FIELD OF INVENTION
[001] The present invention relates to an authentication method and more particularly to a gesture based authentication method.

BACKGROUND OF INVENTION
[002] A device with authentication mechanism can prevent access to confidential information by denying unauthorized access. Today  most of the application systems are configured to include touch screen user interface such as to make these systems more user friendly and to improve the user experience. The use of such touch interfaces allows the conventional authentication applications to use virtual keyboard displayed on the screen such as to provide input to the device. Alternatively  the conventional authentication applications can use pattern or gesture based input rather than the virtual keyboard displayed on the screen. In a gesture based authentication system  user can create a specific pattern on the device screen. If the pattern matches with already registered pattern  then the system allows the user to access the device.
[003] Many different systems implement the gesture based authentication mechanism. In a gesture based authentication mechanism  the user is allowed to select an object displayed on screen only once. Thus  the user is restricted to repeatedly select the object in successive iterations. With existing gesture based authentication system  the number of possible wrong combinations or challenges of objects displayed on screen is not enough to ensure failure of unauthorized attempts.
[004] As a result  the security level achieved by such gesture or pattern based authentication mechanisms is low compared to the conventional numeric keypad systems. In order to improve the security  the screen size of the device may have to be increased which limits its use in small screen devices such as smart phones. Moreover  a potential fraudster can easily observe and remember the pattern entered by the authorized user and can attempt to gain access to the device. Similarly  if the fraudster knows the number of objects to be selected in a pattern  then the number of trials for restricting unauthorized access to the device can get decreased.
[005] In light of the above discussion  there is a need of an authentication method which is required for high security applications.

OBJECT OF INVENTION
[006] The principal object of the embodiments herein is to achieve a method and system for gesture based authentication  which uses multi-tier based multi-class objects.
[007] Another object of the invention is to achieve a high security level by enabling user to select an object at each tier independent of selection in previous iteration.

SUMMARY
[008] The invention provides a method for authenticating a user in a touch screen environment. The method includes detecting a gesture and authenticating the user based on the matching of the detected gesture with a registered gesture. The gesture includes dropping objects from a first tier to a second tier or dropping objects from the first tier to the second tier via intermediate tiers.
[009] The registered gesture includes dropping objects of the first tier to objects in the second tier in multiple/successive iterations. In an embodiment  number of objects dropped is equal to the authentication-key length. In an embodiment  the objects of the first tier and the second tier are displayed on the touch screen environment. In an embodiment  the intermediate tiers are displayed between the first tier and the second tier. The registered gesture is set by an administrator. In an embodiment  detecting a gesture includes recording number of objects dropped in the gesture. In an embodiment  the authentication includes matching the sequence of dropping the objects.

BRIEF DESCRIPTION OF FIGURES
[0010] This invention is illustrated in the accompanying drawings  throughout which like reference letters indicate corresponding parts in the various figures. The embodiments herein will be better understood from the following description with reference to the drawings  in which:
[0011] FIG. 1 illustrates  a touch screen device with modules  in accordance with various embodiments of the present invention;
[0012] FIG. 2 illustrates a flow diagram explaining a method for authenticating a user of the touch screen device  in accordance with various embodiments of the present invention;
[0013] FIG. 3 illustrates an authentication-key using two tiers  in accordance with various embodiments of the present invention;
[0014] FIG. 4 illustrates the authentication-key using one intermediate tier with channels  in accordance with various embodiments of the present invention;
[0015] FIG. 5 illustrates the authentication-key using two intermediate tiers with channels  in accordance with various embodiments of the present invention;
[0016] FIG. 6 illustrates the authentication-key of randomly ordered objects of source tier and bins of destination tier  in accordance with various embodiments of the present invention; and
[0017] FIG. 7 illustrates a computing environment implementing the application  in accordance with various embodiments of the present invention.

