Authentication based on geo-location history

US 10,212,587 B2
Filed: 04/20/2015
Issued: 02/19/2019
Est. Priority Date: 12/15/2006
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving a request for a restricted resource, the request originating from a first device having a first device identifier;

accessing a user identifier associated with the first device identifier;

accessing a geo-location history associated with a second device identifier of a second device, wherein the second device identifier is associated with the user identifier and wherein at least a portion of the geo-location history is provided by the second device reporting locations of the second device determined by the user moving from place to place when in possession of the second device, and wherein the device having the first device identifier is different from the second device having the second device identifier, the geo-location history comprising a number of entries;

generating, via a processor, an authentication challenge comprising a query selected to have an associated successful response comprising the at least one entry in the geo-location history;

presenting the authentication challenge to the first device; and

granting access to the restricted resource upon determining that the authentication challenge was successful.

View all claims

18 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and apparatus are disclosed for authenticating a user based on the geo-location history of a geo-location-enabled wireless device (e.g., a GPS-enabled wireless telecommunications terminal, a smart card, an RFID tag, etc.). In a first illustrative embodiment, a user of a geo-location-enabled wireless telecommunications terminal (e.g., a GPS-enabled cell phone, a GPS-enabled notebook computer, etc.) who attempts to access a restricted resource is challenged with one or more questions that are generated from the terminal'"'"'s geo-location history. In a second illustrative embodiment, a user of a data-processing system who attempts to access a restricted resource is asked to provide a username Z. The user is then challenged with one or more questions that are generated from the geo-location history of a wireless device that is associated with username Z (e.g., a cell phone that belongs to the user whose username is Z, etc.).

26 Citations

View as Search Results

20 Claims

1. A method comprising:
- receiving a request for a restricted resource, the request originating from a first device having a first device identifier;
  
  accessing a user identifier associated with the first device identifier;
  
  accessing a geo-location history associated with a second device identifier of a second device, wherein the second device identifier is associated with the user identifier and wherein at least a portion of the geo-location history is provided by the second device reporting locations of the second device determined by the user moving from place to place when in possession of the second device, and wherein the device having the first device identifier is different from the second device having the second device identifier, the geo-location history comprising a number of entries;
  
  generating, via a processor, an authentication challenge comprising a query selected to have an associated successful response comprising the at least one entry in the geo-location history;
  
  presenting the authentication challenge to the first device; and
  
  granting access to the restricted resource upon determining that the authentication challenge was successful.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the user identifier is one of a social security number and an account number.
  - 3. The method of claim 1, wherein the second device identifier is one of an Internet protocol address and a telephone number.
  - 4. The method of claim 1, wherein the table is an ownership database.
  - 5. The method of claim 1, wherein the geo-location history is retrieved from a geo-location history database.
  - 6. The method of claim 1, further comprising:
    - inferring that the geo-location history associated with the second device identifier is a user geo-location history of a user associated with the user identifier.
  - 7. The method of claim 1, further comprising:
    - receiving a response to the authentication challenge from a user associated with the user identifier, the response relating to a personal geo-location history of the user; and
      
      determining whether the authentication challenge is successfully met by comparing the geo-location history with the response.
  - 8. The method of claim 7, further comprising:
    - restricting access to a resource on the first device when the authentication challenge is not successfully met.

9. A system comprising:
- a processor to;
  
  receive a request for a restricted resource, the request originating from a first device having a first device identifier;
  
  access a user identifier associated with the first device identifier;
  
  access a table comprising a plurality of user identifiers, each of the plurality of user identifiers being matched with a respective device identifier, to identify a second device identifier associated with the user identifier and wherein the second device identifier is associated with a second device different from the first device;
  
  retrieve a geo-location history associated with the second device identifier, and comprising a number of entries, wherein at least a portion of the geo-location history is provided by the second device reporting locations of the second device determined by the user moving from place to place when in possession of the second device;
  
  generate an authentication challenge comprising a query selected to have an associated successful response comprising the at least one entry in the geo-location history;
  
  present the authentication challenge to the first device; and
  
  grant access to the restricted resource upon determining that the authentication challenge was successful.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The system of claim 9, wherein the user identifier is one of a social security number and an account number.
  - 11. The system of claim 9, wherein the second device identifier is one of an Internet protocol address and a telephone number.
  - 12. The system of claim 9, wherein the table is an ownership database.
  - 13. The system of claim 9, wherein the geo-location history is retrieved from a geo-location history database.
  - 14. The system of claim 9, the processor further infers that the geo-location history associated with the second device identifier is a user geo-location history of a user associated with the user identifier.
  - 15. The system of claim 9, the processor further:
    - receives a response to the authentication challenge from a user associated with the user identifier, the response relating to a personal geo-location history of the user; and
      
      determines whether the authentication challenge is successfully met by comparing the geo-location history with the response.
  - 16. The system of claim 9, the processor further restricts access to a resource on the second device when the authentication challenge is not successfully met.

17. A system comprising:
- means to receive a request for a restricted resource, the request originating from a first device having a first device identifier;
  
  means to access a user identifier associated with the first device identifier;
  
  means to access a table comprising a plurality of user identifiers, each of the plurality of user identifiers being matched with a respective device identifier, to identify a second device identifier associated with the user identifier and wherein the second device identifier is associated with a second device different from the first device;
  
  wherein at least a portion of the geo-location history is provided by the second device reporting locations of the second device determined by the user moving from place to place when in possession of the second device;
  
  means to retrieve a geo-location history associated with the second device identifier, and the geo-location history comprising a number of entries, wherein at least a portion of the geo-location history is provided by the second device reporting locations of the second device determined by the user moving from place to place when in possession of the second device;
  
  means to generate, via a processor, an authentication challenge comprising a query selected to have an associated successful response comprising the at least one entry in the geo-location history;
  
  means to present the authentication challenge to the first device; and
  
  means to grant access to the restricted resource upon determining that the authentication challenge was successful.
- View Dependent Claims (18, 19, 20)
- - 18. The system of claim 17, further comprising:
    - means to infer that the geo-location history associated with the second device identifier is a user geo-location history of a user associated with the user identifier.
  - 19. The system of claim 17, further comprising:
    - means to receive a response to the authentication challenge from a user associated with the user identifier, the response relating to a personal geo-location history of the user; and
      
      means to determine whether the authentication challenge is successfully met by comparing the geo-location history associated with the second device identifier with the response.
  - 20. The system of claim 17, further comprising:
    - means to restrict access to a resource on the second device when the authentication challenge is not successfully met.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Arlington Technologies, LLC (Dominion Harbor Enterprises, LLC)
Original Assignee
Avaya Incorporated
Inventors
Bentley, Jon Louis, Erhart, George William, O'Gorman, Lawrence, Sammon, Michael J., Skiba, David Joseph
Primary Examiner(s)
Appiah, Charles N
Assistant Examiner(s)
Donado, Frank E

Application Number

US14/690,840
Publication Number

US 20150230086A1
Time in Patent Office

1,401 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/34   involving the use of extern...

H04L 2101/69   using geographic informatio...

H04L 63/08   for authentication of entit...

H04L 63/0853   using an additional device,...

H04L 63/107   wherein the security polici...

H04W 12/06   Authentication

H04W 12/08   Access security

H04W 12/61   Time-dependent

H04W 12/63   Location-dependent; Proximi...

H04W 48/04   based on user or terminal l...

H04W 88/02   Terminal devices

Authentication based on geo-location history

First Claim

18 Assignments

0 Petitions

Accused Products

Abstract

26 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication based on geo-location history

First Claim

18 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

26 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links