Title of Invention	CONTROLLING ACCESS BETWEEN A COMPUTER AND A COMMUNICATION NETWORK
Abstract	The present invention relates to a device and method for increasing the security for a computer (100) or server adapted for communication with a communication network (120), for example the Internet. The method for automatically controlling access between the computer and the communication network is arranged so that the access is dependent on user activity. The user activity is determined by monitoring (200, 205, 210, 220) signal activity between the computer and at least one input/output device (105, 112, 110, 114, 111, 115) adapted for communication with the computer (100), and the user activity being defined as detection of signal activity between the computer and the input/output device. Access to the communication network is only allowed if user activity is occurring or has occurred in a predetermined time period (tw).

Title of Invention

CONTROLLING ACCESS BETWEEN A COMPUTER AND A COMMUNICATION NETWORK

Abstract

The present invention relates to a device and method for increasing the security for a computer (100) or server adapted for communication with a communication network (120), for example the Internet. The method for automatically controlling access between the computer and the communication network is arranged so that the access is dependent on user activity. The user activity is determined by monitoring (200, 205, 210, 220) signal activity between the computer and at least one input/output device (105, 112, 110, 114, 111, 115) adapted for communication with the computer (100), and the user activity being defined as detection of signal activity between the computer and the input/output device. Access to the communication network is only allowed if user activity is occurring or has occurred in a predetermined time period (tw).

Full Text	We Claim: 1. A method for automatically controlling access between a computer (100) and a communication network (120) wherein user activity is monitored through means for detecting user activity (160, 161), the method characterized by: a first monitoring mode (200) prohibiting access between the computer and the communication network, and a second monitoring mode (220) allowing access between the computer and the communication network, the first monitoring mode comprising the steps of: monitoring user activity (205); monitoring, if user activity has been detected, net related user activity (210); and changing, if both user activity and net related user activity have been detected, from the first monitoring mode to the second monitoring mode, and the second monitoring mode (220) comprising the steps of: monitoring net related user activity (225); and if no net related user activity is detected in a predefined period of time (tw) changing (230-235) to the first monitoring mode, and wherein said monitoring of user activity (205) comprises monitoring signal activity between the computer and at least one input/output device adapted for communication with the computer, and a detection of signal activity between the computer and the input/output device is an indication of user activity, and said monitoring of net related user activity (210/225) comprises monitoring signal activity between the computer and the communication network, and a detection of signal activity between the computer and the communication network is an indication of net related user activity. 2. A method as claimed in claim 1, wherein the changing of modes is initiated manually. 3. A method as claimed in any of claims 1 to 2, wherein the input/output devices includes at least one of the devices: keyboard (105), screen (112), mouse (110), camera (114), microphone (111), joystick, scanner or secure login devices (115). 4. A method as claimed in any of claims 1 to 3, wherein the input/output devices comprises at least one input/output device defined as main input/output device and at least one input/output device defined as secondary input/output device, and user activity is defined as signal activity between the computer and the at least one main input/output device. 5. A method as claimed in any of the claims 1 to 4, wherein the method comprises a private security mode (PSM) which is activated and deactivated by the user, wherein if PSM is activated access between the computer and the communication network is not allowable, the method comprising the steps, to be taken in the first monitoring mode, of: determining by the processing unit (165) if the PSM is activated (202); and if both user activity and net related user activity are detected and if PSM is not activated changing to the second monitoring mode (220); and the steps, to be taken in the second monitoring mode, of: determining by the processing unit (165) if the PSM activated (222); and if PSM is activated changing to the first monitoring mode not allowing access between the computer and the communication network. 6. A method as claimed in any of the claims 1 to 5, wherein the method comprises a step of: activating a quarantine mode (QM) (405) if least one attempt of unwanted access has been detected (405); and the steps, to be taken in the first monitoring mode, of: determining if the QM is activated (202); and if both user activity and net related user activity are detected and if QM is not activated changing to the second monitoring mode allowing access between the computer and the communication network. 7. A method as claimed in claim 5 or 6, wherein the method comprises the further steps, to be taken in the first monitoring mode of: determining if the PSM or the QM is activated (202); if no user activity is detected and if PSM or QM is not activated monitoring net activity (400), and if net activity is detected performing the steps of: activating the QM (405); and logging the detected net activity (410). 8. A communication network access controller (135) for increasing security of a computer (100) connected to a communication network (120) characterized by means for detecting user activity (160, 161) arranged to be connected to at least one input/output device and arranged to monitor the signal activity between the computer and the input/output device; means for detecting net related user activity (162, 164) arranged to be connected between the computer and the communication network (120) and arranged to monitor signal activity between the computer and the communication network (120); means for controlling access (165) between the computer and the communication network, which controlling access means is arranged to interact with user activity detecting means (160, 161) and the net related user activity detecting means (162, 164), the access controlling means (165) adapted to provide a first monitoring mode (200) of the communication network access controller (135) prohibiting access between the computer and the communication network, and a second monitoring mode (220) of the communication network access controller (135) allowing access between the computer and the communication network, and the access controlling means (165) arranged to, in the first monitoring mode (200), if the user activity detecting means (160, 161) detects user activity and the net related user activity detecting means (162, 164) subsequently detects net related user activity, set the communication network access controller (135) into the second monitoring mode, and in the second monitoring mode (220), if the net related user activity detecting means (162, 164) does not detect any net related user activity in a predefined period of time (t) set the communication network access controller (135) into the first monitoring mode (200). 9. A net access controller as claimed in claim 8, wherein the network access controller comprises switch means (175) connected to said access control means (165) and arranged to disconnect the computer from the communication network. 10. A net access controller as claimed in claim 9, wherein the network access controller comprises means for activating the switch means a predetermined period of time after user activity was detected. 11. A net access controller as claimed in claim 8, wherein the network access controller comprises power reduction means connected to said control means and arranged to block the computer from the communication network. 12. A net access controller as claimed in claim 11, wherein the network access controller comprises means for activating the power reduction means a predetermined period of time after user activity was detected. 13. A net access controller as claimed in any of claims 8 to 12, wherein the input/output device comprises at least one of or the devices: keyboard (105). screen (112), mouse (110), camera (114), microphone (111), joystick, scanner, or secure login devices (115). 14. A net access controller as claimed in any of claims 8 to 13, wherein the net access controller further comprises means for generating and storing a log (166) of attempts to access the communication network from the computer. 15. A net access controller as claimed in any of claims 8 to 14, wherein the net access controller further comprises means for generating and storing a log (166) of attempts to access the computer from the communication network. 16. A net access controller as claimed in any of claims 8 to 15. wherein the net access controller further comprises a communication module (185) for communication via a second communication network different from said communication network. 17. A net access controller as claimed in claim 16, wherein the second communication network is a wireless telephony system. 18. A system comprising a computer (100), at least one input/output device adapted for communication with the computer and a net access controller (135) as claimed in any of claims 8-17, which system is adapted for performing the steps of the method as claimed in any of claims 1 to 7.

