Computer security with local and remote authentication

US 7,222,361 B2
Filed: 11/15/2001
Issued: 05/22/2007
Est. Priority Date: 11/15/2001
Status: Active Grant

First Claim

Patent Images

1. A secure computer device, comprising:

a client database locally-authenticating a user of the device;

means for granting previously authorized access to the device if the user is locally authenticated;

means for generating a remote authentication request;

a server database remotely-authenticating the user in response to the authentication request after a successful local authentication;

means for granting access to new activities and control parameters on the computer device if remote authentication is successful;

means for allowing continued work on authorized activity;

means for denying access to new activities until the authorized activity is completed;

means for storing identification data from a subsequent user while a previous user'"'"'s activity is being completed and updating the client database according to results of the local and remote authentications; and

means for limiting a number of times that a particular client database and/or record in any, or all, of the client databases will be updated during any period of time and/or total number of updates.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure computer system including a client having a client database for locally-authenticating a user; and a server, in communication with the client, having a server database for remotely-authenticating the user in response to a request from the client. The system also provides updating of the client database according to results of the local and remote authentication.

61 Citations

View as Search Results

20 Claims

1. A secure computer device, comprising:
- a client database locally-authenticating a user of the device;
  
  means for granting previously authorized access to the device if the user is locally authenticated;
  
  means for generating a remote authentication request;
  
  a server database remotely-authenticating the user in response to the authentication request after a successful local authentication;
  
  means for granting access to new activities and control parameters on the computer device if remote authentication is successful;
  
  means for allowing continued work on authorized activity;
  
  means for denying access to new activities until the authorized activity is completed;
  
  means for storing identification data from a subsequent user while a previous user'"'"'s activity is being completed and updating the client database according to results of the local and remote authentications; and
  
  means for limiting a number of times that a particular client database and/or record in any, or all, of the client databases will be updated during any period of time and/or total number of updates.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The device recited in claim 1 further comprising means for authorizing the user in response to the successful local authentication.
  - 3. The device recited in claim 2 further comprising means for withdrawing the authorization in response to a reply from the server.
  - 4. The device recited in claim 1 further comprising means for updating the local user authenticating means in response to a reply from the server.
  - 5. The device recited in claim 2 further comprising means for updating the local user authenticating means in response to a reply from the server.
  - 6. The device recited in claim 3 further comprising means for updating the local user authenticating means in response to the reply from the server.

7. A computer security method, comprising the steps of:
- locally-authenticating a user of a client device with a database of the client;
  
  granting previously authorized access to the device if the user is locally authenticated;
  
  generating an authentication request to a server;
  
  remotely-authenticating the user with a database of the server in response to the authentication request after a successful local authentication;
  
  granting access to new activities and control parameters on the computer device if remote authentication is successful unless the authorized activity is not completed, wherein the new activity is denied;
  
  storing identification data from a subsequent user while a previous user'"'"'s activity is being completed; and
  
  updating the client database according to results of the local and remote authentications and limiting a number of times that a particular client database and/or, record in any, or all, of the client databases will be updated during any period of time and/or total number of updates.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The method recited in claim 7, further comprising the step of authorizing the user in response to a successful local authentication.
  - 9. The method recited in claim 8 further comprising the step of withdrawing the authorization in response to a reply from the server.
  - 10. The method recited in claim 7 further comprising the step of updating user authentication data stored on the client in response to a reply from the server.
  - 11. The method recited in claim 8 further comprising the step of updating user authentication data stored on the client in response to the reply from the server.
  - 12. The method recited in claim 9 further comprising the step of updating user authentication data stored on the client in response to a reply from the server.

13. A computer readable storage medium, comprising:
- logic of a database client locally-authenticating a user of a client device;
  
  logic granting previously authorized access to the device if the user is locally authenticated;
  
  logic generating an authentication request to a server;
  
  logic of a server database remotely authenticating the user in response to the authentication request after successful local authentication;
  
  logic granting access to new activities and control parameters on the computer device if remote authentication is successful unless the authorized activity is not completed, wherein the new activity is denied;
  
  storing identification data from a subsequent user while a previous user'"'"'s activity is being completed;
  
  logic updating the client database according to results of the local and remote authentications; and
  
  logic limiting a number of times that a particular client database and/or record in any, or all, of the client databases will be updated during any period of time and/or total number of updates.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The computer readable storage medium recited in claim 13, further comprising logic for authorizing the user in response to the successful local authentication.
  - 15. The computer readable storage medium recited in claim 14, further comprising logic for withdrawing an authorization in response to a reply from the server.
  - 16. The computer readable storage medium recited in claim 13, further comprising logic for updating user authentication data stored on the client in response to a reply from the server.
  - 17. The computer readable storage medium recited in claim 14, further comprising logic for updating user authentication data stored on the client in response to a reply from the server.
  - 18. The computer readable storage medium recited in claim 15, further comprising logic for updating user authentication data stored on the client in response to a reply from the server.

19. A secure computer system, comprising:
- a client having a client database, locally-authenticating a user;
  
  an authentication device that grants previously authorized access if the user is locally authenticated;
  
  a server, in communication with the client, having a server database, remotely-authenticating the user in response to a request from the client after a successful local authentication;
  
  wherein the authentication device grants access to new activities and control parameters on the computer device if remote authentication is successful unless the authorized activity is not completed, wherein the new activity is denied;
  
  storing identification data from a subsequent user while a previous user'"'"'s activity is being completed;
  
  means for updating the client database according to results of the local and remote authentications; and
  
  means for limiting a number of times that a particular client database and/or record in any, or all, of the client databases will be updated during any period of time and/or total number of updates.
- View Dependent Claims (20)
- - 20. The secure computer system recited in claim 19, further comprisingmeans for authorizing a user in response to a successful local authentication;
    - andmeans for withdrawing the authorization In response to an unsuccessful remote authentication.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Kemper, Stefan
Primary Examiner(s)
Sheikh, Ayaz
Assistant Examiner(s)
Abrishamkar, Kaveh

Application Number

US10/003,138
Publication Number

US 20030093690A1
Time in Patent Office

2,014 Days
Field of Search

713/200, 713/168, 726/4, 726/27, 455/410
US Class Current

726/4
CPC Class Codes

G06F 21/31 User authentication

Computer security with local and remote authentication

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

61 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Computer security with local and remote authentication

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

61 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others