DETAILED DESCRIPTION OF INVENTION
[0018] The embodiments herein and the various features and advantageous details thereof are explained more fully with reference to the non-limiting embodiments that are illustrated in the accompanying drawings and detailed in the following description. Descriptions of well-known components and processing techniques are omitted so as to not unnecessarily obscure the embodiments herein. The examples used herein are intended merely to facilitate an understanding of ways in which the embodiments herein can be practiced and to further enable those of skill in the art to practice the embodiments herein. Accordingly  the examples should not be construed as limiting the scope of the embodiments herein.
[0019] The embodiments herein achieve a method and system for gesture based authentication using objects from multiple classes arranged in multiple tiers. The method enables a touch screen device to display multiple objects. The method allows a user to select  drag  and drop the objects from a source tier to a destination tier through one or more intermediate tiers. The gesture based authentication-key (also referred as password interchangeably) is formed on the basis of number of objects selected along with the sequence of dragging and dropping the selected objects. The method can allow the user to select objects independent of previous iteration  thereby enabling very high rejection for a fraudster. The method described herein exponentially increases the security level with a small increase in the number of objects in any of the tiers.
[0020] Further  the present invention has wide application to any type of system or application such as small screen devices  defense systems  Automated Teller Machine (ATM)  door security systems or any other system. The method described herein being graphical and can be implemented in a touch screen environment of high security system. This method can be conveniently used by literate  illiterate  or people having difficulty in recalling or remembering alphanumeric passwords. The graphical gesture based authentication provides easy integration of the method into devices used by kids. The method can facilitate the user to tune the security level of the authentication mechanism as per the user requirement. The user can increase the number of objects and/or the intermediate tiers in the authentication key to increase the security level.
[0021] Throughout the description  the term source tier and first tier is used interchangeably. The term destination tier and second tier are used interchangeably. The term gesture and pattern are used interchangeably. The term touch screen device and touch screen environment are used interchangeably.
[0022] Referring now to the drawings  and more particularly to FIGS. 1 through 7  where similar reference characters denote corresponding features consistently throughout the figures  there are shown preferred embodiments.
[0023] FIG. 1 illustrates a touch screen device 100 with modules  in accordance with various embodiments of the present invention. The touch screen device 100 described herein can be configured to include a display module 102  a touch interface module 104  a storage module 106  and a communication interface module 108. The display module 102 of the touch screen device 100 can be configured to display multiple objects into multiple classes and multiple tiers. This display enables the user to select  drag  and drop the objects during authentication. The touch interface module 104 can be configured to extract gesture provided by the user on the touch screen device 100. The storage module 106 can be a memory space used to store multiple objects  and registered authentication keys. In an example  the storage module 106 can be an internal memory such as Random Access Memory (RAM)  Read Only Memory (ROM)  or external memory. The communication interface module 108 can be configured to provide a mechanism for the touch screen device 100 to enable external communication with other devices.
[0024] In an embodiment  the touch screen device 100 described herein can be mobile phone  Personal Digital Assistant (PDA)  personal computer  handheld device  portable electronic device  communicators  laptop  and the like.
[0025] FIG. 2 illustrates a flow diagram 200 explaining a method for authenticating a user of the touch screen device 100  in accordance with various embodiments of the present invention. The authentication method for securing the touch screen device 100 can involve two phases: authorization or registration phase  and authentication or verification. In an example  the authorization can be defined as a process of setting the touch screen device 100 with gesture or pattern of the user’s choice  with the help of the objects selected by the user. This authorized gesture forms the authentication key. In addition  the number of objects selected to create the gesture determines the authentication-key length. In an example  the authentication can be defined as a process  where the user presents the authorized pattern to gain access to the touch screen device 100.
