CONTROLLING AUTHORISATION WITHIN COMPUTER SYSTEMS

摘要

Techniques for controlling the provision of data to a requester (4) use a local device (10) communicating with a personal computing device (12). The personal computing device has an authorised state and an unauthorised state. If the personal computing device is proximal to the local device when the local device receives the request for data from the requester, then the personal computing device uses permission data it stores to determine whether the request is or is not a permitted request. If the request is a permitted request, then the personal computing device sends a message to a token issuing device (8) to issue a token request to the requester (4). The requester(4) then uses this token to access a third party device 6 holding the data to which it seeks access. The local device may also store a login data store which is unlocked if the personal computing device is proximal to the local device (10) and is in its authorised state. The login data store can provide passwords and usernames automatically when it is unlocked. The personal computing device includes a display upon which are displayed icons indicating the type of data for which access requests are being received and in respect of which authorisations are or are not being made.