Context analysis at an information handling system to manage authentication cycles

US 9,400,878 B2
Filed: 11/08/2013
Issued: 07/26/2016
Est. Priority Date: 11/08/2013
Status: Active Grant

First Claim

Patent Images

1. An information handling system comprising:

a housing;

a processing components disposed in the housing and operable to cooperate to process information;

one or more input/output (I/O) devices interfaced with the processing components and operable to accept touch inputs;

a display interfaced with the processing components and operable to present information as visual images;

one or more optical sensors operable to sense light for adapting brightness of the display;

one or more cameras operable to capture images proximate the display;

one or more wireless communication devices operable to communicate with wireless signals; and

a nervous state engine operable to execute on one or more of the processing components, the nervous state engine transitioning between plural nervous states, each nervous state disenabling access to currently authorized secure information with predetermined conditions defined by each nervous state, the nervous state engine transitioning between nervous states based upon a context sensed by one or more of the I/O devices, optical sensors, camera and wireless communication devices;

wherein the nervous states include at least a first user-present nervous state that transitions to a second user-absent nervous state, the first user-present nervous state having one or more indications that an authorized user is proximate the information handling system, the first user-present nervous state disenabling a first access if a first predetermined condition is detected, the second user-absent nervous state having one or more indications that an authorized user is not proximate the information handling system, the second user-absent state disenabling a second access if the first predetermined condition is detected; and

wherein the predetermined condition comprises a detection of discontinuity between the amount of light sensed by the one or more optical sensors and the one or more cameras, the second access comprising a complete lock of the information handling system.

View all claims

14 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Context captured with sensors of an information handling system is applied to selectively lock access to currently unlocked information, with conditions for locking access based upon the context. Nervous states enforce locking of selected information based upon the confidence of the security of the information under sensed external conditions. Increased sensitivity for locking access includes reduced timeouts to a lock command, increased response to sensed conditions, and more rapid response where unlocked access is to sensitive information.

Citations

20 Claims

1. An information handling system comprising:
- a housing;
  
  a processing components disposed in the housing and operable to cooperate to process information;
  
  one or more input/output (I/O) devices interfaced with the processing components and operable to accept touch inputs;
  
  a display interfaced with the processing components and operable to present information as visual images;
  
  one or more optical sensors operable to sense light for adapting brightness of the display;
  
  one or more cameras operable to capture images proximate the display;
  
  one or more wireless communication devices operable to communicate with wireless signals; and
  
  a nervous state engine operable to execute on one or more of the processing components, the nervous state engine transitioning between plural nervous states, each nervous state disenabling access to currently authorized secure information with predetermined conditions defined by each nervous state, the nervous state engine transitioning between nervous states based upon a context sensed by one or more of the I/O devices, optical sensors, camera and wireless communication devices;
  
  wherein the nervous states include at least a first user-present nervous state that transitions to a second user-absent nervous state, the first user-present nervous state having one or more indications that an authorized user is proximate the information handling system, the first user-present nervous state disenabling a first access if a first predetermined condition is detected, the second user-absent nervous state having one or more indications that an authorized user is not proximate the information handling system, the second user-absent state disenabling a second access if the first predetermined condition is detected; and
  
  wherein the predetermined condition comprises a detection of discontinuity between the amount of light sensed by the one or more optical sensors and the one or more cameras, the second access comprising a complete lock of the information handling system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The information handling system of claim 1 wherein the plural nervous states comprise a user absent nervous state having predetermined conditions of at least a lack of touch to the one or more I/O devices for a predetermined time, a lack of an image captured by the one or more optical sensors for a predetermined time and a lack of a wireless signal associated with the user, the nervous state engine disenabling all access to currently authorized secure information in response to the user absent state.
  - 3. The information handling system of claim 1 wherein the plural nervous states comprise a user absent nervous state having predetermined conditions of at least a lack of an image captured by the one or more optical sensors, the nervous state engine immediately disenabling all access to currently authorized secure information in response to an acceleration detected by the information handling system when in the user absent nervous state.
  - 4. The information handling system of claim 1 wherein the plural nervous states comprise a geographic state having predetermined conditions of at least a first wireless network detected followed by a second wireless network detected, the first wireless network included on a network list, the second wireless network absent from the network list, the nervous state engine immediately disenabling all network password accesses in response to detection of the second wireless network.
  - 5. The information handling system of claim 4 wherein the geographic state further comprises a GPS position measured with a GPS receiver disposed in the housing, the predetermined conditions including the second wireless network being located outside a GPS boundary, the nervous state engine not disenabling all network password accesses if the second wireless network is within the GPS boundary.
  - 6. The information handling system of claim 1 wherein the plural nervous states comprise a user absent nervous state having predetermined conditions of at least failure to detect a touch input for a predetermined time and detection of a wireless personal area network associated with a predetermined user, the nervous state continuing to allow access to predetermined authorized information if a first input is detected and the personal area network is detected, and disenabling predetermined authorized information in response to the first input if the wireless personal area network not detected.
  - 7. The information handling system of claim 6 wherein the first input is detection of an acceleration by an accelerometer disposed in the housing.
  - 8. The information handling system of claim 1 further comprising a movie player operable to present a movie, the nervous state engine continuing to allow presenting of the movie after disenabling access to currently authorized secure information.

