Just-in-time authentication of users of a digital home network

US 8,161,533 B2
Filed: 04/25/2002
Issued: 04/17/2012
Est. Priority Date: 04/26/2001
Status: Active Grant

First Claim

Patent Images

1. A network comprising:

network nodes; and

a system distributed over the network nodes within which, on first access to a first access-protected object of the system an authentication is provided,wherein the authentication is valid during a validity duration at least for allowing a further access to a second access-protected object including an application,wherein the validity duration is dependent on a duration of access to the first access-protected object and/or on context of use of the system, andwherein, after expiration of the validity duration, the authentication is maintained for actions within the application and is revoked for acts outside the application.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A network has network nodes and a software system distributed over the network nodes within which, on first access to an access-protected object of the system, an authentication of the user is provided. The authentication is valid at least for a further access to an access-protected object. The duration of the validity of the authentication is dependent on the duration of access to the access-protected object and/or on the context of the use of the system.

Citations

15 Claims

1. A network comprising:
- network nodes; and
  
  a system distributed over the network nodes within which, on first access to a first access-protected object of the system an authentication is provided,wherein the authentication is valid during a validity duration at least for allowing a further access to a second access-protected object including an application,wherein the validity duration is dependent on a duration of access to the first access-protected object and/or on context of use of the system, andwherein, after expiration of the validity duration, the authentication is maintained for actions within the application and is revoked for acts outside the application.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The network as claimed in claim 1, wherein on the first access to the first access-protected object, an authentication manager and an authentication device are provided to authenticate a user.
  - 3. The network as claimed in claim 2, wherein after successful authentication, system use by the user is provided within a general context which allows actions at a system user interface and within an application context which allows actions within the application.
  - 4. The network as claimed in claim 1, further comprising a timer which is configured to start after the authentication to determine time of system use by a user, wherein the timer is reset with every new user interaction with the system, and wherein validity of the authentication for a general context elapses after expiry of a run time of the timer.
  - 5. The network as claimed in claim 4, wherein any value can be allocated to the run time of the timer on system installation.
  - 6. The network as claimed in claim 3, wherein there is an explicit authentication arranged for use by the system or the user, or an implicit authentication during an interaction with the system.
  - 7. The network as claimed in claim 1, wherein the network includes a home network according to the HAVi standard.

8. A method of authenticating a user within a network with network nodes and a system distributed over the network nodes, the method comprising:
- providing authentication of a user upon a first access by the user to an access-protected object of the system, the access-protected object including an application, wherein a duration of validity of the authentication is dependent on a duration of access to the system and on a context of use of the system; and
  
  after expiration of the validity duration, maintaining the authentication for actions within the application while revoking the authentication for acts outside the application.
- View Dependent Claims (9, 10)
- - 9. The method of claim 8, wherein the context of use includes a general context which allows actions requiring authentication at a system user interface and an application context which allows actions within the application.
  - 10. The method of claim 9, wherein after expiration of the validity duration, maintaining the authentication for actions within the application context initiated during the duration of validity, while revoking the authentication for acts outside the application context including the general context.

11. A security system comprising a computer and an authentication manager configured for causing the computer to:
- provide access rights to a first protected object and a second protected object upon authentication of a user having rights for access to said first protected object and said second protected object;
  
  revoke said access rights to said first protected object upon expiration of a time period; and
  
  maintain said access rights to said second protected object after said expiration of said time period.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The security system of claim 11, wherein said second protected object includes an application, said access rights being maintained for actions within said application and revoked for acts outside said application.
  - 13. The security system of claim 12, wherein said application is related to accessing at least one of audio or video signals.
  - 14. The security system of claim 11, wherein said computer is further configured to reset said time period upon detection of user activity related to said first protected object.
  - 15. The security system of claim 11, wherein said computer is further configured to maintain said access rights to said first protected object during said time period after a user ends accessing said first protected object.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Koninklijke Philips Electronics N.V. (Koninklijke Philips N.V.)
Original Assignee
Koninklijke Philips Electronics N.V. (Koninklijke Philips N.V.)
Inventors
Baumeister, Markus, Hauptmann, Steffen, Klabunde, Karin
Primary Examiner(s)
Pich, Ponnoreay

Application Number

US10/131,967
Publication Number

US 20020178359A1
Time in Patent Office

3,645 Days
Field of Search

None
US Class Current

726/6
CPC Class Codes

H04L 12/2805 Home Audio Video Interopera...

H04L 63/08 for authentication of entit...

Just-in-time authentication of users of a digital home network

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Just-in-time authentication of users of a digital home network

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links