credential from being reset, determining that a user (e.g., user 104, etc.) can be not authorized to access a second user authentication credential, transmitting the comparison results, and/or denying access to restricted access information, based on the determination, and so on, according to further non-limiting aspects. In still further non-limiting embodiments, authentication component 708 can be further configured to determine that the input does not match the stored user authentication credential based on a predetermined number of attempts. Thus, authentication component 708 of system 700 can be further configured to verify the input (e.g., input based on the second series of images matches) the stored user authentication credential, store the input as the user authentication credential, and/or transmit the input as the user authentication credential, and so on, as further described herein.
Further discussion of the advantages and flexibility provided by the various non-limiting embodiments can be appreciated by review of the following descriptions.
For example,
For instance, device, component, or system 800 can include a memory 802 that retains instructions for presenting a series of images to a user (e.g., user 104, etc.) via a user interface generated by a computing device (e.g., device, component, or system 800, etc.), as further described herein, for example, regarding
In further non-limiting embodiments, instructions in memory 802 can comprise instructions for presenting the series of images in a row of images. For instance, presenting the series of images in a row of images can facilitate manual or automated scrolling one or more image(s) of the row of images to allow viewing alternate images in one or more of the series of images, as further described herein, for example, regarding
For example, instructions in memory 802 can comprise instructions for presenting one or more of the series of images based on a language processing algorithm. As an example, presenting one or more of the series of images based on a language processing algorithm can determine or facilitate determining which of the disparate parts of speech associated with the series of images is presented or displayed, constructing nonsensical sentences or turns of phrase based on images and/or respective labels, and so on, etc. In addition, instructions in memory 802 can further comprise instructions for presenting or displaying the series of images, where one or more image(s) of the series of images can comprise one or more sub-image(s), and where one or more of the sub-image(s) can be associated with one of the disparate parts of speech. In further non-limiting implementations, instructions in memory 802 can also comprise instructions for presenting respective labels associated with the series of images, where one or more of the respective label(s) can be associated with a subset of the disparate parts of speech, and/or instructions for presenting one or more additional images associated with an additional disparate part of speech that can comprise one or more of an adjective, a pronoun, a complement, a direct object, an indirect object, a preposition, or an object of the preposition, as further described herein, for example, regarding
The memory 802 can further retain instructions for receiving input associated with a selection of a subset of images of the series of images, where the selection can correspond to a grammatical structure, as described herein. In further non-limiting implementations, instructions in memory 802 can comprise instructions for receiving a character string comprising the grammatical structure including one or more of a subject, a verb, and an adverb, as further described herein, for example, regarding
Additionally, memory 802 can retain instructions for storing or transmitting one of the selection or the grammatical structure as the user authentication credential. Memory 802 can further include instructions pertaining to presenting a second series of images based on one or more of a rejection (e.g., by a user, by user 104, etc.) of the series of images, a requirement to reset the user authentication credential, or passage of a predetermined period of time; to receiving input based on the second series of images; and/or to storing or transmitting the user authentication credential based on the second series of images. The above example instructions and other suitable instructions can be retained within memory 802, and a processor 804 can be utilized in connection with executing the instructions.
In further non-limiting implementations, device, component, or system 800 can comprise processor 804, and/or computer readable instructions stored on a non-transitory computer readable storage medium (e.g., memory 802, a hard disk drive, and so on, etc.), the computer readable instructions, when executed by a computing device, e.g., by processor 804, can cause the computing device to perform operations, according to various aspects of the disclosed subject matter. As a non-limiting example, the computer readable instructions, when executed by a computing device (e.g., computer system 102, device 106, etc.), can cause the computing device to authenticate a user, and so on, etc., as described herein. For example, in non-limiting implementations of the disclosed subject matter, device, component, or system 800 can include a memory 802 that retains instructions for presenting a series of images to a user (e.g., user 104, etc.) via a user interface generated by the computing device (e.g., device, component, or system 800, computer system 102, device 106, etc.), as further described herein, for example, regarding
In further non-limiting embodiments, instructions in memory 802 can comprise instructions for presenting the series of images in a row of images, as further described herein, for example, regarding
The memory 802 can further retain instructions for receiving input comprising a selection of a subset of images of the series of images or a grammatical structure, where the selection can be associated with a user authentication credential, as described above. As a non-limiting example, instructions in memory 802 can comprise instructions for receiving a character string comprising the grammatical structure including one or more of a subject, a verb, and an adverb, as further described herein, for instance, regarding
Additionally, memory 802 can retain instructions for verifying the input matches a stored user authentication credential. Memory 802 can further include instructions pertaining to presenting a second series of images in response to one or more of determining that the input does not match the stored user authentication credential, a requirement to reset the user authentication credential, or passage of a predetermined period of time; to receiving the input based on the second series of images; to verifying the input matches the stored user authentication credential; to storing the input as the user authentication credential; and/or to transmitting the input as the user authentication credential. Moreover, memory 802 can retain instructions for denying user access based determining that the input that does not match a predetermined number times, as described above.