[0026] At step 202 of the flow diagram 200  the touch screen device 100 displays multiple objects in multiple tiers. At step 204  the user selects an object among multiple objects in the first tier. At step 206  the user drops the selected object from the first tier to the last tier via one of the multiple elements at every intermediate tiers. In an example  the method allows the touch screen device 100 to display the multiple predefined intermediate tiers during the authorization process. In an example  during the authentication process  the user drops the selected object from the source tier to the destination tier by passing through one element at each intermediate tier. The touch screen device 100 verifies whether the gesture performed by the user matches the gesture defined during authorization (registration). In an embodiment  the path taken by the dropped object can be displayed on the screen  thereby helping the user to track the path. In an example  the method can record the number of objects dropped and sequence of the dropped objects.
[0027] At step 208  the touch screen device 100 checks whether the number of objects dropped by the user matches the authentication-key length. If the dropped objects does not matches with the authentication-key length  then the touch screen device 100 retains the object displayed on the screen which enables the user to complete the selection and dropping sequence . In an embodiment  at step 210  upon a successful match of the dropped objects with the authentication-key length  the touch screen device 200 compares the recorded objects along with their paths to the stored (authorized) authentication-key.
[0028] In an embodiment  at step 212  if the stored authentication-key does not matches with the objects dropped by the user  then the method allows the touch screen device 200 to repeat the steps 202-212. In an embodiment  at step 214  the user is allowed to access the touch screen device 100after a successful match. It may be noted that various actions performed in the flow diagram 200 may be performed in the order presented  and/or in a different order. Further  in some embodiments  some actions listed in FIG. 2 may be omitted.
[0029] FIG. 3 illustrates an authentication-key using two tiers  in accordance with various embodiments of the present invention. The two-tiers described herein can include a source tier 300 and a destination tier 302 respectively. In an example  the source tier 300 can include elements  and O4 (referred as objects)  while the destination tiers 302 can include elements (referred as bins).
[0030] In general  the source set O can include multiple elements a (referred as objects) and destination set B can include multiple elements ß (referred as bins) such as described in equations 1 and 2:
O= O1  O2  O3 ….Oa (1)
B= B1  B2  B3  … Bß (2)
[0031] In an embodiment  for authorizing the touch screen device 100  the user drag and drop an object from the source set O into the bin of the destination set B. For example  the user can drag and drop an object O1 from the source set O into the bin B1. In an example  the user can repeat the process for different objects. For each of the iterations  the selection of the object from the source set O or the bin from the destination set B are independent to the corresponding selection in the previous iterations. Thus  the method enables the user to select the objects and bins repeatedly. The sequence or order of dropping the objects from the source set O into the bins of the destination set B can be considered as the authentication-key. Further  the number of objects dropped from the source set into the bins of the destination set can provide the authentication key length (L). The objects of the source set O can be dropped into bins of destination set B based on the equation given below:
(3)
(4)
(5)
(6)
(7)
[0032] Where ? represents dropping of elements from one set to the other. In an example  the qth iteration of dropping the source set element Oi into the destination element Bj can be considered as . The sequential order is the authentication-key  and L is authentication key length
[0033] FIG. 3 explains the process of authentication using two tiers of the objects. In an example  the source tier 300 can include four elements O1  O2  O3  and O4 (referred as objects) and the destination tier 302 can include three elements B1  B2  and B3 (referred as bins). The sequence/order of objects dropped into the respective bins can serve as the authorized authentication key. The sequence order as shown in FIG. 3 for authentication key length (L=7) is given in equations below
(8)
(9)
(10)
(11)
(12)
(13)
(14)
[0034] The equations 8  9  10  11  12  13  and 14 show actions performed by the user during the authorization. In an example  during the first iteration  the object O1 of the source tier 300 can be dropped into the bin B1 of the destination tier 301. In an example  during the second iteration  the object O2 of the source tier 300 can be dropped into the bin B3 of the destination tier 301. In an example  during the third iteration  the object O4 of the source tier 300 can be dropped into the bin B3 of the destination tier 301. In an example  during the fourth iteration  the object O3 of the source tier 300 can be dropped into the bin B2 of the destination tier 301. In an example  during the fifth iteration  the object O1 of the source tier 300 can be dropped into the bin B2 of the destination tier 301. In an example  during the sixth iteration  the object O2 of the source tier 300 can be dropped into the bin B1 of the destination tier 301. In an example  during the seventh iteration  the object O4 of the source tier 300 can be dropped into the bin B3 of the destination tier 301  thereby making authentication key length L equal to seven with authentication key as .
