Apple has been granted a patent (number 8307425) for portable computer accounts that could let you store your user accounts, authentication information and user home directories on an external storage media and transfer them from one device to another.
Measures are included for detecting tampering of stored information and for preventing possibly conflicting or damaging account and file information from entering a host device.
Here’s Apple’s background and summary of the invention: “User account data typically includes a user name, an account identifier, a home directory location and management information. For local accounts (i.e., non-network accounts) this information can be stored on a local directory database on a host device. For network accounts, account information can be stored on a network directory server (e.g. LDAP).
“User authentication information (e.g., a password) can be stored separately. For local accounts, a secure hash of a password can be located in a secure area of a boot hard drive. For network accounts, passwords can be located on an authentication server (e.g., Kerberos).
“User home directories are typically the main area where a user keeps their files. For local accounts, the home directory can be located on a local hard disk. For network accounts, the home directory can be located on a network file server. It is often desirable to synchronize versions of home directory folders locally and on the network so that when a user goes offline they can continue to work just as if they were connected to the network.
“Some known operating systems provide a portable home directory system. For example, Portable Home Directories (PHDs) is the name of a system in Apple Computer Inc.’s Mac OS X, where a network account, user authentication information and a network home directory can be cached locally on a host device and synchronized with their originals on network servers. The user home directory can be encrypted using a known encryption technology (e.g., FileVault) and decrypted using, for example, the user’s login password.
“While conventional portable home directory systems are useful they do not allow a user to transport on an external storage media a complete home directory and account between networked computers without performance degradation (e.g., synchronization delay).
“User accounts, authentication information and user home directories are stored on an external storage media that can be transferred from one device to another. Measures are included for detecting tampering of stored information and for preventing possibly conflicting or damaging account and file information from entering a host device.
“In some implementations, a method comprises: providing a login screen for presentation on a display screen of a host device, the login screen including a list of accounts available for log in, where at least one account is associated with an external storage media operatively coupled to the host device; receiving a first input from a user of the host device, the input specifying for log in the local account associated with the external storage media; responsive to the first input, determining if the local account has a corresponding network account; if the local account has a corresponding network account, using the network account and associated authentication methods to authenticate the user of the host device; and if the local account does not have a corresponding network account, using information locally accessible by the host device to authenticate the user.
“Other implementations of portable computer accounts are disclosed, including implementations directed to systems, methods, apparatuses, computer-readable mediums and user interfaces.”
Bruce Gaya is the inventor.