Protecting information on a computer system using multiple authentication methods

US 8,869,249 B2
Filed: 04/23/2012
Issued: 10/21/2014
Est. Priority Date: 01/18/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A method comprising:

receiving, for a user, first user authentication information for a first authentication method;

receiving, for the user, second user authentication information for a second authentication method, the second authentication method being different from the first authentication method;

upon authenticating the first user authentication information and the second user authentication information, moving, by a computing device, a subset of data stored on a back-end storage device to a front-end storage device, the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network; and

allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device, wherein after the period of time expires, the subset of data is removed from the front-end storage device.

View all claims

0 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Accused Products

Abstract

In one embodiment, a method includes receiving, for a user, first user authentication information for a first authentication method and receiving, for the user, second user authentication information for a second authentication method. The second authentication method is different from the first authentication method. Upon authenticating the first user authentication information and the second user authentication information, the method moves a subset of data stored on a back-end storage device to a front-end storage device. The front-end storage device is directly connected to the user via a network and the back-end storage device not being directly connected to the network. The method then allows access to the subset of data for a period of time, wherein after the period of time expires, the subset of data is removed from the front-end storage device.

Citations

20 Claims

1. A method comprising:
- receiving, for a user, first user authentication information for a first authentication method;
  
  receiving, for the user, second user authentication information for a second authentication method, the second authentication method being different from the first authentication method;
  
  upon authenticating the first user authentication information and the second user authentication information, moving, by a computing device, a subset of data stored on a back-end storage device to a front-end storage device, the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network; and
  
  allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device, wherein after the period of time expires, the subset of data is removed from the front-end storage device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the period of time is a prescheduled period of time.
  - 3. The method of claim 1, wherein the period of time starts upon authenticating the second user authentication information as long as the second user authentication information is authenticated within a prescheduled period of time.
  - 4. The method of claim 1, further comprising:
    - receiving a request for access to the subset of data; and
      
      not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user authentication information are authenticated.
  - 5. The method of claim 1, wherein:
    - the network comprises an external network, andthe back-end server is only accessible via the front-end server from an internal network.
  - 6. The method of claim 5, wherein:
    - the external network includes the Internet, andthe internal network is not directly accessible from any access point connected to the external network.
  - 7. The method of claim 1, wherein the second user authentication information comprises an access code.
  - 8. The method of claim 7, further comprising sending the access code to the user upon receiving the first user authentication information.
  - 9. The method of claim 8, wherein the access code is sent to the user via a communication path that has been previously established.
  - 10. The method of claim 8, wherein the access code is sent to the user via a different communication channel from which the first user authentication information is received.

11. A non-transitory computer-readable storage medium containing instructions for controlling a computer system to be configured for:
- receiving, for a user, first user authentication information for a first authentication method;
  
  receiving, for the user, second user authentication information for a second authentication method, the second authentication method being different from the first authentication method;
  
  upon authenticating the first user authentication information and the second user authentication information, moving a subset of data stored on a back-end storage device to a front-end storage device, the front-end storage device being directly connected to a user device for the user via a network and the back-end storage device not being directly connected to the network; and
  
  allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing system, wherein after the period of time expires, the subset of data is removed from the front-end storage device.
- View Dependent Claims (12, 13, 14)
- - 12. The non-transitory computer-readable storage medium of claim 11, further configured for:
    - receiving a request for access to the subset of data; and
      
      not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user authentication information are authenticated.
  - 13. The non-transitory computer-readable storage medium of claim 11, wherein the second user authentication information comprises an access code.
  - 14. The non-transitory computer-readable storage medium of claim 13, wherein the access code is sent to the user via a different communication channel from which the first user authentication information is received.

15. A method comprising:
- receiving, for a user, first user authentication information for a first authentication method;
  
  upon authenticating the first user authentication information, moving a subset of data stored on a back-end storage device to a front-end storage device after receiving, for the user, a second user authentication information, wherein the front-end storage device is accessible to a user device for the user via a network and the back-end storage device is not directly connected to the network;
  
  receiving, for the user, second user authentication information for a second authentication method, the second authentication method being different from the first authentication method;
  
  upon authenticating the second user authentication information, enabling, by a computing device, user access to the subset of data that has been moved to the front-end storage device via the network; and
  
  allowing the user device access to the subset of data on the front-end storage device for a period of time specified to the front-end storage device by the computing device, wherein after the period of time expires, the subset of data is removed from the front-end storage device.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method of claim 15, further comprising:
    - receiving a request for access to the subset of data; and
      
      not allowing access to the subset of data if the request is received outside of the period of time even if the first user authentication information and the second user authentication information are authenticated.
  - 17. The method of claim 15, wherein:
    - the network comprises an external network, andthe back-end server is only accessible via the front-end server from an internal network.
  - 18. The method of claim 15, wherein the second user authentication information comprises an access code.
  - 19. The method of claim 18, further comprising sending the access code to the user upon receiving the first user authentication information.
  - 20. The method of claim 19, wherein the access code is sent to the user via a different communication channel from which the first user authentication information is received.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Peoplechart Corporation
Original Assignee
Peoplechart Corporation
Inventors
Holvey, R. David, Jopling, Arthur Douglas
Primary Examiner(s)
Barron, Jr., Gilberto
Assistant Examiner(s)
KANAAN, SIMON P

Application Number

US13/453,666
Publication Number

US 20120210402A1
Time in Patent Office

911 Days
Field of Search

None
US Class Current

726/5
CPC Class Codes

G06F 21/6245 Protecting personal data, e...

G06F 21/6272 by registering files or doc...

Protecting information on a computer system using multiple authentication methods

First Claim

0 Assignments

Litigations

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Protecting information on a computer system using multiple authentication methods

First Claim

0 Assignments

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links