[0035] In an embodiment  during authentication process  the user drops the objects O1  O2  O3  and O4 of the source tier 300 into the bins B1  B2  and B3 of the destination tier 301 in the same sequence order such as   according to the authorized authentication key with length seven. In an embodiment  if the user fails to follow the authentication key sequence order  then the user can be denied access to the touch screen device 100.
[0036] In an embodiment  the user can select the elements of the source set and the destination set from equations 1 and 2. The source set and destination set can use different elements. For example  if the device is being used by kids’  elements in the source tier 300 can be fruits and the elements in the destination tier 302 can be baskets or boxes. In another example  the elements in the source tier 300 can include a video clip (or a live video) of various sporting events and the elements in the destination tier 302 can include display names of these sporting events. The user can then drop the selected video clip to the corresponding sporting events.
[0037] In an embodiment  the elements in the source tier 300 and the destination tier 302 can be toys  pets  cage  a combination there of  or any other element. In an example  these elements can be stored in storage module 106 as a gallery set.
[0038] FIG. 4 illustrates the authentication-key using one intermediate tier with channels  in accordance with various embodiments of the present invention. In an embodiment  the method described herein can provide enhanced security to the touch screen device 200 by allowing the user to use multiple intermediate tiers (such as C1  C2 ……..  C?) between the source tier 300 and the destination tier 302. As described in the equations 1 and 2  the source set O and the destination set B can include multiple elements. In an example  each of the intermediate tiers can also include multiple elements referred to as channels. The intermediate tiers C1  C2 …… C? can include indefinite number of channels referred as ?  d … ? channels respectively  where = 0 and ?  d …  ? › 1.
[0039] The generic form of all the elements in all the tiers used by the method described herein during the authentication mechanism is as follows:
O= O1  O2  O3….Oa a > 0 (15)
(16)
(17)
(18)
(19)

B= B1  B2  B3  …….Bß ß > 0 (20)
[0040] In an example  the L represents the number of objects dropped from the source tier 300 to the bins in the destination tier 302 via one channel and the sequence/order of dropping the objects into the bins forms the authentication key. In an example  the q th iteration of dropping the object Oi from the source tier 300 into the bin Bj of the destination tier 302 via the channels such as at the intermediate tiers  such as 1  2 …..   can be given as . Where        and .
[0041] In an example  each of the selected objects Oi of the source tier 300 passes through one channel at each intermediate tier before being dropped into one of the selected bin Bj of the destination tier 302. The sequence/order of dropping the objects from the source set O to the destination set B is as follows:
(22)
(23)
(24)
(25)
[0042] Where ? represents dropping of elements from one set to other.
[0043] In the generalized form cik represents channel k at the intermediate tier i. The qth iteration of dropping the source set object Oi into the destination bin Bj  through the channels at the intermediate tiers 1  2  …..   can be represented as . The generalized sequence order giving the authentication key of length (L) is given as
(26)
[0044] FIG. 4 shows the source tier 300  the destination tier 302  and the intermediate tier 400. The intermediate tier 400 described herein can include two such as channels c11 and c12. The user authorizes the authentication key by dropping the objects from the source tier 300 into the bins of the destination tier 302 through the channels of the intermediate tier 400. In an embodiment  the user can drop the objects in a specific user selected sequence order. In an example  during the first iteration the user can drop the O1 to B1 through the c11 during the second iteration the user can drop the O2 to B3 through the c12  during the third iteration the user can drop the O4 to B3 through the c12  during the fourth iteration the user can drop the O3 to B2 through the c11  during the fifth iteration the user can drop the O1 to B2 through the c12  during the sixth iteration the can drop the O2 to B1 through the c11  and during the seventh iteration the user can drop the O4 to B3 through the c12. In an example  the authentication key length (L) can therefore be equal to seven and authentication key can be described as .
