Security link management in dynamic networks
First Claim
1. A method of providing a mobile computing unit with privileged access to a computing resource, the method comprising the steps of:
- detecting a failure of a user of the mobile computing unit to complete a logon to access the computing resource because the user has not submitted sufficient identifying information;
obtaining credentials with a unique machine identifier to facilitate authenticating an identity of the mobile computing unit;
providing the credentials to an authenticator to prove the machine identity, the authenticator controlling access to the computing resource; and
establishing limited access to the computing resource using authorization information obtained from the authenticator that reflects a relative security level for a user of the mobile computing unit, the authorization information corresponding to the authenticated identity of the mobile computing unit.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for setting up and managing secure data/audio/video links with secure key exchanges, authentication and authorization is described. An embodiment of the invention enables establishment of a secure link with limited privileges using the machine identifier of a trusted machine. This is particularly useful if the user of the machine does not have a user identifying information suitable for authentication. Furthermore, the presentation of a default user identifying information by a user advantageously initiates intervention by a system administrator instead of a blanket denial. This decentralized procedure allows new users access to the network without having to physically access a centralized facility to present their credentials. Another embodiment of the invention enables a remote user to connect to a secure network with limited privileges.
-
Citations
12 Claims
-
1. A method of providing a mobile computing unit with privileged access to a computing resource, the method comprising the steps of:
-
detecting a failure of a user of the mobile computing unit to complete a logon to access the computing resource because the user has not submitted sufficient identifying information; obtaining credentials with a unique machine identifier to facilitate authenticating an identity of the mobile computing unit; providing the credentials to an authenticator to prove the machine identity, the authenticator controlling access to the computing resource; and establishing limited access to the computing resource using authorization information obtained from the authenticator that reflects a relative security level for a user of the mobile computing unit, the authorization information corresponding to the authenticated identity of the mobile computing unit. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-readable medium having computer executable instructions for performing the steps of a method of providing a mobile computing unit with privileged access to a computing resource, the method comprising the steps of:
-
denying the mobile computing unit access to the computing resource for failure of a user of the mobile computing unit to complete a log-in to gain unlimited access to the computing resource because the user has not submitted sufficient identifying information; obtaining credentials with a unique machine identifier to facilitate authenticating an identity of the mobile computing unit; providing the credentials to an authenticator to prove the machine identity, the authenticator controlling access to the computing resource; and establishing limited access to the computing resource using authorization information obtained from the authenticator to reflect a relative security level for a user of the mobile computing unit, the authorization information corresponding to the authenticated identity of the mobile computing unit. - View Dependent Claims (9, 10, 11, 12)
-
Specification