Method and apparatus for token-based token termination

US 8,539,558 B2
Filed: 08/15/2011
Issued: 09/17/2013
Est. Priority Date: 08/15/2011
Status: Active Grant

First Claim

Patent Images

1. An apparatus comprising:

a memory operable to;

store a plurality of token-based rules, wherein a token-based rule facilitates access to a risk-sensitive resource; and

store a first token indicating that a user is accessing a non-risk- sensitive resource; and

a processor operable to;

receive a second token, the second token indicating that the user is attempting to access the risk-sensitive resource;

in response to receiving the second token, apply the token-based rule to make a first access decision whereby the user'"'"'s access to the non-risk-sensitive resource will be terminated;

in response to making the first access decision, generate at least one token representing the access decision;

communicate the at least one token representing the first access decision; and

receive a third token indicating that the user'"'"'s access to the non-risk sensitive resource is terminated;

in response to receiving the third token, generate at least one token representing a second access decision whether the user is granted access to the risk-sensitive resource; and

communicate the at least one token representing the second access decision.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

According to one embodiment, an apparatus may store a plurality of token-based rules that facilitate access to a risk-sensitive resource. The apparatus may further store a first token that may indicate that a user is accessing a non-risk-sensitive resource. The apparatus may receive a second token that may indicate that the user is attempting to access the risk-sensitive resource. In response to receiving the second token, the apparatus may apply the token-based rule to make an access decision whereby the user'"'"'s access to the non-risk-sensitive resource will be terminated. The apparatus may then communicate at least one token representing the access decision.

54 Citations

View as Search Results

18 Claims

1. An apparatus comprising:
- a memory operable to;
  
  store a plurality of token-based rules, wherein a token-based rule facilitates access to a risk-sensitive resource; and
  
  store a first token indicating that a user is accessing a non-risk- sensitive resource; and
  
  a processor operable to;
  
  receive a second token, the second token indicating that the user is attempting to access the risk-sensitive resource;
  
  in response to receiving the second token, apply the token-based rule to make a first access decision whereby the user'"'"'s access to the non-risk-sensitive resource will be terminated;
  
  in response to making the first access decision, generate at least one token representing the access decision;
  
  communicate the at least one token representing the first access decision; and
  
  receive a third token indicating that the user'"'"'s access to the non-risk sensitive resource is terminated;
  
  in response to receiving the third token, generate at least one token representing a second access decision whether the user is granted access to the risk-sensitive resource; and
  
  communicate the at least one token representing the second access decision.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The apparatus of claim 1, the processor further operable to terminate the user'"'"'s access to the non-risk-sensitive resource in response to the at least one token representing the first access decision.
  - 3. The apparatus of claim 1, the processor further operable to terminate the first token.
  - 4. The apparatus of claim 1, the processor further operable to grant access to the risk-sensitive resource.
  - 5. The apparatus of claim 1, the processor further operable to:
    - receive a fourth token indicating that a peripheral is attached to the user'"'"'s computer that is accessing the risk-sensitive resource; and
      
      in response to receiving the fourth token, apply the token-based rule to make an access decision whereby the user'"'"'s access to the risk-sensitive resource will be terminated.
  - 6. The apparatus of claim 5, the processor further operable to:
    - receive a fifth token indicating that the peripheral is no longer attached to the user'"'"'s computer; and
      
      in response to receiving the fifth token, apply the token-based rule to make an access decision whereby the user is granted access to the risk-sensitive resource.