[0045] In an example  if a user wants to gain access to the touch screen device 100  then the user has to drop the objects of the source tier 300 to the destination tier 302. The sequence/order of dropping the objects should be same as the authentication key. If the user fails to follow the defined sequence  then the user is denied access the touch screen device 100.
[0046] FIG. 5 illustrates the authentication-key using two intermediate tiers with channels  in accordance with various embodiments of the present invention. FIG. 5 shows the source tier 300  the destination tier 302  and  the two intermediate tiers 500 and 502. The intermediate tiers are provided between the source tier 300 and the destination tier 302. In an example  the intermediate tier 500 can include two channels such as c11 and c12  and the intermediate tier 502 can inc include three channels such as c21  c22  and c23. The user of the touch screen device 100 authorizes the authentication key by dropping the objects from the source tier 300 to the bins of the destination tier 302  via the channels of the intermediate tiers 500 and 502 in a user specific selected sequence. In an example  the sequence shown in FIG. 5 gives the authentication key of length of seven as given by .
[0047] FIG. 6 illustrates generally  the authentication-key of randomly ordered objects and bins  in accordance with various embodiments of the present invention. In an example  as shown in the FIG. 5  the objects are randomly arranged between the source tier 300 and the destination tier 302. In an example  the order of objects of the source tier 300 is changed to O2  O1  O3  and O4 and the order of bins of the destination tier 302 is changed to B2  B1  and B3. This random or shuffled arrangement of the objects and the bins can be done for every instance of the authentication so that the imposter or fraudster can get confused. Thus  the sequence/order of dropping the objects into the bins remains unchanged and is known only to the authorized user.
[0048] In an example  the authentication key created during the authorization process can include dropping the object O1 of the source tier 300 into the bin B1 of the destination tier 302 during the first iteration  dropping the object O2 of the source tier 300 into the bin B3 of the destination tier 302 during the second iteration  dropping the object O4 of the source tier 300 into the bin B3 of the destination tier 302 during the third iteration  dropping the object O3 of the source tier 300 into the bin B2 of the destination tier 302 during the fourth iteration  dropping the object O1 of the source tier 300 into the bin B2 of the destination tier 302 during the fifth iteration  dropping the object O2 of the source tier 300 into the bin B1 of the destination tier 302 during the sixth iteration  and dropping the object O4 of the source tier 300 into the bin B3 of the destination tier 302 during the seventh iteration. In an example  this seven iteration process defines the authentication key length (L) equal to seven with the authentication key as .
[0049] In an example  the authentication key defined herein is same as defined in the FIG. 3  but differs in the pattern of dropping the objects of source tier 300 into the bins of the destination tier 302. In an example  the fraudster  who mimics the observed pattern  is denied from using the touch screen device 100. Thus  the method provides enhanced security to the touch screen device 100 such as by randomly ordering the displayed objects (rather than having fixed or static display pattern).
[0050] In an embodiment  the user location can be identified from applications like Global Positioning System (GPS)  system time and date application installed in the touch screen device 100  user profiles  or any other application. Further  based on the user location information  the method can allow the touch screen device 100 to accordingly change the display or gallery set of the screen. For example  the user can authorize the touch screen device 100 with different gallery sets.
[0051] In an embodiment  the method can facilitate the touch screen device 100 to add empty or dummy bins among the existing bins of the destination tier 302. Any objects from the source tier 300 dropped into the dummy bins can be either ignored or considered based on the authorized user preferences. If a user recognizes a potential impostor  then the user can drop the objects into the dummy bin  which may not be accounted  based on the authorized user preferences. Thus  an imposter who may be trying to imitate the user gesture is unaware of the dummy bin and fails to access the touch screen device 100. In an embodiment  the dummy objects can be a part of the objects of the source tier 300. The dummy objects dropped into the true bins or dummy bins can be ignored. These dummy objects of the source tier 300 or the dummy bins of the destination tier 302 can increase the security level by providing many folds as compared to the static pattern based authentication.
