System and method for authenticating users in a computer network
First Claim
1. A method of controlling access in a computer network environment comprising the steps of:
- (a) receiving a user identification of a user from a card reader which obtains the user identification from an ID card containing same;
(b) determining whether there exists an authentication rule associated with the user based on the user identification received from the card reader;
(c) prompting the user to provide biometric information according to the authentication rule associated with the user if it is determined that the authentication rule associated with the user exists;
(d) prompting the user to provide biometric information according to a system default authentication rule if it is determined that the authentication rule associated with the user does not exist;
(e) capturing the biometric information;
(f) retrieving a stored biometric information associated with the user identification;
(g) comparing the captured biometric information with the retrieved biometric information; and
(h) completing a log-on procedure if the captured biometric information corresponds to the retrieved biometric information.
9 Assignments
0 Petitions
Accused Products
Abstract
A rule based biometric user authentication method and system in a computer network environment is provided. Multiple authentication rules can exist in the computer network. For example, there may be a default system-wide rule, and a rule associated with a particular user trying to log in. There may be other rules such as one associated with a remote computer from which the user is logging in, one associated with a group to which the user belongs, or one associated with a system resource to which the user requires access such as an application program or a database of confidential information. An order of precedence among the rules is then established which is used to authenticate the user.
101 Citations
24 Claims
-
1. A method of controlling access in a computer network environment comprising the steps of:
-
(a) receiving a user identification of a user from a card reader which obtains the user identification from an ID card containing same;
(b) determining whether there exists an authentication rule associated with the user based on the user identification received from the card reader;
(c) prompting the user to provide biometric information according to the authentication rule associated with the user if it is determined that the authentication rule associated with the user exists;
(d) prompting the user to provide biometric information according to a system default authentication rule if it is determined that the authentication rule associated with the user does not exist;
(e) capturing the biometric information;
(f) retrieving a stored biometric information associated with the user identification;
(g) comparing the captured biometric information with the retrieved biometric information; and
(h) completing a log-on procedure if the captured biometric information corresponds to the retrieved biometric information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method of controlling access in a computer network environment comprising the steps of:
-
(a) receiving a user identification of a user from a card reader which obtains the user identification from an ID card containing same;
(b) determining whether there exists an authentication rule associated with the user based on the user identification received from the card reader;
(c) authenticating the user with a captured biometric information and a previously stored biometric information according to the authentication rule associated with the user if it is determined that the authentication rule associated with the user exists; and
(d) authenticating the user with a captured biometric information and a previously stored biometric information according to a system default authentication rule if it is determined that the authentication rule associated with the user does not exists. - View Dependent Claims (12, 13, 14)
-
-
15. A method of controlling access in a computer network environment comprising the steps of:
-
(a) receiving first and second user identification of a user from a card reader which obtains the user identifications from an ID card containing same, the first user identification identifying the user and the second user identification identifying a group to which the user belongs;
(b) determining whether there exists an authentication rule associated with the user based on the first user identification received from the card reader;
(c) if it is determined that the authentication rule associated with the user exists, prompting the user to provide biometric information according to the authentication rule associated with the user and proceeding to step (e), and if is determined that the authentication rule associated with the user does not exist, determining whether there exists an authentication rule associated with a group to which the user belongs based on the second user identification received from the card reader;
(d) if it is determined that the authentication rule associated with the group to which the user belongs exists, prompting the user to provide biometric information according to the authentication rule associated with the group and proceeding to step (e), and if it is determined that the authentication rule associated with the group also does not exist, prompting the user to provide biometric information according to a system default authentication rule and proceeding to step (e);
(e) capturing the biometric information;
(f) retrieving a stored biometric information associated with the applicable authentication rule;
(g) comparing the captured biometric information with the retrieved biometric information; and
(h) completing a log-on procedure if the captured biometric information corresponds to the retrieved biometric information.