Full Text

We Claim:
1. A method for automatically controlling access between a computer (100) and a
communication network (120) wherein user activity is monitored through means for
detecting user activity (160, 161), the method characterized by:
a first monitoring mode (200) prohibiting access between the computer and the communication network, and a second monitoring mode (220) allowing access between the computer and the communication network, the first monitoring mode comprising the steps of:
monitoring user activity (205);
monitoring, if user activity has been detected, net related user activity (210); and changing, if both user activity and net related user activity have been detected, from the first monitoring mode to the second monitoring mode, and the second monitoring mode (220) comprising the steps of: monitoring net related user activity (225); and
if no net related user activity is detected in a predefined period of time (tw) changing (230-235) to the first monitoring mode, and wherein said monitoring of user activity (205) comprises monitoring signal activity between the computer and at least one input/output device adapted for communication with the computer, and a detection of signal activity between the computer and the input/output device is an indication of user activity, and said monitoring of net related user activity (210/225) comprises monitoring signal activity between the computer and the communication network, and a detection of signal activity between the computer and the communication network is an indication of net related user activity.
2. A method as claimed in claim 1, wherein the changing of modes is initiated manually.
3. A method as claimed in any of claims 1 to 2, wherein the input/output devices includes at least one of the devices: keyboard (105), screen (112), mouse (110), camera (114), microphone (111), joystick, scanner or secure login devices (115).
4. A method as claimed in any of claims 1 to 3, wherein the input/output devices comprises at least one input/output device defined as main input/output device and at least one input/output device defined as secondary input/output device, and user activity is defined as signal activity between the computer and the at least one main input/output device.
5. A method as claimed in any of the claims 1 to 4, wherein the method comprises a private security mode (PSM) which is activated and deactivated by the user, wherein if PSM is activated access between the computer and the communication network is not allowable, the method comprising the steps, to be taken in the first monitoring mode, of:
determining by the processing unit (165) if the PSM is activated (202); and
if both user activity and net related user activity are detected and if PSM is not
activated changing to the second monitoring mode (220); and
the steps, to be taken in the second monitoring mode, of:
determining by the processing unit (165) if the PSM activated (222); and
if PSM is activated changing to the first monitoring mode not allowing access
between the computer and the communication network.
6. A method as claimed in any of the claims 1 to 5, wherein the method comprises a step
of:
activating a quarantine mode (QM) (405) if least one attempt of unwanted access has
been detected (405); and
the steps, to be taken in the first monitoring mode, of:
determining if the QM is activated (202); and
if both user activity and net related user activity are detected and if QM is not
activated changing to the second monitoring mode allowing access between the
computer and the communication network.
7. A method as claimed in claim 5 or 6, wherein the method comprises the further steps,
to be taken in the first monitoring mode of:
determining if the PSM or the QM is activated (202);
if no user activity is detected and if PSM or QM is not activated monitoring net
activity (400), and
if net activity is detected performing the steps of:
activating the QM (405); and
logging the detected net activity (410).
8. A communication network access controller (135) for increasing security of a computer (100) connected to a communication network (120) characterized by means for detecting user activity (160, 161) arranged to be connected to at least one input/output device and arranged to monitor the signal activity between the computer and the input/output device;
means for detecting net related user activity (162, 164) arranged to be connected between the computer and the communication network (120) and arranged to monitor signal activity between the computer and the communication network (120);
means for controlling access (165) between the computer and the communication network, which controlling access means is arranged to interact with user activity detecting means (160, 161) and the net related user activity detecting means (162, 164), the access controlling means (165) adapted to provide a first monitoring mode (200) of the communication network access controller (135) prohibiting access between the computer and the communication network, and a second monitoring mode (220) of the communication network access controller (135) allowing access between the computer and the communication network, and the access controlling means (165) arranged to, in the first monitoring mode (200), if the user activity detecting means (160, 161) detects user activity and the net related user activity detecting means (162, 164) subsequently detects net related user activity, set the communication network access controller (135) into the second monitoring mode, and
in the second monitoring mode (220), if the net related user activity detecting means (162, 164) does not detect any net related user activity in a predefined
period of time (t) set the communication network access controller (135) into the first monitoring mode (200).
9. A net access controller as claimed in claim 8, wherein the network access controller comprises switch means (175) connected to said access control means (165) and arranged to disconnect the computer from the communication network.
10. A net access controller as claimed in claim 9, wherein the network access controller comprises means for activating the switch means a predetermined period of time after user activity was detected.
11. A net access controller as claimed in claim 8, wherein the network access controller comprises power reduction means connected to said control means and arranged to block the computer from the communication network.
12. A net access controller as claimed in claim 11, wherein the network access controller comprises means for activating the power reduction means a predetermined period of time after user activity was detected.
13. A net access controller as claimed in any of claims 8 to 12, wherein the input/output device comprises at least one of or the devices: keyboard (105). screen (112), mouse (110), camera (114), microphone (111), joystick, scanner, or secure login devices (115).
14. A net access controller as claimed in any of claims 8 to 13, wherein the net access controller further comprises means for generating and storing a log (166) of attempts to access the communication network from the computer.
15. A net access controller as claimed in any of claims 8 to 14, wherein the net access controller further comprises means for generating and storing a log (166) of attempts to access the computer from the communication network.
16. A net access controller as claimed in any of claims 8 to 15. wherein the net access controller further comprises a communication module (185) for communication via a second communication network different from said communication network.
17. A net access controller as claimed in claim 16, wherein the second communication network is a wireless telephony system.
18. A system comprising a computer (100), at least one input/output device adapted for communication with the computer and a net access controller (135) as claimed in any of claims 8-17, which system is adapted for performing the steps of the method as claimed in any of claims 1 to 7.

