Computer access security

US 7,779,452 B2
Filed: 04/05/2005
Issued: 08/17/2010
Est. Priority Date: 04/05/2005
Status: Expired due to Fees

First Claim

Patent Images

1. A method for improved computer access security, the method comprising:

modifying an access record, having a password embedded therein, by removing said password from said access record, thereby preventing said access record from which said password was removed from being used to allow access to a computer, wherein said access record is stored within a file, and wherein said modifying is performed upon said access record within said file;

creating within said file an alternate record corresponding to said access record, wherein said alternate record is separate from said access record;

enabling password access to said computer via said alternate record;

embedding within said alternate record an indicator indicating an access level embedded within said access record; and

embedding within said alternate record the name of a supplemental security program to be executed once a correct password for said alternate record is provided.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method is provided for improved computer access security, the method including protecting an access record to prevent password access to a computer via the access record, creating an alternate access record corresponding to the protected record, enabling password access to the computer via the alternate record, providing the alternate record with the access level of the protected record, and configuring the alternate record to indicate a supplemental security program to be executed once a correct password for the alternate record is provided.

12 Citations

View as Search Results

11 Claims

1. A method for improved computer access security, the method comprising:
- modifying an access record, having a password embedded therein, by removing said password from said access record, thereby preventing said access record from which said password was removed from being used to allow access to a computer, wherein said access record is stored within a file, and wherein said modifying is performed upon said access record within said file;
  
  creating within said file an alternate record corresponding to said access record, wherein said alternate record is separate from said access record;
  
  enabling password access to said computer via said alternate record;
  
  embedding within said alternate record an indicator indicating an access level embedded within said access record; and
  
  embedding within said alternate record the name of a supplemental security program to be executed once a correct password for said alternate record is provided.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. A method according to claim 1 and further comprising executing a shell program indicated by said modified record subsequent to said supplemental security program allowing access to said computer.
  - 3. A method according to claim 1 wherein said modifying step comprises modifying said access record of said computer running the UNIX operating system.
  - 4. A method according to claim 3 wherein said modifying step comprises modifying a root directory access record.
  - 5. A method according to claim 3 wherein said modifying step comprises modifying said access record in a /etc/passwd file.
  - 6. A method according to claim 5 wherein said modifying step comprises replacing said password of said access record with an entry indicating that password access is not allowed for said access record.
  - 7. A method according to claim 5 wherein said creating step comprises creating said alternate record in said /etc/passwd file.
  - 8. A method according to claim 4 wherein said step of embedding within said alternate record said indicator indicating said access level comprises assigning said alternate record with a UID=0.
  - 9. A method according to claim 1 wherein said step of embedding within said alternate record said name of said supplemental security program comprises configuring said supplemental security program to execute a one-time-password protocol.
  - 10. A method according to claim 1 wherein said step of embedding within said alternate record said name of said supplemental security program comprises configuring said supplemental security program to execute a challenge/response protocol.

11. A method for improved computer access security, the method comprising:
- determining that a first access record stored in a file includes an indicator indicating that the use of said first access record is to be prevented when determining whether a password received in connection with a request to access a computer is valid;
  
  determining whether said password is valid using a second access record corresponding to said first access record, said second access record being stored in said file, said second access record being separate from said first access record, said second access record including an indicator embedded within said second access record and indicating a supplemental security program to be executed when said password is determined to be valid;
  
  executing, if said password is valid, said supplemental security program indicated by said second access record; and
  
  granting said request to access said computer if said supplemental security program approves said access request.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Goldberg, Itzhack
Primary Examiner(s)
Kim; Jung
Assistant Examiner(s)
Okeke; Izunna

Application Number

US11/099,086
Publication Number

US 20060236118A1
Time in Patent Office

1,960 Days
Field of Search

726/4, 726/1, 726/3, 713/185, 713/161, 713/168, 713/152, 713/165
US Class Current

726/4
CPC Class Codes

G06F 21/31 User authentication

Computer access security

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

12 Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Computer access security

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

12 Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links