The above example instructions and other suitable instructions can be retained within memory 802, and a processor 804 can be utilized in connection with executing the instructions.
Processor 906 can be a processor dedicated to analyzing information received by input component 902 and/or generating information for transmission by an output component 912. Processor 906 can be a processor that controls one or more portion(s) of systems or apparatuses 900, systems 700 or portions thereof, and/or a processor that can analyze information received by input component 902, can generate information for transmission by output component 912, and can perform various algorithms or operations associated with presenting images to a user, receiving input, storing or transmitting information, verifying input, sending and receiving information according to various protocols, performing analytical routines, or as further described herein, for example, regarding
As a non-limiting example of
Systems or apparatuses 900 can additionally comprise memory 910 that is operatively coupled to processor 906 and that stores information such as described above, user authentication credentials, images, labels, and the like, wherein such information can be employed in connection with implementing the user authentication credential generations and user authentication systems, methods, and so on as described herein. Memory 910 can additionally store protocols associated with generating lookup tables, etc., such that systems or apparatuses 900 can employ stored protocols and/or algorithms further to the performance of various algorithms and/or portions thereof as described herein.
It will be appreciated that storage component 904 and memory 906, or any combination thereof as described herein, can be either volatile memory or nonvolatile memory, or can include both volatile and nonvolatile memory. By way of illustration, and not limitation, nonvolatile memory can include read only memory (ROM), programmable ROM (PROM), electrically programmable ROM (EPROM), electrically erasable ROM (EEPROM), or flash memory. Volatile memory can include random access memory (RAM), which acts as cache memory. By way of illustration and not limitation, RAM is available in many forms such as synchronous RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double data rate SDRAM (DDR SDRAM), enhanced SDRAM (ESDRAM), Synch link DRAM (SLDRAM), and direct Rambus® RAM (DRRAM). The memory 910 is intended to comprise, without being limited to, these and any other suitable types of memory, including processor registers and the like. In addition, by way of illustration and not limitation, storage component 904 can include conventional storage media as in known in the art (e.g., hard disk drives, etc.).
Accordingly, in further non-limiting implementations, exemplary systems or apparatuses 900 (e.g., such as a device that can facilitate generating a user authentication credential, etc.) can comprise means for displaying one or more set(s) of images to a user (e.g., user 104, etc.) via a user interface of a device (e.g., device 106, computer system 102, etc.), as further described herein, for example, regarding
In further non-limiting embodiments of systems or apparatuses 900, the means for displaying can include means for displaying the one or more set(s) of images, where one or more set(s) of images can be associated with one of the disparate parts of speech, as further described herein, for example, regarding
Furthermore, systems or apparatuses 900 can comprise a means for accepting input that indicates a selection of a subset of images of the one or more set(s) of images, where the selection can correspond to a grammatical structure, for example, as described herein regarding
In addition, exemplary systems or apparatuses 900 can further comprise means for storing or transmitting the selection or the grammatical structure as the user authentication credential, for example, as described above regarding
It can be understood that in various non-limiting implementations of
Thus, in still other non-limiting implementations, exemplary systems or apparatuses 900, can also comprise device 106, such as a mobile device, as described above regarding
In still further non-limiting implementations, exemplary systems or apparatuses 900 (e.g., such as a device that can facilitate user authentication, etc.) can comprise means for displaying one or more set(s) of images to a user via a user interface of a device (e.g., device 106, computer system 102, etc.), as further described herein, for example, regarding
In addition, exemplary systems or apparatuses 900 can also comprise means for determining that the input does not match the stored user authentication credential, means for denying user access based on a determination that the input that does not match after a predetermined number of attempts, and so on. In further non-limiting implementations, systems or apparatuses 900 can comprise means for displaying a second plurality of sets of images in response the determination (e.g., that the input that does not match after a predetermined number of attempts, etc.). In other non-limiting examples, the means for displaying can include means for displaying the one or more set(s) of images in a row of images, as further described herein, for example, regarding
In further non-limiting embodiments of systems or apparatuses 900, the means for displaying can include means for displaying the one or more set(s) of images, where one or more set(s) of images can be associated with one of the disparate parts of speech, as further described herein. In addition, the means for displaying can include means for displaying the one or more set(s) of images, where one or more image(s) of the one or more set(s) of images comprises one or more sub-image(s), and where one or more of the sub-image(s) can be associated with one of the disparate parts of speech, as further described herein, for example, regarding
Furthermore, systems or apparatuses 900 can comprise a means for accepting input comprising a selection of a subset of images of the one or more set(s) of images or a grammatical structure, where the selection can be associated with a user authentication credential, for example, as described above regarding
In addition, exemplary systems or apparatuses 900 can further comprise means for verifying the input matches a stored user authentication credential., for example, as described above regarding
Thus, it can be further understood that in various non-limiting implementations of
Thus, in still other non-limiting implementations, exemplary systems or apparatuses 900, can also comprise device 106, such as a mobile device, as described above regarding
For instance, in a non-limiting example of a device 106 that can facilitate user authentication and/or user authentication credential generation techniques as described herein,
As a non-limiting example, returning to the analogy of the slot machine description of a “drum” with digits and image cells as described above, the exemplary user interface can comprise a drum 1102 with one or more digit(s) (e.g., digit 1 (1104), digit 2 (1106), digit N (1108), etc.) and one or more corresponding rotating image(s) in image cells (e.g., image cell 1 (1110), image cell 2 (1112), image cell N (1114), etc.) to facilitate user authentication and/or user authentication credential generation techniques as described herein.
