Mode-based access control method and device

US 10,263,990 B2
Filed: 03/24/2015
Issued: 04/16/2019
Est. Priority Date: 08/10/2005
Status: Expired due to Fees

First Claim

Patent Images

1. A mode-based access control method comprising:

making a security mode list which indicates security setting states of devices existing in a network, wherein the devices contain access control lists, wherein the security mode list comprises a first security mode and a second security mode in which at least one of access and control of the devices is more restrictive than access in the first security mode and which has a higher priority than the first security mode;

assigning the first security mode to a first user, selected from a plurality of security modes on the security mode list, when the first user accesses the network;

making the devices perform functions thereof in the first security mode by collectively changing the security setting states of each of the devices based on the first security mode, wherein collectively changing the security setting states comprises synchronizing the access control lists of the devices in accordance with the first security mode, wherein the functions are performed in accordance with the access control lists;

comparing mode priorities of the first security mode and the second security mode corresponding to a second user, selected from the plurality of security modes on the security mode list when the second user accesses the network while the first user maintains access to the network; and

converting the first security mode to the second security mode based on a result of the comparing,wherein, in the second security mode, at least one of control and access to at least some of the devices is restricted, andwherein the priority indicates whether the first security mode or the second security mode is chosen based on the first user and the second user being connected to the network at same time.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Provided is a mode-based access control method that includes: making a security mode list which indicates security setting states of devices existing in a home network; setting a specific security mode selected from the modes on the security mode list; and making the devices perform functions thereof in the specific security mode. Also, provided is a mode-based access control device includes: an authentication unit which checks information on a user and authenticates the user; a mode configuration unit which makes a security mode list indicating the security setting state of devices forming a home network; a mode setting unit which sets a specific security mode selected from modes on the security mode list; and an operating unit which causes the devices to perform functions thereof in the specific security mode.

Citations

7 Claims

1. A mode-based access control method comprising:
- making a security mode list which indicates security setting states of devices existing in a network, wherein the devices contain access control lists, wherein the security mode list comprises a first security mode and a second security mode in which at least one of access and control of the devices is more restrictive than access in the first security mode and which has a higher priority than the first security mode;
  
  assigning the first security mode to a first user, selected from a plurality of security modes on the security mode list, when the first user accesses the network;
  
  making the devices perform functions thereof in the first security mode by collectively changing the security setting states of each of the devices based on the first security mode, wherein collectively changing the security setting states comprises synchronizing the access control lists of the devices in accordance with the first security mode, wherein the functions are performed in accordance with the access control lists;
  
  comparing mode priorities of the first security mode and the second security mode corresponding to a second user, selected from the plurality of security modes on the security mode list when the second user accesses the network while the first user maintains access to the network; and
  
  converting the first security mode to the second security mode based on a result of the comparing,wherein, in the second security mode, at least one of control and access to at least some of the devices is restricted, andwherein the priority indicates whether the first security mode or the second security mode is chosen based on the first user and the second user being connected to the network at same time.
- View Dependent Claims (2, 6)
- - 2. The mode-based access control method of claim 1,wherein the security mode list comprises:
    - a parent mode, which is the first security mode and which is set by only a host user having unlimited authority for access to all the devices forming the network;
      
      a child mode, which is the second security mode, which is set by a child user having limited authority for access to some of the devices, services or content provided by the devices; and
      
      a guest mode, which is a third security mode and which is set by a guest user that cannot access all the devices forming the network but who has temporary access granted by the host user, wherein the third security mode has a lower priority than the second security mode.
  - 6. The mode-based access control method of claim 1,wherein the setting of the first security mode comprises:
    - performing user authentication to check whether the first user has authority to set the first security mode;
      
      if the first user has authority to set the first security mode, setting the first security mode.

