AnsweredAssumed Answered

RFID or similar proximity-based solution for fully automated Windows(7) unlock/lock?

Question asked by Sebastian Ernst on Mar 15, 2017
Latest reply on Mar 21, 2017 by Sebastian Ernst

SCENARIO: I am running a bunch of Windows 7 virtual machines on top of VMWare vSphere. The VMs are accessed through thin clients, which allow to pass USB devices through to the visualized operating system. All of the virtual machines have one single (very restricted) user account only. All virtual machines are equally accessible to a number of users.


PROBLEM: I want to provide the users with personalized RFID, Bluetooth or similar contactless tokens, which automatically unlock any of the machines (without entering an additional password) whenever the users are within a 2 to 3 meters perimeter around one of the thin clients. Should any of the users leave the perimeter, the machines should automatically lock themselves - while the session keeps running. There must not be any conflict if more than one user is within the perimeter - the last user to leave the perimeter should lock the computer.


IDEAS (which do not work): The clients are located in a more or less open space, so I can not define entire rooms as lock/unlock perimeters - distance matters, which makes a Bluetooth solution purely based on pairing impractical from my point of view. One user could by accident unlock multiple machines at once. I have also been considering face recognition instead of contactless tokens, though it requires quite a bit of CPU time and it does not work reliably as far as I have been told by people who tried to implement it in a similar fashion. In terms of automatic locking of screens, I can not do this based on inactivity and time outs - the users might be monitoring things on the clients for longer periods of time without any input from them.


QUESTION: What options do I have based on NXP NFC products? The key elements for me are contactless (e.g. a card of some sort attached to a necklace), because it is the easiest approach compared to card readers and USB tokens, and fully automated locking of open sessions, because a lot of people tend to forget to lock their screen when they leave ... Any suggestions and/or real-life experiences?