Method and apparatus for remotely administered authentication and access control

Assignee

• Sun Microsystems Inc. · US

Inventors

• Benjamin H. Stoltz · Mountain View, US
• James G. Hanko · Redwood City, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/0861
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Authentication and session management can be used with a system architecture that partitions functionality between a human interface device (HID) and a computational service provider such as a server. An authentication manager executing on a server interacts with the HID to validate the user when the user connects to the system via the HID. The authentication manager interacts with authentication modules. Each authentication module may be configured to authenticate a user based on a different authentication mechanism (e.g., using a smart card, using a login and password, using biometric data, etc.) and may be utilized in connection with one or more sessions. The authentication manager and authentication modules are also responsible for controlling access to services/sessions and may remove/revoke or augment such access. A session manager executing on a server manages services running on computers providing computational services (e.g., programs) on behalf of the user. The session manager notifies each service in a session that the user is attached to the system using a given desktop machine. A service can direct display output to the HID while the user is attached to the system. Wh…