The electronic commerce industry has a need to provide authentication of users before providing access to the processing capabilities of a computer or before performing electronic interactions while logged onto the computer. Prior to allowing access to computer resources, the computer needs to determine when a user which is attempting to gain access is an authorized user. Additionally, when transacting business over the Internet, authenticating the identity of a user is important when money and valuable data are transferred. Regardless of the activity, it is desirable to allow only authorized users to perform operations on a secure computer system.
Prior to the availability of electronic tokens, typical systems used simple passwords to authenticate a user and to allow access to a computer. The password method of providing access control has been found to be inadequate when protecting business data having valuable data stored on the computer. Simple passwords may be discovered and improperly used. When passwords are transmitted over a network, they may be intercepted and used for unauthorized purposes. Many businesses use a one-time pass code which changes every few seconds to determine access to computer systems. For even greater security, smart cards which contain certified account numbers which are difficult to counterfeit are used
A smart card is a plastic card that holds electronic tokens (e.g., digital signatures, user identification and information, encryption and decryption keys, security tokens, biometrics information) which are read into a computer via a card reader. Smart cards typically contain large coded messages which are difficult to counterfeit.
Additionally, information describing users may be stored as electronic tokens on cards. An electronic token may be used in a procedure for granting access to a user of a computer system via an access control program. A computer system grants access to the user when the user is identified as an authorized user of the system, and denies access to the user when the user fails to be identified as an authorized user of the system.
In another aspect of computing, systems exist to facilitate remote control of and access to a computer by an operator at a remote station. Such systems typically use a device or mechanism that enables an operator at a remote station to control aspects of a so-called target (or local) computer. More particularly, such systems typically allow a remote station to provide mouse and keyboard input to the target computer and further allow the remote station to view the video display output of the target computer. These types of systems are typically called keyboard-video-mouse (KVM) systems.
Remote KVM systems allow a user to interact with a computer anywhere in the world via the keyboard, mouse, and video, as if they were seated right next to the computer. In addition to virtualization of the keyboard, mouse and video, storage media such as CD/DVD-ROMs, flash drives, and floppy disks have also been virtualized. A user can provide access to data on a disk to a server anywhere in the world.
As the need for computer security increases, more and more users use smart cards to authorize and authenticate their access to computer systems and programs. Conventional systems provide special software installed and running on the target computer to interact with a remote smart card reader through a network connection. However, this software running on the target must be specifically tailored, requires greater overhead and infrastructure, and provides less flexibility.
Conventional USB-over-IP systems allow a user to use a USB device in one location while it is virtualized from a PC in another location. These products, however, also require special software be installed on both the local PC and the remote PC. Installing software on the client PC may be acceptable, but installing it on the target PC is typically not as it may violate the security of the computer to be accessed.
The target computer does not typically have a physical USB connection to the smart card reader without the installation of software on the target computer. Accordingly, there is a desire for a system that provides virtualization of smart card use while not requiring special software to do so.