[0052] In an embodiment  the method can facilitate the touch screen device 100 to perform multiple authentication checks where every authentication check can be tuned to different security levels based on the user requirements. For example  the user can have a low security level of authentication for unlocking the smart phone but can include authentication check with high security level for certain important file or folder. The security level can be configured by the user by using more number of intermediate tiers  thereby allowing the user to allow any other person to access the smart phone without worrying about the confidential information being disclosed.
Analysis
[0053] The comparative analysis shows that the proposed method is highly secured than the existing gesture based authentication method. The evaluation metrics presents mathematical analysis of the method with the existing methods. The source-tier 300 represented by the source set O and the destination tier 301 represented by the destination set B  as in the equations 1 and 2  has and objects respectively  where the intermediate tiers can include channels respectively. The existing method includes only one set of objects such as alphabet set such as to achieve fair comparisons. The summation of the number of elements from all the tiers of can include the source tier  the destination tier  and all the intermediate tiers is considered as the alphabet set having size where
(27)
[0054] The metrics used for the comparison can be for example  Elimination Combinations (EC)  Visual Eliminations (VE)  and Effective Eliminations (EE).
[0055] The EC described herein can be defined as the number of wrong combinations or challenges or rejections that the system posses for the fraud user or impostor. Higher the elimination  greater is the security. In the method disclosed  for each of the iterations  the selection of the elements from the source  destination or intermediate tiers is independent on the corresponding selection in the previous iterations. The EC for authentication key of length L is given below
EC = (a × ß × ? × d  • • • ?)L (28)
[0056] In the existing gesture based authentication method  there exists a constraint that the selected object from the alphabet set ? could not be repeated. The existing system elimination combinations (PEC)  for authentication key of length L is
PEC= (29)
[0057] The VE described herein can be considered provided the impostor or fraud has a chance to visually observe the authentication-key  during the authorized user is authenticating the graphically secured touch screen device 100. The fraud user can gain access to the touch screen device 100 such as by providing the observed authentication pattern or gesture. The VE gives the total number of background variations to enter the authenticating pattern. The VE of the method is given as below
V E = a! × ß! × ?! × d!  • • • ?! (30)
Thus  the visual eliminations is constant and is given by
P V E = CONSTANT (31)
[0058] The EE described herein gives the total number of rejections or the difficulties that the system posses for the fraud user or impostor due to elimination combinations and visual elimination. Since the elimination chances and visual eliminations are mutually dependent  the effective elimination of the fraud user for the proposed system (EE) is
EE = EC × V E (32)
While  the effective elimination of the fraud user for the existing method (PEE) is given by
PEE = PEC × PVE (33)
Mathematical Analysis
[0059] The mathematical analysis of the method and the system (derived from equations 28 and 29) shows the elimination combination (EC) of the method is exponential. The existing system elimination combinations (PEC) are factorial with respect the authentication key of length L. If the fraud or impostor user is aware of the length L of the authentication key then from equation 28  the proposed system poses (a! × ß! × ?! × d!  • • • ?!)L elimination combinations. That is  the impostor being successful is 1: (a × ß × ? × d  • • •   ?)L  thereby allow the user to repeatedly select an element in all the tiers. So  if the fraud or impostor user is not aware of the length L of the authentication key  then the proposed system poses
EC = (a × ß × ? × d  • • • ?)8
Number of elimination combinations. That is  the fraud user being successful is 1: 8. The chances of the impostor being successful are very low. The equation 21 shows that the security of the proposed system is directly proportional to the number of elements in all the tiers such as the source tier a  the destination tier ß  and the number of channels ?  d  • • • ? at the intermediate tiers 1  2  • • • respectively. Hence  varying these parameters will vary the security level exponentially. Thus  with a small increase in these parameters  high security level can be achieved as compared to the existing method.
