Method and apparatus for facilitating multi-level computer system authentication
First Claim
Patent Images
1. A method for authenticating a user at a computer system comprising:
- associating one or more authentication profiles prioritized in a priority order with the user at the computer system, wherein each authentication profile specifies authentication criteria and a set of privileges, and wherein a high priority authentication profile is associated with stricter authentication criteria and more privileges than a low priority authentication profile;
in response to a user login request, checking one or more authentication profiles in the priority order to determine whether all the authentication criteria corresponding to an authentication profile are satisfied;
if so, logging the user into the computer system granting the set of privileges specified in the authentication profile;
if not, preventing the user from logging into the computer system.
1 Assignment
0 Petitions
Accused Products
Abstract
One embodiment of the present invention provides a system that facilitates authenticating a user at a computer system. During operation, the system creates an authentication profile and assigns the authentication profile to a user, wherein the authentication profile specifies authentication criteria. Next, the computer system receives a login request from the user, and in responding to the login request, the computer system checks if the authentication criteria in the authentication profile are satisfied. If so, the system allows the user to login. If not, the user is prevented from logging into the computer system.
15 Citations
17 Claims
-
1. A method for authenticating a user at a computer system comprising:
-
associating one or more authentication profiles prioritized in a priority order with the user at the computer system, wherein each authentication profile specifies authentication criteria and a set of privileges, and wherein a high priority authentication profile is associated with stricter authentication criteria and more privileges than a low priority authentication profile; in response to a user login request, checking one or more authentication profiles in the priority order to determine whether all the authentication criteria corresponding to an authentication profile are satisfied; if so, logging the user into the computer system granting the set of privileges specified in the authentication profile; if not, preventing the user from logging into the computer system. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method for authenticating a user at a computer system, the method comprising:
-
associating one or more authentication profiles prioritized in a priority order with the user at the computer system, wherein each authentication profile specifies authentication criteria and a set of privileges, and wherein a high priority authentication profile is associated with stricter authentication criteria and more privileges than a low priority authentication profile; in response to a user login request, checking one or more authentication profiles in the priority order to determine whether all the authentication criteria corresponding to an authentication profile are satisfied; if so, logging the user into the computer system granting the set of privileges specified in the authentication profile; if not, preventing the user from logging into the computer system. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. An apparatus that authenticates a user at a computer system comprising:
-
An associating mechanism configured to associate one or more authentication profiles to the with the user, wherein each authentication profile specifies authentication criteria and a set of privileges; an ordering mechanism configured to determine a priority order for the authentication profiles assigned to the user, wherein a high priority authentication profile is associated with stricter authentication criteria and more privileges than a low priority authentication profile; a checking mechanism configured to check the authentication profiles in the priority order to determine whether all authentication criteria corresponding to an authentication profile are satisfied in response to a user login request; a login mechanism, wherein, if the authentication criteria are satisfied, the login mechanism is configured to log the user into the computer system granting the set of privileges specified in the authentication profile; and wherein, if the authentication criteria are not satisfied, the login mechanism is further configured to prevent the user from logging into the computer system.
-
Specification