9. A method for monitoring access at an information handling system, the method comprising:
- authorizing access to information through the information handling system;
  
  monitoring the information handling system to deauthorize at least a portion of the access through the information handling system in the event of a first one or more predetermined conditions;
  
  detecting with a sensor integrated in the information handling system at least a first sensed condition indicating absence of the user from a predetermined proximity with the information handling system; and
  
  in response to the detecting, altering the monitoring to deauthorize all access through the information handling system in the event of a detection of hot plug event at a port of an information handling system, the hot plug event associated with insertion of a portable storage device into the port.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The method of claim 9 wherein detecting with a sensor integrated in the information handling system at least a first sensed condition indicating absence of a user from a predetermined proximity with the information handling system further comprises:
    - deauthorizing at least a portion of the access after a predetermined time elapses at a timer without a user input;
      
      sensing with a camera that captures images proximate the information handling system the lack of an end user in the image.
  - 11. The method of claim 10 wherein the deauthorizing further comprises deauthorizing access to all password protected information.
  - 12. The method of claim 11 wherein multimedia information currently presented at the information handling system continues being presented after the predetermined time.
  - 13. The method of claim 9 wherein:
    - the at least a portion of the access deauthorized in the event of the first one or more predetermined conditions comprises access to network-based information; and
      
      the at least a portion of the access deauthorized in the event of the second one or more predetermined conditions comprises access to locally-stored information.
  - 14. The method of claim 13 wherein the sensor comprises a position sensor, the first one or more predetermined conditions comprise a first position and the second one or more predetermined conditions comprise a second position.
  - 15. The method of claim 13 wherein the sensor comprises an RF sensor that senses a wireless interface.

16. A system for monitoring access to an information handling system, the system comprising:
- plural sensors including at least an ambient light sensor for adjusting a display brightness and a camera for capturing images proximate the display, each sensor operable to sense one or more predetermined conditions at the information handling system; and
  
  non-transitory memory storing a nervous state engine, the nervous state engine operable to execute on one or more of processing components disposed in the information handling system, the nervous state engine transitioning between plural nervous states, each nervous state disenabling access to at least a portion of currently authorized information upon detection of predetermined conditions defined by each nervous state, the nervous state engine transitioning between nervous states based upon a context sensed by one or more of the plural sensors;
  
  wherein a first nervous state disenables a first access in response to a first predetermined condition sensed by the plural sensors and a second nervous state disenables all access in response to detection of discontinuity between the amount of light sensed by the ambient light sensor and the camera, the second nervous state entered upon detection of a user absence from a proximity of the information handling system.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The system of claim 16 wherein the nervous state engine transitions between first and second nervous states based upon an image sensed by a camera sensor integrated in the information handling system and disenables access in only one of the first and second nervous states based upon an acceleration detected by an accelerometer sensor integrated in the information handling system.
  - 18. The system of claim 16 wherein the nervous state engine transitions between nervous states based upon an RF signal sensed by a wireless interface device integrated in the information handling system and disenables access in a first nervous state but not a second nervous state based upon an acceleration detected by an accelerometer sensor integrated in the information handling system.
  - 19. The system of claim 18 wherein the RF signal comprises a Bluetooth signal from a predetermined device, the nervous state engine disenabling access if the acceleration is detected and the RF signal from the predetermined device is not detected.
  - 20. The system of claim 18 wherein the RF signal comprises a wireless local area network, the nervous state engine disenabling access if the acceleration is detected unless the wireless local area network is on a safe list of wireless local area networks stored on the information handling system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Dell Products LP (Dell Technologies Inc.)
Original Assignee
Dell Products LP (Dell Technologies Inc.)
Inventors
Robison, Charles D., Quinn, Liam B., Ancona, Rocco
Primary Examiner(s)
PEARSON, DAVID J

Application Number

US14/075,151
Publication Number

US 20150135298A1
Time in Patent Office

991 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

G06F 21/31   User authentication

G06F 2221/2137   Time limited access, e.g. t...

G06F 2221/2139   Recurrent verification

H04L 63/0492   by using a location-limited...

H04L 63/0853   using an additional device,...

H04W 12/08   Access security

H04W 12/63   Location-dependent; Proximi...

H04W 4/02   Services making use of loca...

H04W 4/029   Location-based management o...

Context analysis at an information handling system to manage authentication cycles

First Claim

14 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Context analysis at an information handling system to manage authentication cycles

First Claim

14 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links