System for and method of managing access to a system using combinations of user information

US 20070107051A1
Filed: 03/03/2006
Published: 05/10/2007
Est. Priority Date: 03/04/2005
Status: Active Grant

First Claim

Patent Images

1. A method of controlling access to a system comprising:

a. performing a test that includes comparing multiple input responses to multiple randomly selected questions with multiple corresponding pre-determined responses to the multiple questions; and

b. granting access to the system in the event the test is passed.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention is directed to systems for and methods of controlling access to computer systems. A method in accordance with the present invention comprises performing a test that includes comparing input responses to randomly selected questions with corresponding pre-determined responses to the questions and granting access to the system in the event the test is passed. A first condition of passing the test is that each input response matches a corresponding pre-determined response. Once passing the test, the user is granted permissions to access data based on his position. For example, a corporate director generally has greater permissions than an engineer. Preferably, the user'"'"'s permissions determine an encryption key and a decryption key that the user is able to use to access protected data.

Citations

35 Claims

1. A method of controlling access to a system comprising:
- a. performing a test that includes comparing multiple input responses to multiple randomly selected questions with multiple corresponding pre-determined responses to the multiple questions; and
  
  b. granting access to the system in the event the test is passed.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, wherein a first condition of passing the test is that each input response from the multiple input responses matches a corresponding one of the multiple pre-determined responses.
  - 3. The method of claim 2, wherein a pre-determined response from the multiple pre-determined responses is a pre-determined correct answer that corresponds to a question from the multiple questions.
  - 4. The method of claim 2, wherein a pre-determined response from the multiple pre-determined responses is a pre-determined incorrect answer that corresponds to a question from the multiple questions.
  - 5. The method of claim 1, further comprising presenting the multiple questions sequentially.
  - 6. The method of claim 1, further comprising presenting the multiple questions concurrently.
  - 7. The method of claim 2, wherein a second condition of passing the test is entering the multiple input responses into the system in a pre-determined sequence.
  - 8. The method of claim 1, further comprising presenting questions and candidate responses in a multiple choice format.
  - 9. The method of claim 1, wherein a first condition of passing the test is selecting a pre-determined question from the multiple questions and providing a corresponding response to the question from the multiple corresponding pre-determined responses.
  - 10. The method of claim 9, wherein the test is failed by selecting a question from the multiple questions for which there is no corresponding pre-determined response.
  - 11. The method of claim 8, further comprising presenting candidate responses that include both correct and incorrect answers to the multiple questions.
  - 12. The method of claim 1, wherein granting access to the system comprises decrypting information on the system using a decryption key.
  - 13. The method of claim 1, further comprising selecting a question from the multiple questions for presentation based on a time that the question was last displayed.
  - 14. The method of claim 1, further comprising selecting a question from the multiple questions for presentation based on a number of times the question was displayed within a pre-determined time period.

15. A method of controlling access to a system comprising:
- a. selecting a combination of questions for presentation to a user;
  
  b. determining a classification of the user on the system; and
  
  c. granting access to an area of the system based on both responses to the combination of questions and the classification.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24)
- - 16. The method of claim 15, wherein the classification corresponds to a membership of the user in one or more of a corporation, a division, a department, a group, and a project.
  - 17. The method of claim 15, wherein the area of the system corresponds to any one or more of a disk partition, a file system, a portion of a database, a directory, an electronic folder, an electronic file, and a data object.
  - 18. The method of claim 15, wherein the combination of questions is randomly selected.
  - 19. The method of claim 18, further comprising displaying the combination of questions using a user interface protocol.
  - 20. The method of claim 19, wherein the user interface protocol comprises displaying candidate responses to the questions as multiple choices.
  - 21. The method of claim 15, further comprising:
    - a. encrypting a response input by the user using an encryption key to generate an encrypted input response; and
      
      b. granting access to the system in the event that the encrypted input response matches a corresponding encrypted system response.
  - 22. The method of claim 21, wherein granting access to the system comprises decrypting the area of the system using a decryption key corresponding to the encryption key.
  - 23. The method of claim 15, wherein granting access to the area comprises determining permissions to the area corresponding to the classification.
  - 24. The method of claim 15, wherein the classification has a hierarchical structure that corresponds to an organizational structure of an entity.

25. A module for controlling access to a system comprising:
- a. means for randomly selecting a combination of questions; and
  
  b. means for granting access to the system in the event multiple user responses to the questions match corresponding multiple system responses to the questions.
- View Dependent Claims (26, 27, 28, 29)
- - 26. The module of claim 25, further comprising means for presenting the combination of questions.
  - 27. The module of claim 26, wherein the means for presenting displays the combination of questions sequentially.
  - 28. The module of claim 26, wherein the means for presenting displays the combination of questions concurrently.
  - 29. The module of claim 25, wherein the means for randomly selecting a combination of questions comprises a memory for storing information for tracking questions presented to a user.

30. A module for controlling access to a system comprising:
- a. a generator component for presenting a randomly selected combination of questions to a user; and
  
  b. a grant component for granting access to the system based on a classification of the user and responses of the user to the combination of questions.
- View Dependent Claims (31, 32)
- - 31. The module of claim 30, wherein the classification of the user corresponds to any one or more of a corporation identifier, a division identifier, a business identifier, a department identifier, a group identifier, and a user identifier.
  - 32. The module of claim 30, wherein granting access to the system comprises granting access to one of an encryption key, a decryption key, or both, for accessing data on the system.

33. A network of devices comprising:
- a. one or more user devices; and
  
  b. an access control module for granting access to protected data to multiple users using the user devices, wherein each user from the multiple users is granted access based on a position of the user in an organization and on multiple responses of the user to a combination of randomly selected questions.
- View Dependent Claims (34, 35)
- - 34. The network of devices of claim 33, wherein the protected data comprises any one or more of an encrypted disk partition, file system, portion of a database, directory, electronic folder, file, and data object.
  - 35. The network of claim 33, wherein the position of a user corresponds to a membership of a user in any one of a corporate unit, a division, a business unit, a department, a group, and a team.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Encrypthentica Limited
Original Assignee
Encrypthentica Limited
Inventors
Carter, Ernst

Granted Patent

US 8,219,823 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/21
CPC Class Codes

G06F 21/31 User authentication

G06F 21/6218 to a system of files or obj...

System for and method of managing access to a system using combinations of user information

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

35 Claims

Specification

Solutions

Use Cases

Quick Links

System for and method of managing access to a system using combinations of user information

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

35 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links