Security system and method for controlling access to computing resources
First Claim
1. A system for securing computing resources, the system comprising:
- a personal digital key adapted for wireless communication within a predefined range to establish a link and send and receive data, the personal digital key associated with a user and storing security data used to access a particular computing resource as described by security set up data for the particular computing resource;
a reader for automatically detecting the presence of the personal digital key and establishing a link with the personal digital key, the reader having an input and an output and adapted for wireless communication with the personal digital key when the reader and the personal digital key are within the predefined range of each other, the reader automatically signaling a computing device whether it is linked to the personal digital key; and
the computing device having computing resources including the particular computing resource, the computing device coupled to the input and the output of the reader for sending and receiving data;
the computing device including a security system for controlling access to the computing resources of the computing device based on security set up data, wherein the security set up data is stored in a dedicated encrypted portion of a memory of the computing device and includes information on how to control access to the computing resources using security data, but does not include the security data used to obtain access, wherein the security set up data is based on one or more user defined options allowing the user to implement different security actions for different computing resources, wherein the different security actions include a biometric confirmation for a respective computing resource, the security system controlled by the signal from the reader indicating whether the reader is linked to the personal digital key and terminating access to the computing resource based on an exit-based rule of the security set up data associated with the computing resource when the personal digital key and the reader are no longer within the predefined range.
1 Assignment
0 Petitions
Accused Products
Abstract
A security system comprises a personal digital key (PDK), a reader and a computing device. The PDK is a portable, personal transceiver that includes a controller and one or more passwords or codes. The computing device includes a detection engine, vault storage and a set up module. The detection engine detect events relating to the access of any files and third-party systems by the computing device and receives information from the reader as to whether the PDK is present/linked. The detection engine controls whether a user is able to access any of the functionality provided by the computing device based upon whether the PDK is in communication with the reader or not. The present invention also includes a number of methods such as a method for initializing the security system, a method for setting up a computing device, and a method for controlling access to computing resources.
90 Citations
23 Claims
-
1. A system for securing computing resources, the system comprising:
-
a personal digital key adapted for wireless communication within a predefined range to establish a link and send and receive data, the personal digital key associated with a user and storing security data used to access a particular computing resource as described by security set up data for the particular computing resource; a reader for automatically detecting the presence of the personal digital key and establishing a link with the personal digital key, the reader having an input and an output and adapted for wireless communication with the personal digital key when the reader and the personal digital key are within the predefined range of each other, the reader automatically signaling a computing device whether it is linked to the personal digital key; and the computing device having computing resources including the particular computing resource, the computing device coupled to the input and the output of the reader for sending and receiving data;
the computing device including a security system for controlling access to the computing resources of the computing device based on security set up data, wherein the security set up data is stored in a dedicated encrypted portion of a memory of the computing device and includes information on how to control access to the computing resources using security data, but does not include the security data used to obtain access, wherein the security set up data is based on one or more user defined options allowing the user to implement different security actions for different computing resources, wherein the different security actions include a biometric confirmation for a respective computing resource, the security system controlled by the signal from the reader indicating whether the reader is linked to the personal digital key and terminating access to the computing resource based on an exit-based rule of the security set up data associated with the computing resource when the personal digital key and the reader are no longer within the predefined range. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A security system for controlling access to computing resources on a computing device, the security system comprising:
-
a detection engine for detecting when a computing resource is accessed and controlling whether access is permitted based on detecting a personal digital key within a predefined range of a reader and based on security set up data, the detection engine coupled to the computing device and the computing resources; and a vault storage for storing security set up data for the computing resources, the vault storage stored in a dedicated encrypted portion of a memory of the computing device and including information on how to use security data stored by the personal digital key to control access to the computing resources, but does not include the security data used to obtain access, wherein the security set up data is based on one or more user defined options allowing a user to implement different security actions for different computing resources, wherein the different security actions include a biometric confirmation for a respective computing resource, the security set up data specifying at least one security action for the accessed computing resource, the at least one security action including an exitbased rule to terminate access to the computing resource when the personal digital key and the reader are no longer within the predefined range, the vault storage coupled to and accessible by the detection engine. - View Dependent Claims (11)
-
-
12. A method for controlling access to a computing device having computing resources, the method comprising:
-
monitoring, with the computing device, for an event; detecting, with the computing device, the event; determining whether a personal digital key is within a predefined range of the computing device responsive to detecting the event; allowing access to a computing resource when the personal digital key is within a predefined range of the computing device based on security data stored by the personal digital key and an item set up record stored in a dedicated encrypted portion of a memory of the computing device and including information on how to use the security data stored by the personal digital key to control access to the computing resource, the item set up record lacking the security data; and terminating access to the computing resource when the personal digital key is no longer within the predefined range of the computing device, wherein allowing and terminating access is based on the item set up record associated with the computing resource, the item set up record including one or more user defined options allowing a user to implement different security actions for different computing resources, wherein the different security actions include a biometric confirmation for a respective computing resource. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
Specification