3. A mode-based access control device comprising:
- an authentication unit which checks information on a first user or a second user, and authenticates the first user or the second user;
  
  a mode configuration unit which makes a security mode list indicating security setting states of devices forming a network, if the first user has authority to make the security mode list;
  
  a mode setting unit which sets, according to the user, a specific security mode selected from among a plurality of security modes on the security mode list comprising a first security mode and a second security mode in which at least one of access and control of the devices is more restrictive than access in the first security mode and which has a higher priority than the first security mode, if the second user has authority to set the specific security mode, and collectively changes the security setting states of each of the devices based on the specific security mode;
  
  an operating unit which causes the devices to perform functions thereof in the specific security mode; and
  
  a mode converting unit which compares mode priorities of the security modes and converts all or some of the devices to the security mode having a higher mode priority based on a result of the comparing when both the first user and the second user are authenticated,wherein the devices contain access control lists,wherein the mode setting unit comprises a security console function unit that synchronizes the access control lists of the devices in accordance with the specific security mode when the specific security mode is selected,wherein the operating unit causes the devices to perform functions in accordance with the access control lists,wherein, in the second security mode, at least one of control and access to at least some of the devices is restricted, andwherein the priority indicates whether the first security mode or the second security mode is chosen based on the first user and the second user being connected to the network at same time.
- View Dependent Claims (4, 5)
- - 4. The mode-based access control device of claim 3,wherein the security mode list comprises:
    - a parent mode, which is the first security mode and which is set by only a host user having unlimited authority for access to all the devices forming the network;
      
      a child mode, which is the second security mode and which is set by a child user having limited authority for access to some of the devices, services or content provided by the devices; and
      
      a guest mode, which is a third security mode and which is set by a guest user that cannot access all the devices forming the network but who has temporary access granted by the host user.
  - 5. The mode-based access control device of claim 3,wherein the mode configuration unit comprises:
    - a mode editing unit which edits the security mode list by adding a new security mode to the security mode list, by removing an existing security mode from the security mode list or changing an existing security mode in the security mode list.

7. A mode-based access control device comprising:
- an authentication unit which checks information on a first user or a second user, and authenticates the first user or the second user;
  
  a mode configuration unit which makes a security mode list indicating security setting states of devices forming a network, if the first user has authority to make the security mode list;
  
  a mode setting unit which sets, according to the user, a specific security mode selected from security modes on the security mode list, if the second user has authority to set the specific security mode, and collectively changes the security setting states of each of the devices based on the specific security mode;
  
  an operating unit which causes the devices to perform functions thereof in the specific security mode; and
  
  a mode converting unit which compares mode priorities of the security modes and converts all or some of the devices to the security mode having a higher mode priority based on a result of the comparing when both the first user and the second user are authenticated,wherein the devices contain access control lists,wherein the mode setting unit comprises a security console function unit that synchronizes the access control lists of the devices in accordance with the specific security mode when the specific security mode is selected,wherein the operating unit causes the devices to perform functions in accordance with the access control lists,wherein the all or some of the devices are subsequently converted back to a prior security mode when the authentication of an existing user with the higher mode priority is released while the authentication of the other existing user is maintained,wherein the higher mode priority is a more restrictive security mode in which at least one of control and access to at least some of the devices are restricted, andwherein a security mode with the higher mode priority is selected regardless of which one of the first user and the second user is first authenticated.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
Samsung Electronics Co. Ltd.
Inventors
Son, Kyoung-ho, Yook, Hyun-gyoo, Lee, Sung-Min, Oh, Seung-Jae, Han, Se-Hee
Primary Examiner(s)
Yang, James J

Application Number

US14/666,742
Publication Number

US 20150195287A1
Time in Patent Office

1,484 Days
Field of Search
US Class Current
CPC Class Codes

H04L 41/0883   Semiautomatic configuration...

H04L 41/0893   Assignment of logical group...

H04L 63/101   Access control lists [ACL]

H04L 63/105   Multiple levels of security

H04L 63/20   for managing network securi...

Mode-based access control method and device

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

7 Claims

Specification

Solutions

Use Cases

Quick Links

Mode-based access control method and device

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

7 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links