Documents:

3264-DELNP-2004-Abstract-(10-02-2012).pdf

3264-delnp-2004-abstract.pdf

3264-DELNP-2004-Claims-(10-02-2012).pdf

3264-delnp-2004-claims.pdf

3264-DELNP-2004-Correspondence Others-(10-01-2012).pdf

3264-DELNP-2004-Correspondence Others-(10-02-2012).pdf

3264-delnp-2004-Correspondence Others-(21-01-2013).pdf

3264-delnp-2004-correspondence-others.pdf

3264-delnp-2004-description (complete).pdf

3264-DELNP-2004-Drawings-(10-02-2012).pdf

3264-delnp-2004-drawings.pdf

3264-DELNP-2004-Form-1-(10-02-2012).pdf

3264-delnp-2004-form-1.pdf

3264-delnp-2004-form-18.pdf

3264-DELNP-2004-Form-2-(10-02-2012).pdf

3264-delnp-2004-form-2.pdf

3264-DELNP-2004-Form-3-(10-01-2012).pdf

3264-delnp-2004-Form-3-(21-01-2013).pdf

3264-delnp-2004-form-3.pdf

3264-delnp-2004-form-5.pdf

3264-DELNP-2004-GPA-(10-02-2012).pdf

3264-delnp-2004-gpa.pdf

3264-delnp-2004-pct-210.pdf

3264-delnp-2004-pct-304.pdf

3264-DELNP-2004-Petition-137-(10-01-2012).pdf

abstract.jpg

« Previous Patent

Next Patent »

Patent Number

260086

Indian Patent Application Number

3264/DELNP/2004

PG Journal Number

14/2014

Publication Date

04-Apr-2014

Grant Date

31-Mar-2014

Date of Filing

21-Oct-2004

Name of Patentee

AB SNALLE

Applicant Address

P.O.BOX 3046, S-183 03 TABY, SWEDEN

Inventors:

#	Inventor's Name	Inventor's Address
1	GUNNAR LARSON	ORRVAGEN 23, S-183 54 TABY, SWEDEN
2	PETER FUKS	BERGRINGEN 19, S-177 40 JARFALLA, SWEDEN
3	JORGEN APPELGREN	GLANTVAGEN 9, S-183 63 TABY, SWEDEN

PCT International Classification Number

G06F 1/00

PCT International Application Number

PCT/SE2003/00628

PCT International Filing date

2003-04-16

PCT Conventions:

#	PCT Application Number	Date of Convention	Priority Country
1	0201248-2	2002-04-22	Sweden