Ongoing authentication and access control with network access device
First Claim
1. A method for securing network access, the method comprising:
- granting, by a server, access to a user after authenticating a login request from the user sent from a secured computer device to the server to validate an identification of the user, wherein the secured computer device is connected via the Internet to a network access device that controls network access from the Internet to an intranet that provides network connectivity to the server;
receiving, by the server via the intranet, a network access request from the network access device for allowing the user to access the server through the network access device;
sending from the server a network access granted for the user to the network access device, wherein the secured computer device performs periodic authentication operations to validate the identification of the user based on biometric data taken of the user;
receiving at the network access device notification from the secured computer device that one of the periodic authentication operations has failed;
disabling, by the network access device, network access for the secured computer device to the intranet and the server in response to the notification, wherein access from the secured computer device to the Internet is not disabled;
recording images of the user taken while the user is operating the secured computer device;
recording screen captures of a display coupled to the secured computer device while access is granted to the user;
recording user inputs to the secured computer device while access is granted to the user; and
performing optical character recognition (OCR) to identify text in the screen captures, wherein operations of the method are executed by a processor.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and systems are presented for securing network access. One method includes operations for granting a user access to remote computer resources after authenticating a login request from the user sent from a secured computer device, and for receiving a network access request from a network access device to allow the user access through the network access device. A network access granted message is sent to the network access device when the user currently has been granted access to the remote computer resources, where the secured computer device performs periodic authentication operations to validate an identification of the user based on biometric data taken of the user. Further, the method includes operations for receiving notification from the secured computer device that one of the authentication operations has failed, and for sending a network access denied for the user to the network access device in response to the notification.
-
Citations
18 Claims
-
1. A method for securing network access, the method comprising:
-
granting, by a server, access to a user after authenticating a login request from the user sent from a secured computer device to the server to validate an identification of the user, wherein the secured computer device is connected via the Internet to a network access device that controls network access from the Internet to an intranet that provides network connectivity to the server; receiving, by the server via the intranet, a network access request from the network access device for allowing the user to access the server through the network access device; sending from the server a network access granted for the user to the network access device, wherein the secured computer device performs periodic authentication operations to validate the identification of the user based on biometric data taken of the user; receiving at the network access device notification from the secured computer device that one of the periodic authentication operations has failed; disabling, by the network access device, network access for the secured computer device to the intranet and the server in response to the notification, wherein access from the secured computer device to the Internet is not disabled; recording images of the user taken while the user is operating the secured computer device; recording screen captures of a display coupled to the secured computer device while access is granted to the user; recording user inputs to the secured computer device while access is granted to the user; and performing optical character recognition (OCR) to identify text in the screen captures, wherein operations of the method are executed by a processor. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for securing network access, the method comprising:
-
granting, by a server, access to a user after authenticating a login request from the user sent from a secured computer device to the server to validate an identification of the user, wherein the secured computer device is connected via the Internet to a network access device that controls network access from the Internet to an intranet that provides network connectivity to the server; receiving, by the server via the intranet, a network access request from the network access device for allowing the user to access the server through the network access device; sending from the server a network access granted for the user to the network access device, wherein the secured computer device performs periodic authentication operations to validate the identification of the user based on biometric data taken of the user, wherein the secured computer device notifies the network access device when one of the authentication operations has failed, wherein the network access device denies intranet access and server access for the user in response to the notification, wherein access from the secured computer device to the Internet is not disabled; recording images of the user taken while the user is operating the secured computer device; recording screen captures of a display coupled to the secured computer device while access is granted to the user; and recording user inputs to the secured computer device while access is granted to the user; and performing optical character recognition (OCR) to identify text in the screen captures, wherein operations of the method are executed by a processor. - View Dependent Claims (12)
-
-
13. A non-transitory computer-readable storage medium embedded with a computer program to be executed by one or more processors for securing network access, the computer program comprising:
-
program instructions for granting, by a server, access to a user after authenticating a login request from the user sent from a secured computer device to the server to validate an identification of the user, wherein the secured computer device is connected via the Internet to a network access device that controls network access from the Internet to an intranet that provides network connectivity to the server; program instructions for receiving, by the server via the intranet, a network access request from the network access device for allowing the user to access the server through the network access device; program instructions for sending from the server a network access granted for the user to the network access device, wherein the secured computer device performs periodic authentication operations to validate the identification of the user based on biometric data taken of the user; program instructions for receiving at the network access device notification from the secured computer device that one of the periodic authentication operations has failed; program instructions for disabling, by the network access device, network access for the secured computer device to the intranet and the server in response to the notification, wherein access from the secured computer device to the Internet is not disabled; program instructions for recording images of the user taken while the user is operating the secured computer device; program instructions for recording screen captures of a display coupled to the secured computer device while access is granted to the user; program instructions for recording user inputs to the secured computer device while access is granted to the user; and program instructions for performing optical character recognition (OCR) to identify text in the screen captures. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification