Methods and systems for securing data by providing continuous user-system binding authentication

US 9,069,980 B2
Filed: 03/14/2013
Issued: 06/30/2015
Est. Priority Date: 04/11/2011
Status: Active Grant

First Claim

Patent Images

1. A method for managing data security, comprising,receiving user identification information from a screen of a device that is connectable to a database of secure information, the database being stored on a non-transitory computer readable medium;

receiving captured image data of a user associated with the user identification information;

authenticating the user based on the received identification information and the received captured image data;

providing access to the database of secure information upon authenticating the user, such that while the access is provided the receiving of captured image data of the user is continued to define a plurality of frames;

continuously recording data of user interactive input and viewed images displayed on the screen while the access is provided; and

continuously binding the plurality of frames of the captured image data of the user to the recorded data to produce audit data for the user during a time of accessing the database of secure information, the binding associating certain ones of the plurality of frames to certain of the recorded data of the user interactive input and the viewed images, the method being executed by a processor;

wherein the audit data is associated with one or more user policy violations, each policy violation being searchable to enable review of the user and actions taken that produced each policy violation and the audit data includes screen captures made of the screen.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Devices, methods, and computer programs are presented for managing data security. One example method includes receiving user identification information from a screen of a device that is connectable to a database of secure information. The method proceeds to authenticating of the user identification information. The authenticating includes capturing image data of a user associated with the user identification information. The method further includes providing access to the database of secure information upon authenticating the user identification information, such that while the access is provided the capturing of the image data of the user is maintained. The method includes recording data of user interactive input and viewed images displayed on the screen while the access provided. The method binds the captured image data of the user to the recorded data to produce audit data for the user when accessing the database of secure information. The method is executed by a processor.

Citations

16 Claims

1. A method for managing data security, comprising,receiving user identification information from a screen of a device that is connectable to a database of secure information, the database being stored on a non-transitory computer readable medium;
- receiving captured image data of a user associated with the user identification information;
  
  authenticating the user based on the received identification information and the received captured image data;
  
  providing access to the database of secure information upon authenticating the user, such that while the access is provided the receiving of captured image data of the user is continued to define a plurality of frames;
  
  continuously recording data of user interactive input and viewed images displayed on the screen while the access is provided; and
  
  continuously binding the plurality of frames of the captured image data of the user to the recorded data to produce audit data for the user during a time of accessing the database of secure information, the binding associating certain ones of the plurality of frames to certain of the recorded data of the user interactive input and the viewed images, the method being executed by a processor;
  
  wherein the audit data is associated with one or more user policy violations, each policy violation being searchable to enable review of the user and actions taken that produced each policy violation and the audit data includes screen captures made of the screen.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, further comprising,storing the audit data for the user in a security database stored on non-transitory computer readable medium.
  - 3. The method of claim 1, wherein the audit data is associated with a date and time for one or more sessions of access to the database.
  - 4. The method of claim 1, wherein the audit data includes recorded information from one or more sensors, or one or more additional cameras for a location proximate to the screen, or audio captured proximate to the screen, or screen captures made of the screen, or user facial images captured in a viewing space of the screen.
  - 5. The method of claim 1, further comprising,automatically disabling the access upon detection of no user present, or of multiple people viewing the screen, or detecting a camera in a viewing space of the screen, or a combination thereof.
  - 6. The method of claim 1, wherein the audit data is made accessible to the users for reviewing, and enables user request to remove captured data, the requests to remove captured data being verified by a security administrator.
  - 7. The method of claim 1, wherein the audit data produces an audit trail for the user, and the audit trail includes one or more security alerts, the security alerts maintaining the binding of the user to actions taken by the user.
  - 8. The method of claim 1, wherein the user identification information is associated with image data, or picture data, or video data, or image recognition data, or biometric sensor data, or a temperature sensor, or a weight sensor, or combinations of one or more thereof.
  - 9. The method of claim 1, wherein the screen is associated with an apparatus, the apparatus is one of a standalone monitor, a tablet computer, a smartphone, a desktop computer, a laptop computer, a display device, or a touch screen.
  - 10. The method of claim 1, wherein the user identification information is of a human face.
  - 11. The method of claim 1, wherein the access is disabled upon detection of two or more people in proximity of the screen.
  - 12. The method of claim 1, wherein a security entity is alerted of policy violations or activity determined by rules to be violations for the access.
  - 13. The method of claim 1, wherein capturing image data of the user is performed continuously at predetermined intervals of time during a session of access.
  - 14. The method of claim 1, wherein the binding, of the plurality of frames to the recorded data of user interactive input and viewed images, is continuous to enable continued activation of the access.
  - 15. The method of claim 1, wherein the audit data includes audio captured proximate to the screen.

16. A method for managing data security, comprising,receiving user identification information from a screen of a device that is connectable to a database of secure information, the database being stored on a non-transitory computer readable medium;
- receiving captured image data of a user associated with the user identification information;
  
  authenticating the user based on the received identification information and the received captured image data;
  
  providing access to the database of secure information upon authenticating the user, such that while the access is provided the receiving of captured image data of the user is continued to define a plurality of frames;
  
  continuously recording data of user interactive input and viewed images displayed on the screen while the access is provided; and
  
  continuously binding the plurality of frames of the captured image data of the user to the recorded data to produce audit data for the user during a time of accessing the database of secure information, the binding associating certain ones of the plurality of frames to certain of the recorded data of the user interactive input and the viewed images;
  
  wherein the audit data is associated with one or more user policy violations, each policy violation being searchable to enable review of the user and actions taken that produced each policy violation and the audit data includes screen captures made of the screen.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NSS Lab Works LLC
Original Assignee
NSS Lab Works LLC
Inventors
Sambamurthy, Namakkal S., Krishnan, Parathasarathy
Primary Examiner(s)
Gee, Jason K.
Assistant Examiner(s)
Ullah, Sharif E

Application Number

US13/830,463
Publication Number

US 20130205410A1
Time in Patent Office

838 Days
Field of Search

726/1, 726/2, 726/21, 726/36, 713/150, 713/163, 713/181, 380/255, 380/264, 380/276
US Class Current

1/1
CPC Class Codes

G06F 21/31   User authentication

G06F 21/32   using biometric data, e.g. ...

G06F 21/554   involving event detection a...

G06F 21/60   Protecting data

G06F 21/6209   to a single file or object,...

G06F 21/84   output devices, e.g. displa...

G06F 2221/2153   Using hardware token as a s...

G06T 2207/10   Image acquisition modality

G06T 2207/30201   Face

G06V 30/224   of printed characters havin...

G06V 40/172   Classification, e.g. identi...

H04L 63/083   using passwords cryptograph...

H04L 63/0861   using biometrical features,...

H04L 63/105   Multiple levels of security

H04L 63/20   for managing network securi...

Methods and systems for securing data by providing continuous user-system binding authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for securing data by providing continuous user-system binding authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links