Security device, methods, and systems for continuous authentication

US 9,852,275 B2
Filed: 03/15/2013
Issued: 12/26/2017
Est. Priority Date: 03/15/2013
Status: Active Grant

First Claim

Patent Images

1. A security computing device comprising:

a processor;

a memory; and

a connector for coupling the security computing device to a second computing device, wherein the second computing device is configured to receive periodically images of a user from an image capture device coupled to the second computing device and images of a display screen associated with the second computing device, wherein the processor is configured to execute instructions obtained from the memory of the security computing device for;

enabling communication between the security computing device and the second computing device;

authenticating the user for accessing content via the second computing device;

receiving the images of the display screen and the periodic images of the user from the second computing device that the user is utilizing for accessing the content;

receiving, after the user is authenticated, from the second computing device user inputs entered via a keyboard of the second computing device, the user inputs being entered while accessing the content, the images and the user inputs used to monitor digital and physical activities of the user and to establish a link between the digital and physical activities of the user;

performing continuous authentication operations to validate an identification of the user based on the periodic images of the user, images of the display screen, and the user inputs;

transmitting the user inputs with the received periodic images to a security server using an out of band channel to create audit data of the digital and physical activities of the user while accessing the second computing device; and

when the authentication of the user or any one of the continuous authentication operations to validate the identification of the user fails, sending a message from the security computing device to the second computing device to disable the user from using the second computing device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, systems, and computer programs are presented for securing a computing device. One security device includes a processor, memory and a connector. The memory includes a computer program that, when executed by the processor, performs a method. The method includes operations for detecting that the connector is coupled to a second computing device, and for determining a user associated with the security computing device. In addition, the method includes operations for receiving periodic images from an image capture device coupled to the second computing device, and for performing continuous authentication operations to validate an identification of the user based on the periodic images. The user is disabled from using the second computing device after an authentication operation fails.

Citations

19 Claims

1. A security computing device comprising:
- a processor;
  
  a memory; and
  
  a connector for coupling the security computing device to a second computing device, wherein the second computing device is configured to receive periodically images of a user from an image capture device coupled to the second computing device and images of a display screen associated with the second computing device, wherein the processor is configured to execute instructions obtained from the memory of the security computing device for;
  
  enabling communication between the security computing device and the second computing device;
  
  authenticating the user for accessing content via the second computing device;
  
  receiving the images of the display screen and the periodic images of the user from the second computing device that the user is utilizing for accessing the content;
  
  receiving, after the user is authenticated, from the second computing device user inputs entered via a keyboard of the second computing device, the user inputs being entered while accessing the content, the images and the user inputs used to monitor digital and physical activities of the user and to establish a link between the digital and physical activities of the user;
  
  performing continuous authentication operations to validate an identification of the user based on the periodic images of the user, images of the display screen, and the user inputs;
  
  transmitting the user inputs with the received periodic images to a security server using an out of band channel to create audit data of the digital and physical activities of the user while accessing the second computing device; and
  
  when the authentication of the user or any one of the continuous authentication operations to validate the identification of the user fails, sending a message from the security computing device to the second computing device to disable the user from using the second computing device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The security computing device as recited in claim 1 further including:
    - non-volatile storage for use by the security computing device to store screen captures associated with the periodic images and the user inputs prior to transmitting to the security server.
  - 3. The security computing device as recited in claim 1, wherein the audit data binds the user inputs, the images of the user, and the images of the display screen.
  - 4. The security computing device as recited in claim 1 further including:
    - a touchscreen display, wherein the processor is defined for receiving a password from the user via the touchscreen display.
  - 5. The security computing device as recited in claim 1, wherein the connector is a Universal Serial Bus (USB) connector.
  - 6. The security computing device as recited in claim 1, wherein the connector is a wireless connector, wherein the connector is coupled to the second computing device when a wireless connection is established, wherein the wireless connection is one of Bluetooth, 802.11 WiFi, or an NFC connection.
  - 7. The security computing device as recited in claim 1, wherein the user inputs, images of the display screen and the periodic images of the user are correlated based on a time of capture of the user inputs, images of the display screen and the periodic images of the user.
  - 8. The security computing device as recited in claim 1, wherein the audit data is associated with one or more user policy violations, each user policy violation being searchable to enable review of the physical and digital activities of the user and actions taken that produced each user policy violation.