According to further non-limiting implementations, user interface 702 according to non-limiting aspects of the disclosed subject matter can also provide respective labels (e.g., labels 1 (1116), labels 2 (1118), labels N (1120), etc.) to facilitate further aspects of user authentication and/or user authentication credential generation techniques as described herein. In further non-limiting aspects, a user interface according to the disclosed subject matter can also comprise one or more user authentication credential display/entry form(s) 1122, that can, inter alia, facilitate display of a proposed user authentication credential, display a tentative selection or portions thereof based on the rotation of the images in the image cells, entry of character strings, copy and/or paste of one or more character(s) or character string(s) or other data such as a subset of the images, and so on.
Furthermore, user interface 702 according to other non-limiting aspects of the disclosed subject matter can comprise various controls (e.g., control 1 (1124), control M (1126), and so on, etc.) that can, inter alia, facilitate a user (e.g., user 104, etc.) accepting and/or rejecting a proposed user authentication credential, receiving input regarding a user authentication credential, selecting one or more image(s), submitting a user authentication credential, and/or transmitting a user authentication credential, scrolling the one or more of the image(s) of the images cells, and/or generating a proposed user authentication credential via an automated or semi-automated algorithm based on a random, pseudo-random, or language processing algorithm, and so on, etc. It can be understood that the above descriptions are merely exemplary and do not limit the disclosed subject matter or encompass the entire range of possible options for user authentication and/or user authentication credential generation according to the techniques as described herein. Further examples and descriptions are intended to further illustrate non-limiting aspects regarding displaying or presenting a series or plurality of sets of images, receiving or accepting input that indicates a selection, and so on according to various non-limiting embodiments.
For example, as can be seen in the functional block diagram of
Note that the sets of images in image cells 1202, 1206, and 1210 need not be mutually exclusive sets, and/or the sets of images can be comprised from a subset of a larger set of images that can be employed to facilitate the techniques described herein. Thus, the exemplary user interface as depicted in
In addition, in further non-limiting implementations, an exemplary user interface 702, according to aspects of the disclosed subject matter can facilitate presenting or displaying images comprising more than one sub-image. That is, one or more image(s) of the image cells can comprise a number of images or sub-images to comprise a scene, as further described above. For instance, image 1214 of image cell 1202 comprises an image of a farm, which further comprises sub-images of a barn, a silo, a tree, a road, a yard, and so on, etc. Accordingly, a set of respective labels 1216 of labels 1204 associated with image 1214 can comprise respective labels, such as “farm,” “silo,” “barn,” or other suitable labels, and so on, etc., as well as plural forms or language, dialect, or grammar specific forms, which can be specific to particular non-limiting implementations. However,
Note further that, in the particular non-limiting example depicted in
Accordingly, it can be seen from the description of exemplary user interface, according to the disclosed subject matter regarding
The various functionalities or portions thereof can be understood to facilitate respective functions and/or features as indicated and as further described above, for example, regarding
Generally, applications (e.g., program modules) can include routines, programs, components, data structures, etc., that perform or facilitate performing particular tasks and/or implement or facilitate implementing particular abstract data types. Moreover, those skilled in the art will appreciate that the techniques described herein can be practiced with other system configurations, including single-processor or multiprocessor systems, minicomputers, mainframe computers, as well as personal computers, hand-held computing devices, microprocessor-based or programmable consumer electronics, and the like, each of which can be operatively coupled to one or more associated device(s).
A computing device can typically include a variety of computer-readable media, as further described herein, for example, regarding
Communication media, as distinguished from computer-readable media, and/or computer-readable storage media, typically embodies computer-readable instructions, data structures, program modules, or other data in a modulated data signal such as a carrier wave or other transport mechanism, and includes any information delivery media. The term “modulated data signal” means a signal that has one or more of its characteristics set or changed in such a manner as to encode information in the signal. By way of example, and not limitation, communication media includes wired media such as a wired network or direct-wired connection, and wireless media such as acoustic, RF, infrared and other wireless media. Combinations of the any of the above should also be included within the scope of computer readable communications media as distinguishable from computer-readable media or computer-readable storage media.