[0060] From equations 30 and 31  the VE generated in the proposed system is the product of factorial of the number of elements in each tier  while in the existing system it is constant. By increasing the number of elements in any of the multiple tiers by a small value  the VE generated increases significantly compared to the PVE generated by the existing system. Hence  it can be said that the method addresses consistent visual attack by a fraudster better than the existing system. The effective elimination is the product of the EC and visual eliminations.
[0061] FIG. 7 illustrates a computing environment implementing the application  according to embodiments disclosed herein. As depicted  the computing environment includes at least one processing unit that is equipped with a control unit and an Arithmetic Logic Unit (ALU)  a memory  a storage unit  plurality of networking devices  and a plurality Input output (I/O) devices. The processing unit is responsible for processing the instructions of the algorithm. The processing unit receives commands from the control unit in order to perform its processing. Further  any logical and arithmetic operations involved in the execution of the instructions are computed with the help of the ALU.
[0062] The overall computing environment can be composed of multiple homogeneous and/or heterogeneous cores  multiple CPUs of different kinds  special media and other accelerators. The processing unit is responsible for processing the instructions of the algorithm. The processing unit receives commands from the control unit in order to perform its processing. Further  any logical and arithmetic operations involved in the execution of the instructions are computed with the help of the ALU. Further  the plurality of process units may be located on a single chip or over multiple chips.
[0063] The embodiments disclosed herein can be implemented through at least one software program running on at least one hardware device and performing network management functions to control the elements. The elements shown in Figs. 1 and 7 include blocks  which can be at least one of a hardware device  or a combination of hardware device and software module.
[0064] The foregoing description of the specific embodiments will so fully reveal the general nature of the embodiments herein that others can  by applying current knowledge  readily modify and/or adapt for various applications such specific embodiments without departing from the generic concept  and  therefore  such adaptations and modifications should and are intended to be comprehended within the meaning and range of equivalents of the disclosed embodiments. It is to be understood that the phraseology or terminology employed herein is for the purpose of description and not of limitation. Therefore  while the embodiments herein have been described in terms of preferred embodiments  those skilled in the art will recognize that the embodiments herein can be practiced with modification within the spirit and scope of the embodiments as described herein.

STATEMENT OF CLAIMS
What is claimed is:
1. A method for authenticating a user in a touch screen environment  the method comprising:
detecting a gesture performed by said user  wherein said gesture comprises dropping at least one object from a first tier to a second tier; and
authenticating said user  if said gesture matches with a registered gesture.
2. The method of claim 1  wherein said gesture further comprises dropping said at least one object from said first tier to said second tier through at least one intermediate tier.
3. The method of claim 1  wherein said registered gesture comprises dropping at least one object in said first tier to at least one object in said second tier in at least one iteration.
4. The method of claim 3  wherein said registered gesture further comprises dropping said at least one object from said first tier to a different object in said second tier in successive iterations.
5. The method of claim 4  wherein said at least one object dropped is equal to an authentication-key length.
6. The method of claim 1  wherein said at least one object of said first tier and said second tier is displayed on said touch screen environment.
7. The method of claim 2  wherein said at least one intermediate tier is displayed between said first tier and said second tier in said touch screen environment.
8. The method of claim 1  wherein said registered gesture is set by an administrator.
9. The method of claim 1  wherein said detecting comprises recording number of objects dropped in said gesture.
10. The method of claim 1  wherein said authenticating comprises matching the sequence of dropping the objects.

Dated: 10th day of September  2012 Signature:
Dr. Kalyan Chakravarthy.
Patent Agent

ABSTRACT
The invention provides a method for authenticating a user in a touch screen environment. The method includes detecting a gesture and authenticating the user based on the matching of the detected gesture with a registered gesture. The gesture includes dropping objects from a first tier to a second tier or dropping objects from the first tier to the second tier via intermediate tiers.

FIG. 2