SECURE ACCESS SUPERSESSION ON SHARED WORKSTATIONS

US 20140109243A1
Filed: 10/15/2013
Published: 04/17/2014
Est. Priority Date: 10/15/2012
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for transitioning access to a shared desktop on a workstation connected to a computer network, the workstation currently running, on the desktop, at least one application launched at the request of a first user, the method comprising the steps of:

recognizing, by the workstation, a use request by a second user;

receiving, by the workstation via the network, an authorization from a server for the second user to access the desktop on the workstation; and

causing the workstation to (i) hide without shutting down at least one application launched at the request of the first user, (ii) allow the second user to log on to the workstation to thereby access the shared desktop, (iii) launch at least one application requested by the second user, (iv) allow the second user to log off the workstation and, following log-off of the second user, (v) unhide the at least one application launched at the request of the first user.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Transitions between users at shared workstations that permit access to private health information or other secure data may be handled, without incurring unnecessary delays due to shut-down of all applications used by the departing user, by selectively hiding applications with sensitive information on a shared desktop while allowing temporary system access for the interrupting user.

Citations

22 Claims

1. A computer-implemented method for transitioning access to a shared desktop on a workstation connected to a computer network, the workstation currently running, on the desktop, at least one application launched at the request of a first user, the method comprising the steps of:
- recognizing, by the workstation, a use request by a second user;
  
  receiving, by the workstation via the network, an authorization from a server for the second user to access the desktop on the workstation; and
  
  causing the workstation to (i) hide without shutting down at least one application launched at the request of the first user, (ii) allow the second user to log on to the workstation to thereby access the shared desktop, (iii) launch at least one application requested by the second user, (iv) allow the second user to log off the workstation and, following log-off of the second user, (v) unhide the at least one application launched at the request of the first user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 15, 16)
- - 2. The method of claim 1, wherein (i) the workstation is running a plurality of applications launched at the request of the first user and (ii) at least some of the running applications have access to secure data and are hidden.
  - 3. The method of claim 2, wherein at least one of the running applications does not have access to secure data and are not hidden.
  - 4. The method of claim 2, wherein the second user is authorized to view at least one of the running applications and that application is not hidden.
  - 5. The method of claim 1, further causing the workstation to launch a screen saver before allowing the second user to log on.
  - 6. The method of claim 1, wherein the use request includes an identifier associated with the second user, the method further comprising, transmitting, by the workstation via the network, the identifier to the server.
  - 7. The method of claim 1, wherein the use request is issued by an authentication token.
  - 8. The method of claim 7, wherein the authentication token is a mobile device that communicates initially with the server, the use request being transmitted with the authorization from the server to the workstation.
  - 9. The method of claim 1, further comprising the step of requiring, by the workstation, a secondary form of authentication by the second user prior to allowing the second user to log on to the workstation.
  - 10. The method of claim 1, wherein following log-on of the second user, at least one application is launched automatically.
  - 11. The method of claim 10, wherein the at least one automatically launched application is specified by a database record of the second user accessed by the server.
  - 12. The method of claim 10, wherein the at least one automatically launched application is determined at least in part based on activity logs of the second user.
  - 13. The method of claim 1, further comprising the step of preventing the second user from unhiding the at least one application launched at the request of the first user.
  - 15. The workstation of claim 13, wherein the processor is configured to (i) run a plurality of applications launched at the request of the first user, at least some of the applications having access to secure data, and (ii) selectively hide only the applications that have access to secure data.
  - 16. The workstation of claim 15, wherein the processor is configured to selectively hide only applications that have access to secure data and which the second user is not authorized to view.

14. A workstation configured for transitioning access to a shared desktop, the workstation comprising:
- a reader for detecting and obtaining data from an authentication token;
  
  a network interface;
  
  at least one user interface device; and
  
  a processor responsive to the reader and configured to;
  
  (i) run at least one application launched at the request of a first user;
  
  (ii) recognize a signal from the reader indicative of a use request by a second user, the use request including an identifier associated with the second user;
  
  (iii) transmit, via the network interface, the identifier associated with the second user to a server;
  
  (iv) receive, via the network interface, an authorization from the server for the second user to access the shared desktop on the workstation;
  
  (v) hide without shutting down at least one of the running applications launched at the request of the first user;
  
  (vi) allow the second user to log on to the workstation via the at least one user interface and the network interface to thereby access the shared desktop;
  
  (vii) launch at least one application requested by the second user;
  
  (viii) allow the second user to log off the workstation via the at least one user interface device and the network interface, and following log-off of the second user,(ix) unhide the at least one application launched at the request of the first user.
- View Dependent Claims (17, 18, 19, 20, 21, 22)
- - 17. The workstation of claim 14, wherein the processor is configured to launch a screen saver before allowing the second user to log on.
  - 18. The workstation of claim 14, wherein the processor is configured to require a secondary form of authentication from the second user prior to allowing the second user to log on to the workstation.
  - 19. The workstation of claim 14, wherein the processor is configured to automatically launch, following log-on of the second user, at least one application.
  - 20. The workstation of claim 19, wherein the at least one automatically launched application is specified by a database record of the second user accessed by the server.
  - 21. The workstation of claim 19, wherein the at least one automatically launched application is determined at least in part based on activity logs of the second user.
  - 22. The workstation of claim 14, wherein the processor is configured to prevent the second user from unhiding the at least one application launched at the request of the first user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Imprivata Incorporated
Original Assignee
Imprivata Incorporated
Inventors
Ting, David M. T., Boone, Pieter-Jan, Ford, Timothy

Granted Patent

US 9,251,354 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/30
CPC Class Codes

G06F 21/31 User authentication

G06F 21/60 Protecting data

SECURE ACCESS SUPERSESSION ON SHARED WORKSTATIONS

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

SECURE ACCESS SUPERSESSION ON SHARED WORKSTATIONS

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links