System and method for controlling user's access to protected resources using multi-level authentication
First Claim
1. A computer-implemented method for controlling user'"'"'s access to a protected resource, the method comprising:
- detecting, by a hardware processor, a plug-in token connected to a device that controls user access to the protected resource, wherein the token is associated with one or more authorized users including at least one supervising user;
identifying one or more authorized users associated with the detected token who are authorized to access the protected resource, including identifying at least one supervising user;
authenticating whether a first user requesting access to the protected resource is associated with the detected token and authorized to access the protected resource;
detecting, by the hardware processor, one or more wireless transponders of one or more authorized users associated with the token, including at least a transponder of the first user and a transponder of the supervising user of said first user;
applying a plurality of rules that specify a set of conditions under which the first user is allowed to access different types of protected resources when all the conditions are satisfied, and the first user is prohibited to access of the protected resources when at least one condition is not satisfied;
identifying rules in response to receiving a request from the first user to access to the protected resource; and
providing the first user to access to the protected resource, or blocking the first user to access to the protected resource based on the rules;
wherein the conditions for the rule in accessing the protected recourse are based on accessing the protected resources during a predetermined period of the day, accessing the protected resources from a certain location, successfully authenticating the first user, and successfully detecting the transponder of the first user and of the transponder of the supervising user; and
wherein different types of protected resources include one or more of protected applications, protected data and protected devices.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are systems, methods and computer program products for multi-level user authentication. In one example, method includes detecting a plug-in token connected to a device that controls user access to a protected resource; identifying one or more authorized users associated with the detected token who are authorized to access the protected resource; authenticating whether a first user requesting accessing the protected resource is associated with the detected token and authorized to access the protected resource; detecting presence of one or more wireless transponders of one or more authorized users associated with the token, including at least a transponder of the first user; and providing access to the protected resource to the first user when the first user is authenticated as an authorized user associated with the detected token and the transponder of at least the first user is detected.
-
Citations
17 Claims
-
1. A computer-implemented method for controlling user'"'"'s access to a protected resource, the method comprising:
-
detecting, by a hardware processor, a plug-in token connected to a device that controls user access to the protected resource, wherein the token is associated with one or more authorized users including at least one supervising user; identifying one or more authorized users associated with the detected token who are authorized to access the protected resource, including identifying at least one supervising user; authenticating whether a first user requesting access to the protected resource is associated with the detected token and authorized to access the protected resource; detecting, by the hardware processor, one or more wireless transponders of one or more authorized users associated with the token, including at least a transponder of the first user and a transponder of the supervising user of said first user; applying a plurality of rules that specify a set of conditions under which the first user is allowed to access different types of protected resources when all the conditions are satisfied, and the first user is prohibited to access of the protected resources when at least one condition is not satisfied; identifying rules in response to receiving a request from the first user to access to the protected resource; and providing the first user to access to the protected resource, or blocking the first user to access to the protected resource based on the rules; wherein the conditions for the rule in accessing the protected recourse are based on accessing the protected resources during a predetermined period of the day, accessing the protected resources from a certain location, successfully authenticating the first user, and successfully detecting the transponder of the first user and of the transponder of the supervising user; and wherein different types of protected resources include one or more of protected applications, protected data and protected devices. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for controlling user'"'"'s access to a protected resource, the system comprising:
-
a communication interface; and a hardware processor coupled to the communication interface, and being configured to; detect a plug-in token connected to the communication interface, wherein the token is associated with one or more authorized users; identify one or more authorized users associated with the detected token who are authorized to access the protected resource, including identifying at least one supervising user; authenticate whether a first user requesting access to the protected resource is associated with the detected token and authorized to access the protected resource; detect one or more wireless transponders of one or more authorized users associated with the token, including at least a transponder of the first user and a transponder of the supervising user of said first user; apply a plurality of rules that specify a set of conditions under which the first user is allowed to access different types of protected resources when all the conditions are satisfied, and the first user prohibited to access of the protected resources when at least one condition is not satisfied; identify rules in response to receiving a request from the first user to access to the protected resource; and provide the first user to access to the protected resource, or block the first user to access to the protected resource based on the rules; wherein the conditions for the rules in accessing the protected recourse are based on accessing the protected resources during a predetermined period of the day, accessing the protected resources from a certain location, successfully authenticating the first user, and successfully detecting the transponder of the first user and of the transponder of the supervising user; and wherein different types of protected resources include one or more of protected applications, protected data and protected devices. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer program product stored on a non-transitory computer-readable storage medium, tile computer program product comprising computer-executable instructions for controlling user'"'"'s access to a protected resource, including instructions for:
-
detecting a plug-in token connected to a device that controls user access to the protected resource, wherein the token is associated with one or more authorized users including at least one supervising user; identifying one or more authorized users associated with the detected token who are authorized to access the protected resource, including identifying at least one supervising user; authenticating whether a first user requesting access to the protected resource is associated with the detected token and authorized to access the protected resource; detecting one or more wireless transponders of one or more authorized users associated with the token, including at least a transponder of the first user and a transponder of the supervising user of said first user; applying a plurality of rules that specify a set of conditions under which the first user is allowed to access different types of protected resources when all the conditions are satisfied, and the first user is prohibited to access of the protected resources when at least one condition is not satisfied; identifying rules in response to receiving a request from the first user to access to the protected resource; and providing the first user to access to the protected resource, or blocking the first user to access to the protected resource based on the rules; wherein the conditions for the rules in accessing the protected recourse are based on accessing the protected resources during a predetermined period of the day, accessing the protected resources from a certain location, successfully authenticating the first user, and successfully detecting the transponder of the first user and of the transponder of the supervising user; and wherein different types of protected resources include one or more of protected applications, protected data and protected devices. - View Dependent Claims (14, 15, 16, 17)
-
Specification