One approach to the design and implementation of computer networks, particularly with regard to the development of client/server applications, includes designing client applications and client devices so that the majority of the heavily used resources are at a remote computing device, such as a centralized server, connected via a network. These client devices generally have minimal memory, disk storage, and processor power, but are designed under the premise that most users connected to a powerful server do not need the additional processing power. With these client devices, the total cost of ownership is minimized, because of the reduced resources and because the clients can be centrally administered and updated from the server.
In practice, because a server allows a user logging from a remote client device to access applications on the server, a user is required to establish his identity through an authentication mechanism. Well-known authentication mechanisms may include username/password combination, verification of biometric characteristic of the user (fingerprint, retina scan, etc.), removable security modules such as dongles and smartcards, radio frequency identification (RFID) tags, and others.
These authentication techniques suffer from drawbacks that they may be cumbersome, may be perceived by some users as being intrusive (biometric scans) or may be expensive to implement because they require special sensors, software and/or hardware. Furthermore, these authentications may limit portability of a remote desktop session from one client device to another. A better method for authentication and portability of a remote session is needed.