Security system and method for controlling access to computing resources
DCFirst Claim
1. A system comprising:
- a computing device including a first secured computing resource, the computing device controlling access to the first secured computing resource based on security set up data stored in a dedicated, encrypted portion of a memory of the computing device,wherein the security set up data defines how to use security data to access the first secured computing resource,wherein the security set up data is based on one or more administrator defined options that allow an administrator to define one or more security actions implemented for the first secured computing resource that differ from one or more security actions implemented for a second secured computing resource of the computing device, the one or more security actions consistently implemented for the first secured computing resource across users of the first secured computing resource,wherein the security data used to access the first secured computing resource as defined by the security set up data for the first secured computing resource is stored on a personal digital key,wherein the security data is automatically received by the computing device and used to control access to the first secured computing resource subsequent to wireless communication between the personal digital key and a reader, the reader communicatively coupled to the computing device,wherein the one or more security actions implemented for the first secured computing resource include a biometric confirmation of a second user associated with the personal digital key, andwherein the security data is automatically received subsequent to biometric authentication using a biometric reader at the personal digital key.
1 Assignment
Litigations
0 Petitions
Accused Products
Abstract
A security system comprises a personal digital key (PDK), a reader and a computing device. The PDK is a portable, personal transceiver that includes a controller and one or more passwords or codes. The computing device includes a detection engine, vault storage and a set up module. The detection engine detect events relating to the access of any files and third-party systems by the computing device and receives information from the reader as to whether the PDK is present/linked. The detection engine controls whether a user is able to access any of the functionality provided by the computing device based upon whether the PDK is in communication with the reader or not. The present invention also includes a number of methods such as a method for initializing the security system, a method for setting up a computing device, and a method for controlling access to computing resources.
-
Citations
18 Claims
-
1. A system comprising:
-
a computing device including a first secured computing resource, the computing device controlling access to the first secured computing resource based on security set up data stored in a dedicated, encrypted portion of a memory of the computing device, wherein the security set up data defines how to use security data to access the first secured computing resource, wherein the security set up data is based on one or more administrator defined options that allow an administrator to define one or more security actions implemented for the first secured computing resource that differ from one or more security actions implemented for a second secured computing resource of the computing device, the one or more security actions consistently implemented for the first secured computing resource across users of the first secured computing resource, wherein the security data used to access the first secured computing resource as defined by the security set up data for the first secured computing resource is stored on a personal digital key, wherein the security data is automatically received by the computing device and used to control access to the first secured computing resource subsequent to wireless communication between the personal digital key and a reader, the reader communicatively coupled to the computing device, wherein the one or more security actions implemented for the first secured computing resource include a biometric confirmation of a second user associated with the personal digital key, and wherein the security data is automatically received subsequent to biometric authentication using a biometric reader at the personal digital key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method comprising:
-
receiving, by a computing device, security data used to access a first secured computing resource of the computing device as defined by security set up data for the first secured computing resource, the security data received automatically and subsequent to wireless communication between a personal digital key and a reader subsequent to biometric authentication using a biometric reader at the personal digital key, wherein the security data used to access the first secured computing resource, as defined by the security set up data for the first secured computing resource, is stored on the personal digital key; determining security set up data defining how to use the security data to access the first secured computing resource of the computing device, the security set up data stored in a dedicated, encrypted portion of a memory of the computing device, the security set up data based on one or more administrator defined options that allow an administrator to define one or more security actions implemented for the first secured computing resource that differ from one or more security actions implemented for a second secured computing resource of the computing device, the one or more security actions consistently implemented for the first secured computing resource across users of the first secured computing resource and including a biometric confirmation of a user associated with the personal digital key; and allowing access, by the computing device, to the first secured computing resource of the computing device based on the received security data and the security set up data for the first secured computing resource. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
-
Specification