SYSTEMS AND METHODS FOR DIFFERENTIAL ACCESS CONTROL BASED ON SECRETS
First Claim
1. A processor-based system for allowing the user to select a view, said view comprising a set of data, a set of resources, said resources interacting with said data and a set of tasks, said tasks interacting with said processor-based system, the processor-based system comprising:
- a processor;
a computer readable storage media, said computer-readable storage media configured to store computer-readable instructions;
said processing in communications with a database, said database comprising data associated with a user;
said processor providing a user interface, said user interface accepting input from a user, the input comprising at least one indicia of the user'"'"'s identity and a first input secret;
wherein the first input secret is selectable by the user among a plurality of input secrets; and
wherein further each input secret is associated with an associated view.
2 Assignments
0 Petitions
Accused Products
Abstract
Differential access to data for a user of a processor-based system is disclosed wherein the user may select one secret from among a plurality of secrets that allows and/or enables access to potentially different sets of data, different resources for accessing the data and/or different tasks for the user to interact with the system. The selection of any particular secret may arise as to the user'"'"'s feeling as to how secure the environment is for accessing the data. For example, if the user is in a very secure environment, the user may select a secret that allows substantially broad access to data, resources and tasks. If the environment is not secure, or if the user is under duress, the user may select a secret that provides limited access, or a decoy set of data and/or may provide the user with access to defensive measures to protect the data.
29 Citations
20 Claims
-
1. A processor-based system for allowing the user to select a view, said view comprising a set of data, a set of resources, said resources interacting with said data and a set of tasks, said tasks interacting with said processor-based system, the processor-based system comprising:
-
a processor; a computer readable storage media, said computer-readable storage media configured to store computer-readable instructions; said processing in communications with a database, said database comprising data associated with a user; said processor providing a user interface, said user interface accepting input from a user, the input comprising at least one indicia of the user'"'"'s identity and a first input secret; wherein the first input secret is selectable by the user among a plurality of input secrets; and wherein further each input secret is associated with an associated view. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A processor-implemented method for allowing a user differential access to data within one of a set of views, each said view comprising a set of associated data, a set of associated resources interacting with said data and a set of associated tasks, said tasks allowing the user to interact with a processor-based system, the method comprising:
-
presenting the user with an interface; accepting at least one indicia of the user'"'"'s identity; accepting at least one secret, said one secret being one of a plurality of secrets selectable by the user, and said one secret associated with said user'"'"'s indicia; authenticating said user, based upon said at least one indicia and said at least one secret; and presenting the user with a view, the view associated with said at least one secret. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 20)
-
-
19. A processor-implemented method for allowing escalation of a user'"'"'s first view to a second view, where each said view comprising a set of associated data, a set of associated resources interacting with said data and a set of associated tasks, said tasks allowing the user to interact with a processor-based system;
- the method comprising;
while the user has been authenticated for access to data via a first view during a session, said first view associated with a first secret, allowing the user to request an escalation to a second view; and accepting a second secret, said second secret associated with a second view.
- the method comprising;
Specification