7. A method for terminating access to a resource using token-based rules, comprising:
- storing a plurality of token-based rules, wherein a token-based rule facilitates access to a risk-sensitive resource;
  
  storing a first token indicating that a user is accessing a non-risk-sensitive resource;
  
  receiving a second token, the second token indicating that the user is attempting to access the risk-sensitive resource;
  
  in response to receiving the second token, applying the token-based rule to make a first access decision whereby the user'"'"'s access to the non-risk-sensitive resource will be terminated;
  
  in response to making the first access decision, generating at least one token representing the first access decision;
  
  communicating the at least one token representing the first access decision; and
  
  receiving a third token indicating that the user'"'"'s access to the non-risk sensitive resource is terminated;
  
  in response to receiving the third token, generating at least one token representing a second access decision whether the user is granted access to the risk-sensitive resource; and
  
  communicating the at least one token representing the second access decision.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The method of claim 7, further comprising terminating the user'"'"'s access to the non-risk-sensitive resource in response to the at least one token representing the first access decision.
  - 9. The method of claim 7, further comprising terminating the first token.
  - 10. The method of claim 7, further comprising granting access to the risk-sensitive resource.
  - 11. The method of claim 7, further comprising:
    - receiving a fourth token indicating that a peripheral is attached to the user'"'"'s computer that is accessing the risk-sensitive resource; and
      
      in response to receiving the fourth token, applying the token-based rule to make an access decision whereby the user'"'"'s access to the risk-sensitive resource will be terminated.
  - 12. The method of claim 11, further comprising:
    - receiving a fifth token indicating that the peripheral is no longer attached to the user'"'"'s computer; and
      
      in response to receiving the fifth token, applying the token-based rule to make an access decision whereby the user is granted access to the risk-sensitive resource.

13. One or more computer-readable non-transitory storage media embodying software that is operable when executed to:
- store a plurality of token-based rules, wherein a token-based rule facilitates access to a risk-sensitive resource;
  
  store a first token indicating that a user is accessing a non-risk-sensitive resource;
  
  receive a second token, the second token indicating that the user is attempting to access the risk-sensitive resource;
  
  in response to receiving the second token, apply the token-based rule to make a first access decision whereby the user'"'"'s access to the non-risk-sensitive resource will be terminated;
  
  in response to making the first access decision, generate at least one token representing the access decision;
  
  communicate the at least one token representing the first access decision;
  
  receive a third token indicating that the user'"'"'s access to the non-risk sensitive resource is terminated;
  
  in response to receiving the third token, generate at least one token representing a second access decision whether the user is granted access to the risk-sensitive resource; and
  
  communicate the at least one token representing the second access decision.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The media of claim 13 embodying software further operable to terminate the user'"'"'s access to the non-risk-sensitive resource in response to the at least one token representing the first access decision.
  - 15. The media of claim 13 embodying software further operable to terminate the first token.
  - 16. The media of claim 13 embodying software further operable to grant access to the risk-sensitive resource.
  - 17. The media of claim 13 embodying software further operable to:
    - receive a fourth token indicating that a peripheral is attached to the user'"'"'s computer that is accessing the risk-sensitive resource; and
      
      in response to receiving the fourth token, apply the token-based rule to make an access decision whereby the user'"'"'s access to the risk-sensitive resource will be terminated.
  - 18. The media of claim 17 embodying software further operable to:
    - receive a fifth token indicating that the peripheral is no longer attached to the user'"'"'s computer; and
      
      in response to receiving the fifth token, apply the token-based rule to make an access decision whereby the user is granted access to the risk-sensitive resource.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Radhakrishnan, Rakesh, Frick, Cynthia Ann, Marian, Radu, Barbir, Abdulkader Omar, Badhwar, Rajat P.
Primary Examiner(s)
Chea, Philip
Assistant Examiner(s)
ABEDIN, SHANTO

Application Number

US13/210,120
Publication Number

US 20130047213A1
Time in Patent Office

764 Days
Field of Search

726/4, 726/21, 726/2, 713/175, 713/185
US Class Current

726/4
CPC Class Codes

G06F 21/335   for accessing specific reso...

G06F 21/44   Program or device authentic...

G06F 21/604   Tools and structures for ma...

G06F 21/6218   to a system of files or obj...

G06F 2221/2113   Multi-level security, e.g. ...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/083   using passwords cryptograph...

H04L 63/105   Multiple levels of security

H04L 63/205   involving negotiation or de...

Method and apparatus for token-based token termination

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

54 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for token-based token termination

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

54 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links