-
-
16. A method of controlling access in a computer network environment comprising the steps of:
-
(a) receiving first and second user identification of a user from a card reader which obtains the user identifications from an ID card containing same, the first user identification identifying the user and the second user identification identifying a group to which the user belongs;
(b) determining whether there exists an authentication rule associated with the user based on the first user identification received from the card reader and if so, authenticating the user with a captured biometric information and previously stored biometric information according to the authentication rule associated with the user;
(c) if is determined that the authentication rule associated with the user does not exist determining whether there exists an authentication rule associated with a group to which the user belongs based on the second user identification received from the card reader, and if so authenticating the user with a captured biometric information and previously stored biometric information according to the authentication rule associated with the group;
(d) if it is also determined that the authentication rule associated with the group does not exist, authenticating the user with a captured biometric information and previously stored biometric information according to the authentication rule associated with a system default authentication rule. - View Dependent Claims (18)
-
-
17. A method of controlling access in a computer network environment comprising the steps of:
-
(a) receiving a user identification of a user from one of (i) a keyboard into which the user identification is typed, and (ii) a card reader which obtains the user identification from an ID card containing same;
(b) determining whether there exists an authentication rule associated with the user based on the user identification received from the keyboard or the card reader;
(c) prompting the user to provide biometric information according to the authentication rule associated with the user if it is determined that the authentication rule associated with the user exists;
(d) prompting the user to provide biometric information according to a system default authentication rule if it is determined that the authentication rule associated with the user does not exist;
(e) capturing the biometric information;
(f) retrieving a stored biometric information associated with the user identification;
(g) comparing the captured biometric information with the retrieved biometric information; and
(h) completing a log-on procedure if the captured biometric information corresponds to the retrieved biometric information.
-
-
19. A method of controlling access in a computer network environment comprising the steps of:
-
(a) receiving a user identification of a user from one of (i) a keyboard into which the user identification is typed, and (ii) a card reader which obtains the user identification from an ID card containing same;
(b) determining whether there exists an authentication rule associated with the user based on the user identification received from the keyboard or the card reader;
(c) authenticating the user with a captured biometric information and a previously stored biometric information according to the authentication rule associated with the user if it is determined that the authentication rule associated with the user exists; and
(d) authenticating the user with a captured biometric information and a previously stored biometric information according to a system default authentication rule if it is determined that the authentication rule associated with the user does not exists. - View Dependent Claims (20)
-
-
21. A method of controlling access in a computer network environment comprising the steps of:
-
(a) automatically generating a user identification of a user;
(b) determining whether there exists an authentication rule associated with the user based on the automatically generated user identification;
(c) prompting the user to provide biometric information according to the authentication rule associated with the user if it is determined that the authentication rule associated with the user exists;
(d) prompting the user to provide biometric information according to a system default authentication rule if it is determined that the authentication rule associated with the user does not exist;
(e) capturing the biometric information;
(f) retrieving a stored biometric information associated with the user identification;
(g) comparing the captured biometric information with the retrieved biometric information; and
(h) completing a log-on procedure if the captured biometric information corresponds to the retrieved biometric information. - View Dependent Claims (24)
-
-
22. A method of controlling access in a computer network environment comprising the steps of:
-
(a) automatically generating a user identification of a user;
(b) determining whether there exists an authentication rule associated with the user based on the automatically generated user identification;
(c) authenticating the user with a captured biometric information and a previously stored biometric information according to the authentication rule associated with the user if it is determined that the authentication rule associated with the user exists; and
(d) authenticating the user with a captured biometric information and a previously stored biometric information according to a system default authentication rule if it is determined that the authentication rule associated with the user does not exists.
-
-
23. A method of controlling access in a computer network environment comprising the steps of:
-
(a) receiving a user identification of a user from one of (i) a keyboard into which the user identification is typed, and (ii) a card reader which obtains the user identification from an ID card containing same;
(b) determining whether there exists an authentication rule associated with the user based on whether the user identification is received from the keyboard or the card reader;
(c) prompting the user to provide biometric information according to the authentication rule associated with the user if it is determined that the authentication rule associated with the user exists;
(d) prompting the user to provide biometric information according to a system default authentication rule if it is determined that the authentication rule associated with the user does not exist;
(e) capturing the biometric information;
(f) retrieving a stored biometric information associated with the user identification;
(g) comparing the captured biometric information with the retrieved biometric information; and
(h) completing a log-on procedure if the captured biometric information corresponds to the retrieved biometric information.
-
Specification