1. Field of the Invention
The invention relates generally to user logon and authentication within a computer system. More specifically, the invention relates to user logon and logoff with multiple, and dynamic, authentication levels.
2. Description of the Related Art
Many applications, including web applications, require a user to authenticate themselves, or “sign on”, before being able to access the application. Signing on to an application can be used to confirm a user's identity and/or authorization to access an application, thereby preventing any unauthorized access.
Applications use different types of authentication systems, even though they have the same goal of confirming a user's identify and authorization. These different authentication systems may use a username and password, challenge questions, one time known passwords, biometric, smartcards, or a variety of other known methods. Applications also have different requirements for the level of authentication required. Applications dealing with sensitive data, like bank account information, may require a stronger form of authentication (e.g. fingerprint) for access. In contrast, applications dealing with less sensitive data, like email, may only require a user name and password.
The above differences in applications between types and levels of authentication needed, can be difficult for a user to deal with, especially when the user desires to access a large number of applications. The user may be required to deal with many different types and levels of authentication. These requirements can be a burden for the user to comply with. The user may also be required to remember a large number of passwords or other authentication information in order to access the different systems.
Many applications, including web applications, also provide the ability to “sign off” or logoff an application. This can allow the application to free any resources being allocated to the user, and it allows the user to indicate they no longer desire to access the application. In order to access the application again, a user would need to re-authenticate themselves.
What is needed is a way for users to access many different applications with different types and levels of authentication in a simple and transparent manner.