The handset 1300 can include a processor 1302 for controlling and processing all onboard operations and functions. A memory 1304 can interface to the processor 1302 for storage of data and one or more application(s) 1306. Other applications can support operation of communications and/or communications protocols. The applications 1306 can be stored in the memory 1304 and/or in a firmware 1308, and executed by the processor 1302 from either or both the memory 1304 or/and the firmware 1308. The firmware 1308 can also store startup code for execution in initializing the handset 1300. A communications component 1310 can interface to the processor 1302 to facilitate wired/wireless communication with external systems, e.g., cellular networks, VoIP networks, and so on. Here, the communications component 1310 can also include a suitable cellular transceiver 1311 (e.g., a GSM transceiver) and/or an unlicensed transceiver 1313 (e.g., Wireless Fidelity (WiFi™), Worldwide Interoperability for Microwave Access (WiMax®)) for corresponding signal communications. The handset 1300 can be a device such as a cellular telephone, a PDA with mobile communications capabilities, and messaging-centric devices. The communications component 1310 can also facilitate communications reception from terrestrial radio networks (e.g., broadcast), digital satellite radio networks, and Internet-based radio services networks.
The handset 1300 can include a display 1312 for displaying text, images, video, telephony functions (e.g., a Caller ID function), setup functions, and for user input. For example, the display 1312 can also be referred to as a “screen” that can accommodate the presentation of multimedia content (e.g., images, metadata, messages, wallpaper, graphics, etc.). The display 1312 can also display videos and can facilitate the generation, editing and sharing of video quotes. A serial I/O interface 1314 can be provided in communication with the processor 1302 to facilitate wired and/or wireless serial communications (e.g., Universal Serial Bus (USB), and/or Institute of Electrical and Electronics Engineers (IEEE) 1394) through a hardwire connection, and other serial input devices (e.g., a keyboard, keypad, and mouse). This can support updating and troubleshooting the handset 1300, for example. Audio capabilities can be provided with an audio I/O component 1316, which can include a speaker for the output of audio signals related to, for example, indication that the user pressed the proper key or key combination to initiate the user feedback signal. The audio I/O component 1316 can also facilitate the input of audio signals through a microphone to record data and/or telephony voice data, and for inputting voice signals for telephone conversations.
The handset 1300 can include a slot interface 1318 for accommodating a SIC (Subscriber Identity Component) in the form factor of a card Subscriber Identity Module (SIM) or universal SIM 1320, and interfacing the SIM card 1320 with the processor 1302. However, it is to be appreciated that the SIM card 1320 can be manufactured into the handset 1300, and updated by downloading data and software.
The handset 1300 can process Internet Protocol (IP) data traffic through the communication component 1310 to accommodate IP traffic from an IP network such as, for example, the Internet, a corporate intranet, a home network, a person area network, etc., through an ISP or broadband cable provider. Thus, VoIP traffic can be utilized by the handset 1300 and IP-based multimedia content can be received in either an encoded or a decoded format.
A video processing component 1322 (e.g., a camera) can be provided for decoding encoded multimedia content. The video processing component 1322 can aid in facilitating the generation and/or sharing of video. The handset 1300 also includes a power source 1324 in the form of batteries and/or an alternating current (AC) power subsystem, which power source 1324 can interface to an external power system or charging equipment (not shown) by a power input/output (I/O) component 1326.
The handset 1300 can also include a video component 1330 for processing video content received and, for recording and transmitting video content. For example, the video component 1330 can facilitate the generation, editing and sharing of video. A location-tracking component 1332 can facilitate geographically locating the handset 1300. A user input component 1334 can facilitate the user inputting data and/or making selections as previously described. The user input component 1334 can also facilitate generation of a user authentication credential and/or user authentication, as well as composing messages and other user input tasks as required by the context. The user input component 1334 can include such conventional input device technologies such as a keypad, keyboard, mouse, stylus pen, and/or touch screen, for example.
Referring again to the applications 1306, a hysteresis component 1336 can facilitate the analysis and processing of hysteresis data, which is utilized to determine when to associate with an access point. A software trigger component 1338 can be provided that can facilitate triggering of the hysteresis component 1338 when a WiFi™ transceiver 1313 detects the beacon of the access point. A SIP client 1340 can enable the handset 1300 to support SIP protocols and register the subscriber with the SIP registrar server. The applications 1306 can also include a communications application or client 1346 that, among other possibilities, can be user authentication and/or other user interface component functionality as described above.
The handset 1300, as indicated above related to the communications component 1310, can include an indoor network radio transceiver 1313 (e.g., WiFi transceiver). This function supports the indoor radio link, such as IEEE 802.11, for the dual-mode Global System for Mobile Communications (GSM) handset 1300. The handset 1300 can accommodate at least satellite radio services through a handset that can combine wireless voice and digital radio chipsets into a single handheld device.
It can be understood that while a brief overview of exemplary systems, methods, scenarios, and/or devices has been provided, the disclosed subject matter is not so limited. Thus, it can be further understood that various modifications, alterations, addition, and/or deletions can be made without departing from the scope of the embodiments as described herein. Accordingly, similar non-limiting implementations can be used or modifications and additions can be made to the described embodiments for performing the same or equivalent function of the corresponding embodiments without deviating therefrom.
