Context analysis at an information handling system to manage authentication cycles
First Claim
Patent Images
1. An information handling system comprising:
- a housing;
a central processer unit disposed in the housing and operable to process information;
memory disposed in the housing and interfaced with the CPU, the memory operable to store information;
an operating system stored in the memory and operable to execute on the CPU, the operating system having a security subsystem to lock access to information and to unlock access to information in response to an operating system authentication input by an end user;
plural sensors disposed in the housing and operable to detect conditions external to the housing; and
a context engine operable to execute on one or more processing components disposed in the housing, the context engine establishing a context based upon external conditions sensed by the plural sensors in response to the operating system authentication input by the end user, the context including at least a wireless local area network identifier, an image captured by a camera, and motion detected by an accelerometer, the security subsystem locking access to a first set of information after a first time out period having a length set based on context sensed by all of the wireless local area network identifier that is detected, the camera image that is detected, and the motion that is detected by the accelerometer defines the context, the first set of information comprising less than all information accessible at the information handling system, and locking access to the first set of information after a second time out period different from the first time out period if only one of the wireless local area network identifier that is detected, the camera image that is detected or the motion that is detected by the accelerometer defines the context, the security subsystem locking access to all information accessible at the information handling system after a third time out period different from the first and second time out periods.
14 Assignments
0 Petitions
Accused Products
Abstract
Context captured with sensors of an information handling system is applied to selectively lock access to currently unlocked information, with conditions for locking access based upon the context. Nervous states enforce locking of selected information based upon the confidence of the security of the information under sensed external conditions. Increased sensitivity for locking access includes reduced timeouts to a lock command, increased response to sensed conditions, and more rapid response where unlocked access is to sensitive information.
27 Citations
20 Claims
-
1. An information handling system comprising:
-
a housing; a central processer unit disposed in the housing and operable to process information; memory disposed in the housing and interfaced with the CPU, the memory operable to store information; an operating system stored in the memory and operable to execute on the CPU, the operating system having a security subsystem to lock access to information and to unlock access to information in response to an operating system authentication input by an end user; plural sensors disposed in the housing and operable to detect conditions external to the housing; and a context engine operable to execute on one or more processing components disposed in the housing, the context engine establishing a context based upon external conditions sensed by the plural sensors in response to the operating system authentication input by the end user, the context including at least a wireless local area network identifier, an image captured by a camera, and motion detected by an accelerometer, the security subsystem locking access to a first set of information after a first time out period having a length set based on context sensed by all of the wireless local area network identifier that is detected, the camera image that is detected, and the motion that is detected by the accelerometer defines the context, the first set of information comprising less than all information accessible at the information handling system, and locking access to the first set of information after a second time out period different from the first time out period if only one of the wireless local area network identifier that is detected, the camera image that is detected or the motion that is detected by the accelerometer defines the context, the security subsystem locking access to all information accessible at the information handling system after a third time out period different from the first and second time out periods. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for locking access at an information handling system, the method comprising:
-
inputting authentication to the information handling system to authorize access to information through the information handling system; in response to inputting authentication, capturing plural external conditions proximate the information handling system with plural sensors disposed in the information handling system; analyzing the plural external conditions to establish a context and a predetermined condition to lock access at the information handling system; detecting a change to one or more of the external conditions by one or more of the plural sensors; and in response to detecting the change, adjusting the predetermined condition to lock access at the information handling system; wherein the external conditions include one of a first charging condition of accepting an external charge with a charger having a first identifier connected to the information handling system, the first charging condition having a first predetermined condition to lock access and a second charging condition of accepting an external charge from a charger having a second identifier connected to the information handling system, the second charging condition having a second predetermined condition to lock access, the second predetermined condition including locking access upon detection of removal of the second charger connection from the information handling system; wherein a first set of less than all accessible information is locked in response to the first predetermined condition and all accessible information is locked in response to the second predetermined condition. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A system for locking access at an information handling system, the system comprising:
-
non-transitory memory storing; a security system that unlocks access to the information handling system in response to authentication information and relocks access to the information handling system in response to a predetermined condition; and a context engine executing on a processing component of the information handling system and interfaced with plural sensors disposed in the information handling system, the context engine operable to analyze external conditions detected by the plural sensors to select one of the plural sensors from the plural sensors for monitoring the predetermined condition, the context engine determining which of the plural sensors to have active for monitoring context based at least in part on a sensed context, the context engine having active only one of the plural sensors for a first sensed context having a first threat level and having all of the plural sensors active for a second sensed context having a second threat level; wherein the context includes at least a wireless local area network identifier, the security system locking access to a first set of less than all accessible information after a first time out period if a first wireless local area network identifier is detected and locking access to the first set of less than all accessible information after a second time out period different from the first time out period if a second wireless local area network identifier is detected. - View Dependent Claims (19, 20)
-
Specification