The use of user authentication, identification and data interfacing protocols which regulate the flow of data communication between two systems, has long been known in the art. Presently, user authentication, identification and data interfacing protocols are in widespread use for accessing nearly all types of systems ranging from stand-alone personal computers to sophisticated networked supercomputers. As a result, user authentication, identification and data interfacing form an integral part of accessing most computer-based systems in use today.
These user authentication, identification and data interfacing protocols have been developed in a wide variety of electronic manufacturing and software design configurations, depending upon the intended need at the implementation site. Generally, the existing user authentication, identification and data interfacing protocols require a user to enter a username and password at a computer terminal connected to a computer network in order to gain access to the network. The network computer then verifies the validity of the entered data by checking it against stored data prior to granting access to the network.
While an effective approach for obtaining user authentication and identification, the foregoing access method is not without shortcomings. One shortcoming of this approach is its susceptibility to unwanted outside intrusions which compromise the security of the system. Currently, a user's request for access to the system is generally accomplished by a user entering their username and password into the system via a keyboard. This allows for an outside observer to perceive the user's actions, such as the keys typed on the keyboard, in determining the user's access code for subsequent unauthorized access to the user's account. Another shortcoming is the requirement for a user to enter a username and password into a computer terminal each time the user tries to access the system via a different terminal. For example, in the environment of a computer-networked medical care setting, a doctor may access an account containing medical data and patient's profiles from any of the networked computer terminals located in the medical care setting such as those in their office or the operating room, but is required to enter a username and password with each separate access such as those from the same or a different terminal. This increases the risk of an onlooker being able to determine the doctor's access code. In addition, the requirement to enter a username and password at each different terminal can be quite cumbersome to a doctor who must readily remember the username and password and make no typographical errors in entering them into the system, resulting in an inefficient use of the doctor's time. Physical contact with a keyboard also requires the use of the hands which may be otherwise occupied, thus adding to the difficulty of accessing the system. Also, in some ultra-clean environments, such as a medical care setting where a surgeon's hands may be sterilized particularly during or in preparation for a surgery, the requirement to make physical contact with a keyboard may detract from the sterility of a surgeon's hand. In addition, most systems in use today also require that the user log off from the system in order to terminate a session. This also increases the risk of unauthorized access to the account when an already accessed terminal is left unattended and logged in. The requirement to log off can be inefficient and cumbersome.
Other systems in use today may automatically log the user off after a terminal is left unattended for a predetermined period of time. These systems rely on the lack of the user-activity on the terminal as a means to determine whether a user has completed usage of the terminal. The shortcoming of this approach is that the preset time may be still prove to be too long in some cases and too short in others, thus allowing for interim unauthorized access or annoying the user with the repeated need to re-log in. Unauthorized users may also prevent the automatic log off simply by making inputs periodically since the computer has no way of distinguishing whether an entry is made by an authorized user or an unauthorized one once the session is started
The present invention therefore introduces a system to increase the overall security associated with computer access while reducing the amount of operational burdens placed on users of such a computer.