Method and system for user authorization over a multi-user computer system
March 20, 2016. Estimated Expiration Date is calculated based on simple USPTO term provisions. It does not account for terminal disclaimers, term adjustments, failure to pay maintenance fees, or other factors which might affect the term of a patent.Patent References Re34954 Key distribution method Cryptographic communication method and cryptographic communication device Key distribution system for distributing a cipher key between two subsystems by one-way communication Designated mail delivery system Method for generating a password using public key cryptography System and method for access control for portable data storage media Secure communication setup method Security system for preventing unauthorized communications between networks by translating communications received in ip protocol to non-ip protocol to remove address and routing services information System and method for centralized session key distribution, privacy enhanced messaging and information distribution using a split private key public cryptosystem InventorsApplicationNo. 619892 filed on 03/20/1996US Classes:707/9Privileged accessExaminersPrimary: Beausoliel, Robert W. Jr.Assistant: Baderman, Scott Attorney, Agent or FirmInternational ClassG06F 011/00AbstractA method and system for performing user authorization in a multi-user computer system. The novel method has particular application to the multi-user internet protocol. Within the system, an application contains a list of registered users. For each registered user, the application stores a user identification, an email (electronic mail) address, and a database containing each authorized IP address for that user. When a user requests access to the application over the multi-user system, the application requires the user to input a user identification value and, simultaneously, the application accesses the user's current IP address (e.g., the user's internet domain address) over the multi-user system. The application attempts to validate the user identification, and if valid, the application examines its database to determine if the user is authorized for its current IP address. If so, access is permitted. If the user identification is valid but the current IP address is not authorized, the application determines a validation key ("key") based on the user identification and the current IP address. The pseudo unique key is then forwarded via the email protocol to the user's known email address. The user then is required to enter that key into the application to authorized the current IP address. Security is provided because (1) given a user identification, which can be stolen, the unauthorized user also needs to access the application using an authorized IP address and (2) email is used to transmit the keys to the user to a known user email address.Other References
| |
