System and method for authenticating users in a computer network
First Claim
Patent Images
1. A computer-implemented method of controlling access to a computer resource in a computer environment, comprising:
- assigning by an authentication server a first order of precedence as between at least first and second authentication rules for a first set of conditions pertaining to a user desiring access the resource;
assigning by the authentication server a second order of precedence as between at least the first and second authentication rules for a second set of conditions pertaining to the user desiring access the resource;
based on the presence of the first or second set of conditions, assigning-one of the first order of precedence and second order of precedence to the first authentication rule and assigning the other of the first order of precedence and second order of precedence to the second authentication rule; and
enabling the user to attempt authentication to the authentication server in accordance with at least one of the authentication rules applied in the assigned orders of precedence, and accordingly access to the resource if the conditions of at least one of the authentication rules is satisfied.
10 Assignments
0 Petitions
Accused Products
Abstract
A rule based biometric user authentication method and system in a computer network environment is provided. Multiple authentication rules can exist in the computer network. For example, there may be a default system-wide rule, and a rule associated with a particular user trying to log in. There may be other rules such as one associated with a remote computer from which the user is logging in, one associated with a group to which the user belongs, or one associated with a system resource to which the user requires access such as an application program or a database of confidential information. An order of precedence among the rules is then established which is used to authenticate the user.
55 Citations
8 Claims
-
1. A computer-implemented method of controlling access to a computer resource in a computer environment, comprising:
-
assigning by an authentication server a first order of precedence as between at least first and second authentication rules for a first set of conditions pertaining to a user desiring access the resource; assigning by the authentication server a second order of precedence as between at least the first and second authentication rules for a second set of conditions pertaining to the user desiring access the resource; based on the presence of the first or second set of conditions, assigning-one of the first order of precedence and second order of precedence to the first authentication rule and assigning the other of the first order of precedence and second order of precedence to the second authentication rule; and enabling the user to attempt authentication to the authentication server in accordance with at least one of the authentication rules applied in the assigned orders of precedence, and accordingly access to the resource if the conditions of at least one of the authentication rules is satisfied. - View Dependent Claims (2, 3, 4)
-
-
5. A computer-implemented method of controlling access to a computer resource in a computer environment, comprising:
-
assigning by an authentication server a first order of precedence as between a first plurality of authentication rules for a first set of conditions pertaining to a user desiring access the resource; assigning by the authentication server a second order of precedence as between a second plurality of authentication rules for a second set of conditions pertaining to the user desiring access to the resource; based on the presence of the first or second set of conditions, assigning one of the first order of precedence and second order of precedence to the first plurality of authentication rules and assigning the other of the first order of precedence and second order of precedence to the second plurality of authentication rules; and enabling the user to attempt authentication to the authentication server in accordance with at least one of the pluralities of authentication rules applied in the assigned orders of precedence, and accordingly access to the resource if the conditions of at least one of the pluralities of authentication rules is satisfied. - View Dependent Claims (6, 7, 8)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeImprivata Incorporated, SAFLINK Corp.
-
Original AssigneeImprivata Incorporated
-
InventorsBrown, Timothy J., Jensen, Gregory C., Rivers, Rodney, Nelson, Dan
-
Primary Examiner(s)MOORTHY, ARAVIND K
-
Application NumberUS11/199,432Publication NumberTime in Patent Office2,458 DaysField of Search726/1, 726 4- 6, 726/17, 726/26, 713/166, 713/168, 713/170, 713/182, 713/186US Class Current713/168CPC Class CodesG06F 21/32 using biometric data, e.g. ...G06Q 20/3672 initialising or reloading t...G06Q 20/3821 Electronic credentialsH04L 63/0861 using biometrical features,...