One of ordinary skill in the art can appreciate that the disclosed subject matter can be implemented in connection with any computer or other client or server device, which can be deployed as part of a communications system, a computer network, or in a distributed computing environment, connected to any kind of data store. In this regard, the disclosed subject matter pertains to any computer system or environment having any number of memory or storage units, and any number of applications and processes occurring across any number of storage units or volumes, which may be used in connection with communication systems using the techniques, systems, and methods in accordance with the disclosed subject matter. The disclosed subject matter can apply to an environment with server computers and client computers deployed in a network environment or a distributed computing environment, having remote or local storage. The disclosed subject matter can also be applied to standalone computing devices, having programming language functionality, interpretation and execution capabilities for generating, receiving, storing, and/or transmitting information in connection with remote or local services and processes.
Distributed computing provides sharing of computer resources and services by exchange between computing devices and systems. These resources and services can include the exchange of information, cache storage, and disk storage for objects, such as files. Distributed computing takes advantage of network connectivity, allowing clients to leverage their collective power to benefit the entire enterprise. In this regard, a variety of devices can have applications, objects, or resources that may implicate the communication systems using the techniques, systems, and methods of the disclosed subject matter.
It can also be appreciated that an object, such as 1420c, can be hosted on another computing device 1410a, 1410b, etc. or 1420a, 1420b, 1420c, 1420d, 1420e, etc. Thus, although the physical environment depicted may show the connected devices as computers, such illustration is merely exemplary and the physical environment may alternatively be depicted or described comprising various digital devices such as PDAs, televisions, MP3 players, etc., any of which may employ a variety of wired and wireless services, software objects such as interfaces, COM objects, and the like.
There is a variety of systems, components, and network configurations that support distributed computing environments. For example, computing systems can be connected together by wired or wireless systems, by local networks or widely distributed networks. Currently, many of the networks are coupled to the Internet, which can provide an infrastructure for widely distributed computing and can encompass many different networks. Any of the infrastructures can be used for communicating information used in systems employing the techniques, systems, and methods according to the disclosed subject matter.
The Internet commonly refers to the collection of networks and gateways that utilize the Transmission Control Protocol/Internet Protocol (TCP/IP) suite of protocols, which are well known in the art of computer networking. The Internet can be described as a system of geographically distributed remote computer networks interconnected by computers executing networking protocols that allow users to interact and share information over network(s). Because of such widespread information sharing, remote networks such as the Internet have thus far generally evolved into an open system with which developers can design software applications for performing specialized operations or services, essentially without restriction.
Thus, the network infrastructure enables a host of network topologies such as client/server, peer-to-peer, or hybrid architectures. The “client” is a member of a class or group that uses the services of another class or group to which it is not related. Thus, in computing, a client can be a process, e.g., roughly a set of instructions or tasks, that requests a service provided by another program. The client process can utilize the requested service without having to “know” any working details about the other program or the service itself. In client/server architecture, particularly a networked system, a client is usually a computer that accesses shared network resources provided by another computer, e.g., a server. In the illustration of
A server is typically a remote computer system accessible over a remote or local network, such as the Internet or wireless network infrastructures. The client process can be active in a first computer system, and the server process can be active in a second computer system, communicating with one another over a communications medium, thus providing distributed functionality and allowing multiple clients to take advantage of the information-gathering capabilities of the server. Any software objects utilized pursuant to communication (wired or wirelessly) using the techniques, systems, and methods of the disclosed subject matter may be distributed across multiple computing devices or objects.
Client(s) and server(s) communicate with one another utilizing the functionality provided by protocol layer(s). For example, HyperText Transfer Protocol (HTTP) is a common protocol that is used in conjunction with the World Wide Web (WWW), or “the Web.” Typically, a computer network address such as an Internet Protocol (IP) address or other reference such as a Universal Resource Locator (URL) can be used to identify the server or client computers to each other. The network address can be referred to as a URL address. Communication can be provided over a communications medium, e.g., client(s) and server(s) can be coupled to one another via TCP/IP connection(s) for high-capacity communication.
Thus,
In a network environment in which the communications network/bus 1440 is the Internet, for example, the servers 1410a, 1410b, etc. can be Web servers with which the clients 1420a, 1420b, 1420c, 1420d, 1420e, etc. communicate via any of a number of known protocols such as HTTP. Servers 1410a, 1410b, etc. can also serve as clients 1420a, 1420b, 1420c, 1420d, 1420e, etc., as may be characteristic of a distributed computing environment.
