Enhanced call-back authentication method and apparatus for remotely accessing a host computer from a plurality of remote sites

US 5,280,581 A
Filed: 02/27/1992
Issued: 01/18/1994
Est. Priority Date: 02/27/1992
Status: Expired due to Term

First Claim

Patent Images

1. A method that provides for remote accessing of a host computer system from a plurality of remote locations by a user having a single registered remote phone number for call-back said method comprising the steps of:

using a remotely located computer having an attached modem to connect to the host computer system by way of a modem connected thereto;

logging on the host computer system by passing an authentication check by entering a user ID and password when requested by the host computer system;

after passing the authentication check by entering the correct user ID and password, requesting a modification to the user'"'"'s registered remote phone number for call-back;

receiving questions sent by the host computer system using a distributed user authentication protocol which requires, the remote user to answer these questions by providing correct answers, incorrect answers, or no answers in a predetermined manner;

providing the appropriate answers to said questions;

after providing the appropriate answers to the questions posed by the distributed user authentication protocol, receiving a request from the host computer system for the input of a new registered remote phone number that is stored in a file on the host computer system associated with the user ID of the remote user;

providing that the host computer system breaks the telephone connection and dials the new registered remote phone number of the remote user; and

again logging on the host computer system by passing the authentication check.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for remotely accessing a host computer from a remote location. The invention permits a user to remotely change a telephone number that allows the host computer to dial the user'"'"'s current location. A user performs this change only after he has been strongly authenticated using a distributed user authentication protocol in addition to a simple user ID and password. This allows the user to move between locations and access the host computer, while the call-back feature protects the host computer from unauthorized intrusion. Also, a second registered user who does not have call-back authority may gain access to the host computer through a user that has call-back authority. In this case the user with call-back authority gains entry into the host computer and causes it to call the second registered user, who then enters a user ID and password to gain entry to the host computer. The present invention may be implemented in the host computer or in an interface coupled between the host computer and its modem.

Citations

4 Claims

1. A method that provides for remote accessing of a host computer system from a plurality of remote locations by a user having a single registered remote phone number for call-back said method comprising the steps of:
- using a remotely located computer having an attached modem to connect to the host computer system by way of a modem connected thereto;
  
  logging on the host computer system by passing an authentication check by entering a user ID and password when requested by the host computer system;
  
  after passing the authentication check by entering the correct user ID and password, requesting a modification to the user'"'"'s registered remote phone number for call-back;
  
  receiving questions sent by the host computer system using a distributed user authentication protocol which requires, the remote user to answer these questions by providing correct answers, incorrect answers, or no answers in a predetermined manner;
  
  providing the appropriate answers to said questions;
  
  after providing the appropriate answers to the questions posed by the distributed user authentication protocol, receiving a request from the host computer system for the input of a new registered remote phone number that is stored in a file on the host computer system associated with the user ID of the remote user;
  
  providing that the host computer system breaks the telephone connection and dials the new registered remote phone number of the remote user; and
  
  again logging on the host computer system by passing the authentication check.

2. A method that provides a first user having a registered remote phone number for call-back for remote accessing of a host computer system capability to authorize remote accessing of a host computer system by a second user, said method providing the second user remote access to the host computer system from a remote location, said method comprising the steps of:
- using by the first remote user a remotely located computer having an attached modem to connect to the host computer system by way of a modem connected thereto;
  
  logging on the host computer system by the first remote user by passing an authentication check by entering a user ID and password when requested by the host computer system;
  
  after passing the authentication check by entering the correct user ID and password, inputting by the first remote user a phone number of a second remote user for call-back;
  
  receiving questions sent by the host computer system using a distributed user authentication protocol which requires the first remote user to answer these questions by providing correct answers, incorrect answers, or no answers in a predetermined manner;
  
  providing the appropriate answers to said questions;
  
  after providing the appropriate answers to the questions posed by the distributed user authentication protocol, the host computer system breaks the telephone connection and dials the phone number of the second remote user; and
  
  logging on the host computer system by the second user by passing an authentication check.

3. Apparatus that provides for remote accessing of a host computer system from a remote location, said apparatus comprising:
- a first modem attached to a first remotely located computer;
  
  a second modem for use by the host computer system;
  
  an interface coupled between the host computer and the second modem that implements the following procedure;
  
  a remote user uses the first remotely located computer and the first modem to connect to the host computer system by way of the second modem and interface connected thereto;
  
  the remote user logs on by entering a user ID and password at the first remotely located computer when requested by the interface;
  
  after passing an authentication check by entering the correct user ID and password, the interface sends questions using a distributed user authentication protocol, and the remote user answers these questions by providing correct answers, incorrect answers, or no answers in a predetermined manner;
  
  if the remote user passes the questions posed by the distributed user authentication protocol, the interface requests the input of a phone number for call-back that is then stored in a file on the interface;
  
  the interface breaks the telephone connection and dials the phone number; and
  
  the remote user again logs on the host computer system by passing the authentication check.
- View Dependent Claims (4)
- - 4. The apparatus of claim 3 wherein after the remote user passes the authentication check by entering the correct user ID and password, the remote user inputs a phone number for call-back that is associated with a second registered user, and if the remote user passes the questions posed by the distributed user authentication protocol, the interface breaks the telephone connection and dials the phone number of the second user, and the second user logs on the host computer system by passing an authentication check.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hughes Electronics Corporation (AT&T, Inc.)
Original Assignee
Hughes Aircraft Company (Rtx Corporation)
Inventors
Bathrick, Erwin W., Kung, Kenneth C., Matthews, Todd E.
Primary Examiner(s)
Ray, Gopal C.

Application Number

US07/843,873
Time in Patent Office

691 Days
Field of Search

340/825.31, 340/825.34, 340/825.3, 395/200, 395/325, 395/500, 395/275, 395/725, 379/95, 379/93, 380/23, 380/25, 364/401, 364/408, 902/1
US Class Current

709/217
CPC Class Codes

G06F 21/313   using a call-back technique...

H04M 3/382   using authorisation codes o...

H04M 3/42229   Personal communication serv...

H04M 3/48   Arrangements for recalling ...

H04M 3/493   Interactive information ser...

H04Q 11/0457   Connection protocols

H04Q 2213/091   Indication of kind/number o...

H04Q 2213/095   User access; PIN code

H04Q 2213/103   Memories

H04Q 2213/152   Automatic call retry

H04Q 2213/199   Modem

Enhanced call-back authentication method and apparatus for remotely accessing a host computer from a plurality of remote sites

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

4 Claims

Specification

Solutions

Use Cases

Quick Links

Enhanced call-back authentication method and apparatus for remotely accessing a host computer from a plurality of remote sites

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

4 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links