Logon authentication and security system and method

US 6,542,994 B1
Filed: 04/12/1999
Issued: 04/01/2003
Est. Priority Date: 04/12/1999
Status: Expired due to Term

First Claim

Patent Images

1. A machine-readable program storage device for storing encoded instructions for a method of authenticating the identity of a computer user for a computer having an operating system which includes a registry of processes and requires a secure acknowledgment of the user on the computer, said method comprising the steps of:

establishing a security process as the primary process of the registry previous to starting or restarting the computer operating system;

enabling an authentication procedure on the computer by the security process;

storing a secure user acknowledgment by the security process which is acceptable to the operating system; and

executing the computer operating system.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention involves a desktop administration system and method which allows a network administrator to remotely create, protect, and manage desktops and control file systems across a network. The invention provides security software, a PDF and Daemon, which is installed as the primary Registry process. Upon starting of the workstation, the security software mask off any other interrupt or process and complete an authentication procedure while creating an electronic trail for operating system to continue operation as if the security software did not preempt the operating system. The PDF receives desktop information from the network server and builds a desktop which the user manipulates to invoke local and/or network programs and access local and/or network utilities, providing appropriate keys or other authentication information to access restricted network resources. The Daemon serves as an interface for the PDF by channeling any communication to or from the user or the network, preventing unauthorized transactions at either the workstation or network level. The PDF provides a graphic user interface using objects that encapsulate programs with data, such as user preferences, default directories, and access privileges. The Daemon performs many tasks, including starting the PDF, enumerating the windows of the graphic user interface, and recording operations.

Citations

30 Claims

1. A machine-readable program storage device for storing encoded instructions for a method of authenticating the identity of a computer user for a computer having an operating system which includes a registry of processes and requires a secure acknowledgment of the user on the computer, said method comprising the steps of:
- establishing a security process as the primary process of the registry previous to starting or restarting the computer operating system;
  
  enabling an authentication procedure on the computer by the security process;
  
  storing a secure user acknowledgment by the security process which is acceptable to the operating system; and
  
  executing the computer operating system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The device of claim 1 wherein said method further includes the step of masking off interrupts previous to said enabling step.
  - 3. The device of claim 1 wherein said executing step includes having a personal desktop facility program supervise the execution of the computer operating system.
  - 4. The device of claim 1 wherein said enabling step includes enabling a biometric device to identify the user.
  - 5. The device of claim 1 wherein said enabling step includes enabling a smartcard device to identify the user.
  - 6. The device of claim 1 wherein said enabling step includes allowing the user to enter a password to identify the user.
  - 7. The device of claim 6 wherein said enabling step includes accessing a file containing user information to verify the user entered password.
  - 8. The device of claim 7 wherein said enabling step includes accessing a file on a network containing user information to verify the user entered password.
  - 9. The device of claim 1 wherein said storing step includes creating a secure user acknowledgment file from reverse engineering of the operating system encryption method.
  - 10. The device of claim 1 wherein said storing step includes creating a secure user acknowledgment file by invoking a portion of the operating system.

11. A computer system comprising:
- a computer including a processor and memory capable of storing instructions and data;
  
  an operating system residing on said computer, said operating system including a registry of processes, said operating system also including means for preventing computer operations unless a user acknowledgment is present on said computer;
  
  means for authenticating the identity of a computer user of said computer; and
  
  a security process residing on said computer, said security process including means for establishing said security process as the primary process of said registry previous to starting or restarting said operating system, said security process including means for enabling said authenticating means, said security process including means for storing a user acknowledgment which is acceptable to the operating system.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The computer system of claim 11 wherein said security process further includes means for masking off interrupts previous to enabling said authenticating means.
  - 13. The computer system of claim 11 further including a personal desktop facility program that supervises the execution of the computer operating system.
  - 14. The computer system of claim 11 wherein said authenticating means includes a biometric device to identify the user.
  - 15. The computer system of claim 11 wherein said authenticating means includes a smartcard device to identify the user.
  - 16. The computer system of claim 11 wherein said authenticating means includes means for allowing the user to enter a password to identify the user.
  - 17. The computer system of claim 16 wherein said authenticating means includes means for accessing a file containing user information to verify the user entered password.
  - 18. The computer system of claim 17 wherein said authenticating means includes means for accessing a file on a network containing user information to verify the user entered password.
  - 19. The device of claim 11 wherein said storing means includes means for creating a user acknowledgment file from reverse engineering of the operating system encryption method.
  - 20. The computer system of claim 11 wherein said storing means includes means for creating a user acknowledgment file by invoking a portion of the operating system.

21. A method of authenticating the identity of a computer user for a computer having an operating system which includes a registry of processes and requires a secure acknowledgment of the user on the computer, said method comprising the steps of:
- establishing a security process as the primary process of the registry previous to starting or restarting the computer operating system;
  
  enabling an authentication procedure on the computer by the security process;
  
  storing a secure user acknowledgment by the security process which is acceptable to the operating system; and
  
  executing the computer operating system.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 22. The method of claim 21 further including the step of masking off interrupts previous to said enabling step.
  - 23. The method of claim 21 wherein said executing step includes having a personal desktop facility program supervise the execution of the computer operating system.
  - 24. The method of claim 21 wherein said enabling step includes enabling a biometric device to identify the user.
  - 25. The method of claim 21 wherein said enabling step includes enabling a smartcard device to identify the user.
  - 26. The method of claim 21 wherein said enabling step includes allowing the user to enter a password to identify the user.
  - 27. The method of claim 26 wherein said enabling step includes accessing a file containing user information to verify the user entered password.
  - 28. The method of claim 27 wherein said enabling step includes accessing a file on a network containing user information to verify the user entered password.
  - 29. The method of claim 21 wherein said storing step includes creating a secure user acknowledgment file from reverse engineering of the operating system encryption method.
  - 30. The method of claim 21 wherein said storing step includes creating a secure user acknowledgment file by invoking a portion of the operating system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nytell Software LLC (Intellectual Ventures LLC)
Original Assignee
Pinnacle Technologies, Inc. (Carbo Ceramics Incorporated)
Inventors
Osmann, Eric E., Dircks, Charles E.
Primary Examiner(s)
HUA, LY

Application Number

US09/290,114
Time in Patent Office

1,450 Days
Field of Search

713/200, 713/201, 713/202, 713/1, 713/2
US Class Current

726/19
CPC Class Codes

G06F 21/31 User authentication

Logon authentication and security system and method

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Logon authentication and security system and method

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links