As mentioned, communications to or from the systems incorporating the techniques, systems, and methods of the disclosed subject matter can ultimately pass through various media, either wired or wireless, or a combination, where appropriate. Client devices 1420a, 1420b, 1420c, 1420d, 1420e, etc. may or may not communicate via communications network/bus 14, and may have independent communications associated therewith. For example, in the case of a TV or VCR, there may or may not be a networked aspect to the control thereof. Each client computer 1420a, 1420b, 1420c, 1420d, 1420e, etc. and server computer 1410a, 1410b, etc. can be equipped with various application program modules or objects 1435a, 1435b, 1435c, etc. and with connections or access to various types of storage elements or objects, across which files or data streams may be stored or to which portion(s) of files or data streams may be downloaded, transmitted or migrated. Any one or more of computers 1410a, 1410b, 1420a, 1420b, 1420c, 1420d, 1420e, etc. can be responsible for the maintenance and updating of a database 1430 or other storage element, such as a database or memory 1430 for storing data processed or saved based on, or the subject of, communications made according to the disclosed subject matter. Thus, the disclosed subject matter can be utilized in a computer network environment having client computers 1420a, 1420b, 1420c, 1420d, 1420e, etc. that can access and interact with a computer network/bus 1440 and server computers 1410a, 1410b, etc. that can interact with client computers 1420a, 1420b, 1420c, 1420d, 1420e, etc. and other like devices, and databases 1430.
As mentioned, the disclosed subject matter applies to any device wherein it may be desirable to communicate data, e.g., to or from a mobile device. It should be understood, therefore, that handheld, portable and other computing devices and computing objects of all kinds are contemplated for use in connection with the disclosed subject matter, e.g., anywhere that a device can communicate data or otherwise receive, process or store data. Accordingly, the below general purpose remote computer described below in
Although not required, some aspects of the disclosed subject matter can partly be implemented via an operating system, for use by a developer of services for a device or object, and/or included within application software that operates in connection with the component(s) of the disclosed subject matter. Software may be described in the general context of computer executable instructions, such as program modules or components, being executed by one or more computer(s), such as client workstations, servers or other devices. Those skilled in the art will appreciate that the disclosed subject matter may be practiced with other computer system configurations and protocols.
With reference to
Computer 1510a typically includes a variety of computer readable media. Computer readable media can be any available media that can be accessed by computer 1510a. By way of example, and not limitation, computer readable media can comprise computer storage media and communication media. Computer storage media includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CDROM, digital versatile disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can be accessed by computer 1510a. Communication media typically embodies computer readable instructions, data structures, program modules, or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media.
The system memory 1530a may include computer storage media in the form of volatile and/or nonvolatile memory such as read only memory (ROM) and/or random access memory (RAM). A basic input/output system (BIOS), containing the basic routines that help to transfer information between elements within computer 1510a, such as during start-up, may be stored in memory 1530a. Memory 1530a typically also contains data and/or program modules that are immediately accessible to and/or presently being operated on by processing unit 1520a. By way of example, and not limitation, memory 1530a may also include an operating system, application programs, other program modules, and program data.
The computer 1510a may also include other removable/non-removable, volatile/nonvolatile computer storage media. For example, computer 1510a could include a hard disk drive that reads from or writes to non-removable, nonvolatile magnetic media, a magnetic disk drive that reads from or writes to a removable, nonvolatile magnetic disk, and/or an optical disk drive that reads from or writes to a removable, nonvolatile optical disk, such as a CD-ROM or other optical media. Other removable/non-removable, volatile/nonvolatile computer storage media that can be used in the exemplary operating environment include, but are not limited to, magnetic tape cassettes, flash memory cards, digital versatile disks, digital video tape, solid state RAM, solid state ROM, and the like. A hard disk drive is typically connected to the system bus 1521a through a non-removable memory interface such as an interface, and a magnetic disk drive or optical disk drive is typically connected to the system bus 1521a by a removable memory interface, such as an interface.
A user can enter commands and information into the computer 1510a through input devices such as a keyboard and pointing device, commonly referred to as a mouse, trackball, or touch pad. Other input devices can include a microphone, joystick, game pad, satellite dish, scanner, wireless device keypad, voice commands, or the like. These and other input devices are often connected to the processing unit 1520a through user input 1540a and associated interface(s) that are coupled to the system bus 1521a, but may be connected by other interface and bus structures, such as a parallel port, game port, or a universal serial bus (USB). A graphics subsystem can also be connected to the system bus 1521a. A monitor or other type of display device can also be connected to the system bus 1521a via an interface, such as output interface 1550a, which may in turn communicate with video memory. In addition to a monitor, computers can also include other peripheral output devices such as speakers and a printer, which can be connected through output interface 1550a.
The computer 1510a can operate in a networked or distributed environment using logical connections to one or more other remote computer(s), such as remote computer 1570a, which can in turn have media capabilities different from device 1510a. The remote computer 1570a can be a personal computer, a server, a router, a network PC, a peer device, personal digital assistant (PDA), cell phone, handheld computing device, or other common network node, or any other remote media consumption or transmission device, and may include any or all of the elements described above relative to the computer 1510a. The logical connections depicted in
When used in a LAN networking environment, the computer 1510a can be connected to the LAN 1571a through a network interface or adapter. When used in a WAN networking environment, the computer 1510a can typically include a communications component, such as a modem, or other means for establishing communications over the WAN, such as the Internet. A communications component, such as a modem and so on, which can be internal or external, can be connected to the system bus 1521a via the user input interface of input 1540a, or other appropriate mechanism. In a networked environment, program modules depicted relative to the computer 1510a, or portions thereof, can be stored in a remote memory storage device. It will be appreciated that the network connections shown and described are exemplary and other means of establishing a communications link between the computers can be used.
