Location determination for user authentication
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
H04L-029/06
G06F-021/00
G06F-021/31
H04W-004/02
H04W-012/06
H04L-029/08
출원번호
US-0207190
(2016-07-11)
등록번호
US-9825943
(2017-11-21)
발명자
/ 주소
Thompson, Micheal
출원인 / 주소
A10 NETWORKS, INC.
대리인 / 주소
AMPACC Law Group LLP
인용정보
피인용 횟수 :
1인용 특허 :
50
초록▼
User authentication techniques based on geographical locations associated with a client device is provided. A network connection can be established between two or more host machines and a client device. Upon a request received from the client device by one of these host machines, round trip times of
User authentication techniques based on geographical locations associated with a client device is provided. A network connection can be established between two or more host machines and a client device. Upon a request received from the client device by one of these host machines, round trip times of test messages may be measured between the client device and each of the host machines. The round trip times can be utilized to determine the current geographical location of the client device. If the location is within a tolerance geographical area, the client device may be authenticated. Otherwise, the authentication may fail or additional security procedures may be implemented. In some examples, a travel time from a historical geographical location to current geographical location can be determined. This data may be also utilized in the user authentication process.
대표청구항▼
1. A method for user authentication, the method comprising: receiving, by at least one processor, an authentication request from a client device;acquiring, by the at least one processor, at least one HTTP (Hypertext Transfer Protocol) cookie from the client device, wherein the HTTP cookie includes m
1. A method for user authentication, the method comprising: receiving, by at least one processor, an authentication request from a client device;acquiring, by the at least one processor, at least one HTTP (Hypertext Transfer Protocol) cookie from the client device, wherein the HTTP cookie includes metadata associated with a current geographical location, the current geographical location corresponding to a point;acquiring, by the at least one processor, at least one HTTP cookie from the client device, wherein the HTTP cookie includes metadata associated with a trusted tolerance geographical area;determining, by the at least one processor, whether the current geographical location of the client device is within the trusted tolerance geographical area, the trusted tolerance geographical area being circumscribed by a plurality of points, the plurality of points being varying respective distances from a host machine; andin response to the authentication request, authenticating the client device, by the at least one processor, based at least in part on a determination that the current geographical location of the client device is within the trusted tolerance geographical area. 2. The method of claim 1, wherein the authentication request includes a request to access networked data or services. 3. The method of claim 1, wherein the authentication request includes user credentials and wherein the authentication of the client device includes verifying a user identity based on the user credentials. 4. The method of claim 1, wherein the trusted tolerance geographical area is defined based at least in part on historical data of past geographical locations where the client device has been successfully authenticated. 5. The method of claim 4, wherein the determining, by the at least one processor, whether the current geographical location of the client device is within the trusted tolerance geographical area comprises calculating at least one of a distance between the current geographical location of the client device and a past geographical location. 6. The method of claim 1, wherein the metadata comprises at least one geographical location based on a network. 7. The method of claim 1, wherein the metadata comprises at least one geographical location based on at least one mobile address. 8. The method of claim 7, wherein the at least one mobile address comprises Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6) addresses. 9. The method of claim 1, wherein the metadata comprises at least one geographical location based on absolute coordinates. 10. The method of claim 1, further comprising: in response to HTTP cookies including metadata associated with the trusted tolerance geographical area being absent or including misleading metadata, requesting, by the at least one processor, authentication of the client device based on user credentials. 11. The method of claim 10, wherein user credentials comprise a user login and password. 12. The method of claim 11, wherein in response to the user login and password not being successfully authenticated, further requesting, by the at least one processor, an answer to a security question. 13. The method of claim 1, wherein the metadata associated with the trusted geographical area is dynamically updated at least in part each time the client device is successfully authenticated. 14. The method of claim 1, wherein based on a determination that the current geographical location of the client device is not within the tolerance geographical area, the client device is not authenticated.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (50)
Chen, Lee; Chiong, John; Kwan, Phillip, Access record gateway.
Miura, Naoto; Kiyomizu, Harumi; Nagasaka, Akio; Miyatake, Takafumi; Matsuda, Yusuke, Authentication system using biometric information and authentication device.
Bohannon, Philip L.; Jakobsson, Bjorn Markus; Monrose, Fabian; Reiter, Michael Kendrick; Wetzel, Susanne Gudrun, Generation of repeatable cryptographic key based on varying parameters.
MacDoran Peter F. ; Mathews Michael B. ; Ziel Fred A. ; Gold Kenn L. ; Anderson Steven M. ; Coffey Mark A. ; Denning Dorothy E., Method and apparatus for authenticating the location of remote users of networked computing systems.
Peden, II, Jeffrey J.; Gray, Matthew K.; Parker, Coleman P., Method and apparatus for controlling wireless network access privileges based on wireless client location.
Papierniak, Karen A.; Thaisz, James E.; Chiang, Luo-Jen; Diwekar, Anjali M., Method and apparatus for forming user sessions and presenting internet data according to the user sessions.
Tomko George J.,CAX ; Stoianov Alexei,CAX, Method and apparatus for securely handling a personal identification number or cryptographic key using biometric techniq.
Qin, Xiangping; Shao, Huai-Rong; Singh, Harkirat; Ngo, Chiu, System and method for wireless communication network having proximity control based on authorization token.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.