Geolocation dependent variable authentication
First Claim
Patent Images
1. A method for variable authentication, the method comprising:
- receiving, by one or more microprocessors, a request to access secure data from a computing device;
identifying, by the one or more microprocessors, data associated with the request to access the secure data from the computing device, wherein the identified data includes geographical coordinates of the computing device representing the geographical coordinates of the computing device upon making the request to access the secure data and a time stamp corresponding to a time at which the request to access the secure data was made;
identifying, by the one or more microprocessors, geographic coordinates corresponding to a location that is classified as an allowed location;
identifying, by the one or more microprocessors, a first threshold radius from the allowed location, a second threshold radius from the allowed location, and a third threshold radius from the allowed location, wherein;
the second threshold radius is greater than the first threshold radius and the third threshold radius is greater than the second threshold radius; and
the first threshold radius is associated with a primary authentication zone, the second threshold radius is associated with a secondary authentication zone, and the third threshold radius is associated with a tertiary authentication zone, wherein;
the primary authentication zone is associated with a primary authentication method including a first password type having a first minimum password length, the secondary authentication zone is associated with a secondary authentication method including a second password type having a second minimum password length, and the tertiary authentication zone is associated with a tertiary authentication method including a third password type having a third minimum password length, wherein the second minimum password length is longer the first minimum password length and the third minimum password length is longer than the second minimum password length; and
in response to determining, by the one or more microprocessors, that a distance between the geographical coordinates of the computing device and the allowed location is less than the third threshold radius;
requesting, by the one or more microprocessors, an authentication in accordance with the secondary authentication method;
receiving, by the one or more microprocessors, the authentication;
in response to determining, by the one or more microprocessors, that the authenticating meets pre-defined criteria associated with the secondary authentication method, authorizing, by the one or more computer processors, the request to access secure data;
identifying, by the one or more microprocessors, a count of requests to access secure data associated with the geographical coordinates of the computer devices; and
in response to determining, by the one or more microprocessors, that the count of requests to access the secure data exceeds a threshold count, classifying the geographical coordinates of the computer device as an allowed location.
1 Assignment
0 Petitions
Accused Products
Abstract
In an approach to variable authentication, one or more computer processors receive a request to access secure data from a computing device. The one or more computer processors receive geolocation data associated with the computing device. The one or more computer processors compare the geolocation data to authentication parameters associated with the computing device to determine if the geolocation data falls within the authentication parameters. The one or more computer processors determine whether the geolocation data falls within the authentication parameters. If the geolocation data does not, the one or more computer processors send a request for authentication from the computing device via an authentication method wherein the authentication method corresponds to an identified location and time of the computing device associated with the request to access secure data and a time associated with the request to access secure data. The one or more computer processors receive the authentication.
23 Citations
1 Claim
-
1. A method for variable authentication, the method comprising:
-
receiving, by one or more microprocessors, a request to access secure data from a computing device; identifying, by the one or more microprocessors, data associated with the request to access the secure data from the computing device, wherein the identified data includes geographical coordinates of the computing device representing the geographical coordinates of the computing device upon making the request to access the secure data and a time stamp corresponding to a time at which the request to access the secure data was made; identifying, by the one or more microprocessors, geographic coordinates corresponding to a location that is classified as an allowed location; identifying, by the one or more microprocessors, a first threshold radius from the allowed location, a second threshold radius from the allowed location, and a third threshold radius from the allowed location, wherein; the second threshold radius is greater than the first threshold radius and the third threshold radius is greater than the second threshold radius; and the first threshold radius is associated with a primary authentication zone, the second threshold radius is associated with a secondary authentication zone, and the third threshold radius is associated with a tertiary authentication zone, wherein; the primary authentication zone is associated with a primary authentication method including a first password type having a first minimum password length, the secondary authentication zone is associated with a secondary authentication method including a second password type having a second minimum password length, and the tertiary authentication zone is associated with a tertiary authentication method including a third password type having a third minimum password length, wherein the second minimum password length is longer the first minimum password length and the third minimum password length is longer than the second minimum password length; and in response to determining, by the one or more microprocessors, that a distance between the geographical coordinates of the computing device and the allowed location is less than the third threshold radius; requesting, by the one or more microprocessors, an authentication in accordance with the secondary authentication method; receiving, by the one or more microprocessors, the authentication; in response to determining, by the one or more microprocessors, that the authenticating meets pre-defined criteria associated with the secondary authentication method, authorizing, by the one or more computer processors, the request to access secure data; identifying, by the one or more microprocessors, a count of requests to access secure data associated with the geographical coordinates of the computer devices; and in response to determining, by the one or more microprocessors, that the count of requests to access the secure data exceeds a threshold count, classifying the geographical coordinates of the computer device as an allowed location.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsBowman, Stephen D., Parker, Philip E.
-
Primary Examiner(s)Shaifer Harriman, Dant B
-
Application NumberUS15/662,316Publication NumberTime in Patent Office354 DaysField of Search726 7US Class CurrentCPC Class CodesG06F 21/31 User authenticationG06F 21/44 Program or device authentic...G06F 2221/2111 Location-sensitive, e.g. ge...H04L 2463/121 Timestamp cryptographic mec...H04L 63/08 for authentication of entit...H04L 63/107 wherein the security polici...H04L 67/52 specially adapted for the l...
