Authentication based on geo-location history
First Claim
1. A method comprising:
- receiving a request for a restricted resource, the request originating from a first device having a first device identifier;
accessing a user identifier associated with the first device identifier;
accessing a geo-location history associated with a second device identifier of a second device, wherein the second device identifier is associated with the user identifier and wherein at least a portion of the geo-location history is provided by the second device reporting locations of the second device determined by the user moving from place to place when in possession of the second device, and wherein the device having the first device identifier is different from the second device having the second device identifier, the geo-location history comprising a number of entries;
generating, via a processor, an authentication challenge comprising a query selected to have an associated successful response comprising the at least one entry in the geo-location history;
presenting the authentication challenge to the first device; and
granting access to the restricted resource upon determining that the authentication challenge was successful.
18 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus are disclosed for authenticating a user based on the geo-location history of a geo-location-enabled wireless device (e.g., a GPS-enabled wireless telecommunications terminal, a smart card, an RFID tag, etc.). In a first illustrative embodiment, a user of a geo-location-enabled wireless telecommunications terminal (e.g., a GPS-enabled cell phone, a GPS-enabled notebook computer, etc.) who attempts to access a restricted resource is challenged with one or more questions that are generated from the terminal'"'"'s geo-location history. In a second illustrative embodiment, a user of a data-processing system who attempts to access a restricted resource is asked to provide a username Z. The user is then challenged with one or more questions that are generated from the geo-location history of a wireless device that is associated with username Z (e.g., a cell phone that belongs to the user whose username is Z, etc.).
26 Citations
20 Claims
-
1. A method comprising:
-
receiving a request for a restricted resource, the request originating from a first device having a first device identifier; accessing a user identifier associated with the first device identifier; accessing a geo-location history associated with a second device identifier of a second device, wherein the second device identifier is associated with the user identifier and wherein at least a portion of the geo-location history is provided by the second device reporting locations of the second device determined by the user moving from place to place when in possession of the second device, and wherein the device having the first device identifier is different from the second device having the second device identifier, the geo-location history comprising a number of entries; generating, via a processor, an authentication challenge comprising a query selected to have an associated successful response comprising the at least one entry in the geo-location history; presenting the authentication challenge to the first device; and granting access to the restricted resource upon determining that the authentication challenge was successful. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system comprising:
-
a processor to; receive a request for a restricted resource, the request originating from a first device having a first device identifier; access a user identifier associated with the first device identifier; access a table comprising a plurality of user identifiers, each of the plurality of user identifiers being matched with a respective device identifier, to identify a second device identifier associated with the user identifier and wherein the second device identifier is associated with a second device different from the first device; retrieve a geo-location history associated with the second device identifier, and comprising a number of entries, wherein at least a portion of the geo-location history is provided by the second device reporting locations of the second device determined by the user moving from place to place when in possession of the second device; generate an authentication challenge comprising a query selected to have an associated successful response comprising the at least one entry in the geo-location history; present the authentication challenge to the first device; and grant access to the restricted resource upon determining that the authentication challenge was successful. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A system comprising:
-
means to receive a request for a restricted resource, the request originating from a first device having a first device identifier; means to access a user identifier associated with the first device identifier; means to access a table comprising a plurality of user identifiers, each of the plurality of user identifiers being matched with a respective device identifier, to identify a second device identifier associated with the user identifier and wherein the second device identifier is associated with a second device different from the first device; wherein at least a portion of the geo-location history is provided by the second device reporting locations of the second device determined by the user moving from place to place when in possession of the second device; means to retrieve a geo-location history associated with the second device identifier, and the geo-location history comprising a number of entries, wherein at least a portion of the geo-location history is provided by the second device reporting locations of the second device determined by the user moving from place to place when in possession of the second device; means to generate, via a processor, an authentication challenge comprising a query selected to have an associated successful response comprising the at least one entry in the geo-location history; means to present the authentication challenge to the first device; and means to grant access to the restricted resource upon determining that the authentication challenge was successful. - View Dependent Claims (18, 19, 20)
-
Specification