While the disclosed subject matter has been described in connection with the preferred embodiments of the various figures, it is to be understood that other similar embodiments may be used or modifications and additions may be made to the described embodiment for performing the same function of the disclosed subject matter without deviating therefrom. For example, one skilled in the art will recognize that the disclosed subject matter as described in the present application applies to communication systems using the disclosed techniques, systems, and methods and may be applied to any number of devices connected via a communications network and interacting across the network, either wired, wirelessly, or a combination thereof.
Accordingly, while words such as transmitted and received are used in reference to the described communications processes, it should be understood that such transmitting and receiving is not limited to digital communications systems, but could encompass any manner of sending and receiving data suitable for implementation of the described techniques. As a result, the disclosed subject matter should not be limited to any single embodiment, but rather should be construed in breadth and scope in accordance with the appended claims.
The above-described communication systems using the techniques, systems, and methods may be applied to any network, however, the following description sets forth some exemplary telephony radio networks and non-limiting operating environments for communications made incident to the communication systems using the techniques, systems, and methods of the disclosed subject matter. The below-described operating environments should be considered non-exhaustive, however, and thus, the below-described network architecture merely shows one network architecture into which the disclosed subject matter may be incorporated. One can appreciate, however, that the disclosed subject matter may be incorporated into any now existing or future alternative architecture for communication networks as well.
The global system for mobile communication (“GSM”) is one of the most widely utilized wireless access systems in today's fast growing communication systems. GSM provides circuit-switched data services to subscribers, such as mobile telephone or computer users. General Packet Radio Service (“GPRS”), which is an extension to GSM technology, introduces packet switching to GSM networks. GPRS uses a packet-based wireless communication technology to transfer high and low speed data and signaling in an efficient manner. GPRS optimizes the use of network and radio resources, thus enabling the cost effective and efficient use of GSM network resources for packet mode applications.
As one of ordinary skill in the art can appreciate, the exemplary GSM/GPRS environment and services described herein can also be extended to 3G services, such as Universal Mobile Telephone System (“UMTS”), Frequency Division Duplexing (“FDD”) and Time Division Duplexing (“TDD”), High Speed Packet Data Access (“HSPDA”), cdma2000 1x Evolution Data Optimized (“EVDO”), Code Division Multiple Access-2000 (“cdma2000 3x”), Time Division Synchronous Code Division Multiple Access (“TD-SCDMA”), Wideband Code Division Multiple Access (“WCDMA”), Enhanced Data GSM Environment (“EDGE”), International Mobile Telecommunications-2000 (“IMT-2000”), Digital Enhanced Cordless Telecommunications (“DECT”), etc., as well as to other network services that shall become available in time. In this regard, the techniques, systems, and methods of the disclosed subject matter can be applied independently of the method of data transport, and does not depend on any particular network architecture, or underlying protocols.
Generally, there can be four different cell sizes in a GSM network-macro, micro, pico and umbrella cells. The coverage area of each cell is different in different environments. Macro cells can be regarded as cells where the base station antenna is installed in a mast or a building above average roof top level. Micro cells are cells whose antenna height is under average roof top level; they are typically used in urban areas. Pico cells are small cells having a diameter is a few dozen meters; they are mainly used indoors. On the other hand, umbrella cells are used to cover shadowed regions of smaller cells and fill in gaps in coverage between those cells.
The word “exemplary” is used herein to mean serving as an example, instance, or illustration. For the avoidance of doubt, the subject matter disclosed herein is not limited by such examples. In addition, any aspect or design described herein as “exemplary” is not necessarily to be construed as preferred or advantageous over other aspects or designs, nor is it meant to preclude equivalent exemplary structures and techniques known to those of ordinary skill in the art. Furthermore, to the extent that the terms “includes,” “has,” “contains,” and other similar words are used in either the detailed description or the claims, for the avoidance of doubt, such terms are intended to be inclusive in a manner similar to the term “comprising” as an open transition word without precluding any additional or other elements.
Various implementations of the disclosed subject matter described herein can have aspects that are wholly in hardware, partly in hardware and partly in software, as well as in software. Furthermore, aspects may be fully integrated into a single component, be assembled from discrete devices, components, or sub-components, or implemented as a combination suitable to the particular application and is a matter of design choice. As used herein, the terms “device,” “component,” “system,” and the like are likewise intended to refer to a computer-related entity, either hardware, a combination of hardware and software, software, or software in execution. For example, a component may be, but is not limited to being, a process running on a processor, a processor, an object, an executable, a thread of execution, a program, and/or a computer. By way of illustration, both an application running on computer and the computer can be a component. One or more component(s) can reside within a process and/or thread of execution and a component can be localized on one computer and/or distributed between two or more computers.
