Abstract: A remote control device is coupled with a computing device such as a set top computing device using wired or wireless connectivity for the purpose of invoking services provided by the computing device. The remote control device uses biometric methods such as fingerprint scanning to identify the user of the remote control device who is also a previously authorized user of the computing device. The remote control device possesses a unique identifying serial number. Identity of the user of the remote control device is communicated to the computing device and used by the computing device to authenticate the remote control device user as a previously authorized user of both devices. Once a remote control user is authenticated, all signals from the remote control device to the set top computing device are encrypted in such a way as to prevent impersonation using a similar remote control device or man-in-the-middle attacks.

Abstract: A centralized token generating server is disclosed for limiting access to remote equipment. The token generating server provides outgoing authentication of a user, before permitting the user to leave the network environment to access remote equipment. The token generating server generates responses (tokens) for authorized users to satisfy challenges posed by remote equipment and maintains a log of all processed transactions. The token generating server provides an initial outbound access control, whenever a user desires to leave the network environment to access remote equipment, and the remote equipment performs a secondary authorization to ensure that a given user can access the given remote equipment. Each attempt by a user to obtain token-regulated access to remote equipment requires two token management sessions. During a token acquisition process, the user establishes a first session with the token generating server to obtain an access token to obtain access to a given piece of remote equipment.