In computer networks, access control has long been of primary concern. Solutions to this problem fall into one of at least two, sometimes overlapping, categories: protecting access to content stored in the network, and protecting access to the terminals and/or computers themselves.
Among the solutions in the first category—protecting access to content—are:                access rights for files on the network, i.e. a certain user may be allowed access to some files, but not others; and        encrypted files to avoid hacking.        
The invention, however, is directed to the second category—protecting access to the computers—in which some prior art solutions are:                demanding a password for a user to be able to access the computer;        smart card readers that require the presence of a smart card for the user to access the computer;        biometric security, such as for example demanding that the user identify himself through a fingerprint. One such solution is the DEFCON™ Fingerprint Authenticator™ that is connected to a USB (Universal Serial Bus) and is used instead of a password; and        DeviceLock® enables the administrator to decide which interfaces—for example USB ports, Bluetooth adapters, and CD-ROM drives—that can be used by a user.        
The prior art solutions do have some inherent problems. Passwords are often written down so that the user will not forget them, or easily guessed, such as the name of the user's pet or child. In addition, it is frequent that a user forgets to lock the computer, for example when getting print-outs. This leaves the way open for persons who should not have access to the computer, at least as that particular user.
Smart card readers suffer one of the problems of passwords, to wit: a user often tends not to remove his smart card when for example getting print-outs. This too leaves the way open for persons who should not have access to the computer, at least as that particular user.
Biometric solutions also suffer from this problem. In the fingerprint example, the user shows that he has the correct fingerprint, but he is not obliged to keep his finger on the detector. As before, this too leaves the way open for persons who should not have access to the computer, at least as that particular user.
While DeviceLock® does protect interfaces, it still suffers from the problem that access is given for a certain user, even though that user may not actually be present, owing for example to a visit to the printer where he can be forced to spend quite some time in case of printer malfunction, lack of paper or toner, and so on.
It can therefore be appreciated that there is a need for a flexible solution that enables access control, particularly to interfaces, that overcomes problems of the prior art. This invention provides such a solution.