Thus, the systems of the disclosed subject matter, or certain aspects or portions thereof, may take the form of program code (e.g., instructions) embodied in tangible computer readable media, such as floppy diskettes, CD-ROMs, hard drives, or any other machine-readable storage medium, wherein, when the program code is loaded into and executed by a machine, such as a computer, the machine becomes an apparatus for practicing the disclosed subject matter. In the case of program code execution on programmable computers, the computing device can generally include a processor, a storage medium readable by the processor (including volatile and non-volatile memory and/or storage elements), at least one input device, and at least one output device. In addition, the components can communicate via local and/or remote processes such as in accordance with a signal having one or more data packet(s) (e.g., data from one component interacting with another component in a local system, distributed system, and/or across a network such as the Internet with other systems via the signal).
As used in this application, the term “or” is intended to mean an inclusive “or” rather than an exclusive “or”. That is, unless specified otherwise, or clear from context, “X employs A or B” is intended to mean any of the natural inclusive permutations. That is, if X employs A; X employs B; or X employs both A and B, then “X employs A or B” is satisfied under any of the foregoing instances. In addition, the articles “a” and “an” as used in this application and the appended claims should generally be construed to mean “one or more” unless specified otherwise or clear from context to be directed to a singular form.
As used herein, the terms to “infer” or “inference” refer generally to the process of reasoning about or inferring states of the system, environment, and/or user from a set of observations as captured via events and/or data. Inference can be employed to identify a specific context or action, or can generate a probability distribution over states, for example. The inference can be probabilistic—that is, the computation of a probability distribution over states of interest based on a consideration of data and events. Inference can also refer to techniques employed for composing higher-level events from a set of events and/or data. Such inference results in the construction of new events or actions from a set of observed events and/or stored event data, whether or not the events are correlated in close temporal proximity, and whether the events and data come from one or several event and data sources.
Furthermore, some aspects of the disclosed subject matter can be implemented as a system, method, apparatus, or article of manufacture using standard programming and/or engineering techniques to produce software, firmware, hardware, or any combination thereof to control a computer or processor based device to implement aspects detailed herein. The terms “article of manufacture”, “computer program product” or similar terms, where used herein, are intended to encompass a computer program accessible from any computer-readable device, carrier, or media. For example, computer readable media can include but are not limited to magnetic storage devices (e.g., hard disk, floppy disk, magnetic strips, etc.), optical disks (e.g., compact disk (CD), digital versatile disk (DVD), etc.), smart cards, and flash memory devices (e.g., card, stick, key drive, etc.). Additionally, it is known that a carrier wave can be employed to carry computer-readable electronic data such as those used in transmitting and receiving electronic mail or in accessing a network such as the Internet or a local area network (LAN). Of course, those skilled in the art will recognize many modifications can be made to this configuration without departing from the scope or spirit of the various embodiments.
The aforementioned systems have been described with respect to interaction between several components. It can be appreciated that such systems and components can include those components or specified sub-components, some of the specified components or sub-components, and/or additional components, and according to various permutations and combinations of the foregoing. Sub-components can also be implemented as components communicatively coupled to other components rather than included within parent components, e.g., according to a hierarchical arrangement. Additionally, it should be noted that one or more component(s) can be combined into a single component providing aggregate functionality or divided into several separate sub-components, and any one or more middle layer(s), such as a management layer, may be provided to communicatively couple to such sub-components in order to provide integrated functionality. Any components described herein may also interact with one or more other component(s) not specifically described herein but generally known by those of skill in the art.
While for purposes of simplicity of explanation, methodologies disclosed herein are shown and described as a series of blocks, it is to be understood and appreciated that the claimed subject matter is not limited by the order of the blocks, as some blocks may occur in different orders and/or concurrently with other blocks from what is depicted and described herein. Where non-sequential, or branched, flow is illustrated via flowchart, it can be appreciated that various other branches, flow paths, and orders of the blocks, may be implemented which achieve the same or a similar result. Moreover, not all illustrated blocks may be required to implement the methodologies described hereinafter.
Furthermore, as will be appreciated, various portions of the disclosed systems may include or consist of artificial intelligence or knowledge or rule based components, sub-components, processes, means, methodologies, or mechanisms (e.g., support vector machines, neural networks, expert systems, Bayesian belief networks, fuzzy logic, data fusion engines, classifiers, etc.). Such components, inter alia, can automate certain mechanisms or processes performed thereby to make portions of the systems and methods more adaptive as well as efficient and intelligent.
While the disclosed subject matter has been described in connection with the particular embodiments of the various figures, it is to be understood that other similar embodiments can be used or modifications and additions can be made to the described embodiment for performing the same function of the disclosed subject matter without deviating therefrom. Still further, the disclosed subject matter can be implemented in or across a plurality of processing chips or devices, and storage can similarly be effected across a plurality of devices. Therefore, the disclosed subject matter should not be limited to any single embodiment, but rather should be construed in breadth and scope in accordance with the appended claims.