9. A method for securing a computer device, the method comprising:
- enabling communication between a security computing device and a second computing device, the security computing device having a processor, wherein the second computing device is configured to receive periodically images of a user from an image capture device coupled to the second computing device and images of a display screen associated with the second computing device;
  
  authenticating the user for accessing content via the second computing device, using the images of the user;
  
  determining that the user is accessing the second computing device;
  
  receiving, by the security computing device and after the user is authenticated, the images of the user and images of the display screen from the second computing device, and receiving from the second computing device user inputs entered via a keyboard of the second computing device, the user inputs being entered while accessing the content, the images and the user inputs used to monitor digital and physical activities of the user and to establish a link between the digital and physical activities of the user;
  
  performing, by the security computing device, continuous authentication operations to validate an identification of the user based on the images of the user, images of the display screen and the user inputs;
  
  transmitting, by the security computing device, the user inputs with the received images of the user and of the display screen to a security server using an out of band channel to create audit data of digital and physical activities of the user while accessing the second computing device; and
  
  when the authentication of the user or any one of the continuous authentication operations fails, sending a message from the security computing device to the second computing device to disable the user from using the second computing device.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The method as recited in claim 9, wherein performing continuous authentication operations further includes:
    - detecting a second user in one of the images; and
      
      disabling the second computing device in response to the detecting of the second user.
  - 11. The method as recited in claim 9, wherein performing continuous authentication operations further includes:
    - detecting in one of the images that the user is looking away from the display screen coupled to the second computing device; and
      
      disabling the second computing device in response to the detecting of the user looking away.
  - 12. The method as recited in claim 9 further including:
    - detecting an operation in the second computing device to store data in an external non-volatile storage device; and
      
      creating a security alarm by the security computing device in response to the detecting.
  - 13. The method as recited in claim 9, further including:
    - storing the user inputs in non-volatile storage of the security computing device; and
      
      transmitting the images of the user and of the display screen with the associated user inputs to a security server.
  - 14. The method as recited in claim 9, wherein the audit data is associated with one or more user policy violations, each user policy violation being searchable to enable review of the physical and digital activities of the user and actions taken that produced each policy violation.
  - 15. The method of claim 9, wherein continuous authentication is performed on the user based on a mode of operation selected by the user at the second computing device, wherein the mode of operation is selectable anytime the user is accessing the second computing device.
  - 16. The method of claim 15, wherein when the mode of operation identifies a private mode, discontinuing authentication operations for validating the identification of the user, andwhen the mode of operation is switched to a public mode, resuming continuous authentication operations for validating the identification of the user.

17. A computer program embedded in a non-transitory computer-readable storage medium for securing a computer device, the computer program comprising:
- program instructions for enabling communication between a security computing device and a second computing device, the security computing device having a processor, wherein the second computing device is configured to receive periodically images of a user from an image capture device coupled to the second computing device and images of a display screen associated with the second computing device;
  
  program instructions for authenticating the user for accessing content via the second computing device, using images of the user;
  
  program instructions for receiving, by the security computing device, the images of the user and images of the display screen from the second computing device that the user is utilizing for accessing the content;
  
  program instructions for receiving, by the security computing device and after the user is authenticated, from the second computing device user inputs entered via a keyboard of the second computing device, the user inputs being entered while accessing the content, the images and the user inputs used to monitor digital and physical activities of the user and to establish a link between the digital and physical activities of the user;
  
  program instructions for performing, by the security computing device, continuous authentication operations to validate an identification of the user based on the images of the user, images of the display screen, and the user inputs;
  
  program instructions for transmitting, by the security computing device, the user inputs with the received images of the user and of the display screen to a security server using an out of band channel to create audit data of digital and physical activities of the user while accessing the second computing device; and
  
  program instructions for, when the authentication of the user or any one of the continuous authentication operations fails, sending a message from the security computing device to the second computing device to disable the user from using the second computing device.
- View Dependent Claims (18, 19)
- - 18. The computer program as recited in claim 17, wherein the security computing device further includes non-volatile storage, the computer program further includes program instructions to store the images of the user in the non-volatile storage with images of the display screen and the user inputs prior to transmitting to the security server.
  - 19. The computer program as recited in claim 18, wherein the audit data binds the user inputs, the images of the user, and the images of the display screen.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NSS Lab Works LLC
Original Assignee
NSS Lab Works LLC
Inventors
Sambamurthy, Namakkal S., Krishnan, Parthasarathy
Primary Examiner(s)
Jamshidi, Ghodrat

Application Number

US13/844,358
Publication Number

US 20140283016A1
Time in Patent Office

1,747 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/31   User authentication

G06F 21/32   using biometric data, e.g. ...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2153   Using hardware token as a s...

H04L 63/0853   using an additional device,...

H04L 63/0861   using biometrical features,...

H04W 12/065   Continuous authentication

H04W 12/068   using credential vaults, e....

H04W 12/069   using certificates or pre-s...

H04W 12/65   Environment-dependent, e.g....

Security device, methods, and systems for continuous authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Security device, methods, and systems for continuous authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links