Enhanced call-back authentication method and apparatus for remotely accessing a host computer from a plurality of remote sites
First Claim
1. A method that provides for remote accessing of a host computer system from a plurality of remote locations by a user having a single registered remote phone number for call-back said method comprising the steps of:
- using a remotely located computer having an attached modem to connect to the host computer system by way of a modem connected thereto;
logging on the host computer system by passing an authentication check by entering a user ID and password when requested by the host computer system;
after passing the authentication check by entering the correct user ID and password, requesting a modification to the user'"'"'s registered remote phone number for call-back;
receiving questions sent by the host computer system using a distributed user authentication protocol which requires, the remote user to answer these questions by providing correct answers, incorrect answers, or no answers in a predetermined manner;
providing the appropriate answers to said questions;
after providing the appropriate answers to the questions posed by the distributed user authentication protocol, receiving a request from the host computer system for the input of a new registered remote phone number that is stored in a file on the host computer system associated with the user ID of the remote user;
providing that the host computer system breaks the telephone connection and dials the new registered remote phone number of the remote user; and
again logging on the host computer system by passing the authentication check.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for remotely accessing a host computer from a remote location. The invention permits a user to remotely change a telephone number that allows the host computer to dial the user'"'"'s current location. A user performs this change only after he has been strongly authenticated using a distributed user authentication protocol in addition to a simple user ID and password. This allows the user to move between locations and access the host computer, while the call-back feature protects the host computer from unauthorized intrusion. Also, a second registered user who does not have call-back authority may gain access to the host computer through a user that has call-back authority. In this case the user with call-back authority gains entry into the host computer and causes it to call the second registered user, who then enters a user ID and password to gain entry to the host computer. The present invention may be implemented in the host computer or in an interface coupled between the host computer and its modem.
-
Citations
4 Claims
-
1. A method that provides for remote accessing of a host computer system from a plurality of remote locations by a user having a single registered remote phone number for call-back said method comprising the steps of:
-
using a remotely located computer having an attached modem to connect to the host computer system by way of a modem connected thereto; logging on the host computer system by passing an authentication check by entering a user ID and password when requested by the host computer system; after passing the authentication check by entering the correct user ID and password, requesting a modification to the user'"'"'s registered remote phone number for call-back; receiving questions sent by the host computer system using a distributed user authentication protocol which requires, the remote user to answer these questions by providing correct answers, incorrect answers, or no answers in a predetermined manner; providing the appropriate answers to said questions; after providing the appropriate answers to the questions posed by the distributed user authentication protocol, receiving a request from the host computer system for the input of a new registered remote phone number that is stored in a file on the host computer system associated with the user ID of the remote user; providing that the host computer system breaks the telephone connection and dials the new registered remote phone number of the remote user; and again logging on the host computer system by passing the authentication check.
-
-
2. A method that provides a first user having a registered remote phone number for call-back for remote accessing of a host computer system capability to authorize remote accessing of a host computer system by a second user, said method providing the second user remote access to the host computer system from a remote location, said method comprising the steps of:
-
using by the first remote user a remotely located computer having an attached modem to connect to the host computer system by way of a modem connected thereto; logging on the host computer system by the first remote user by passing an authentication check by entering a user ID and password when requested by the host computer system; after passing the authentication check by entering the correct user ID and password, inputting by the first remote user a phone number of a second remote user for call-back; receiving questions sent by the host computer system using a distributed user authentication protocol which requires the first remote user to answer these questions by providing correct answers, incorrect answers, or no answers in a predetermined manner; providing the appropriate answers to said questions; after providing the appropriate answers to the questions posed by the distributed user authentication protocol, the host computer system breaks the telephone connection and dials the phone number of the second remote user; and logging on the host computer system by the second user by passing an authentication check.
-
-
3. Apparatus that provides for remote accessing of a host computer system from a remote location, said apparatus comprising:
-
a first modem attached to a first remotely located computer; a second modem for use by the host computer system; an interface coupled between the host computer and the second modem that implements the following procedure; a remote user uses the first remotely located computer and the first modem to connect to the host computer system by way of the second modem and interface connected thereto; the remote user logs on by entering a user ID and password at the first remotely located computer when requested by the interface; after passing an authentication check by entering the correct user ID and password, the interface sends questions using a distributed user authentication protocol, and the remote user answers these questions by providing correct answers, incorrect answers, or no answers in a predetermined manner; if the remote user passes the questions posed by the distributed user authentication protocol, the interface requests the input of a phone number for call-back that is then stored in a file on the interface; the interface breaks the telephone connection and dials the phone number; and the remote user again logs on the host computer system by passing the authentication check. - View Dependent Claims (4)
-
Specification