Location determination for user authentication

US 10,341,335 B2
Filed: 11/24/2018
Issued: 07/02/2019
Est. Priority Date: 06/24/2013
Status: Active Grant

First Claim

Patent Images

1. A system for authentication of a client device, the system comprising:

a processor, wherein the processor is a hardware processor configured to;

receive an authentication request from the client device;

establish a current geographical location of the client device;

establish a trusted tolerance geographical area associated with the client device, the trusted tolerance geographical area being circumscribed by a plurality of points, the plurality of points being at varying respective distances from the client device;

determine whether the current geographical location of the client device is within the trusted tolerance geographical area; and

authenticate the client device based on the determination that the current geographical location of the client device is within the trusted tolerance geographical area; and

a database configured to store at least data associated with the client device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

User authentication techniques based on geographical locations associated with a client device are provided. An example method for authentication of the client device includes receiving an authentication request from the client device. The method may include establishing current geographical location of the client device. The method may further include establishing a trusted tolerance geographical area associated with the client device. After establishing the trusted tolerance geographical area, the method may proceed with determining whether the current geographical location of the client device is within the trusted tolerance geographical area. The method may further include authenticating the client device based on the determination that the current geographical location of the client device is within the trusted tolerance geographical area.

12 Citations

18 Claims

1. A system for authentication of a client device, the system comprising:
- a processor, wherein the processor is a hardware processor configured to;
  
  receive an authentication request from the client device;
  
  establish a current geographical location of the client device;
  
  establish a trusted tolerance geographical area associated with the client device, the trusted tolerance geographical area being circumscribed by a plurality of points, the plurality of points being at varying respective distances from the client device;
  
  determine whether the current geographical location of the client device is within the trusted tolerance geographical area; and
  
  authenticate the client device based on the determination that the current geographical location of the client device is within the trusted tolerance geographical area; and
  
  a database configured to store at least data associated with the client device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The system of claim 1, wherein the current geographical location is established by a triangulation of the client device and two or more host machines with known locations.
  - 3. The system of claim 2, wherein the triangulation includes:
    - calculating trip times (RTTs) of test messages exchanged between the client device and the two or more host machines and;
      
      determining the current geographical location of the client device by forming triangles between the client device and the two or more host machines.
  - 4. The system of claim 1, wherein the trusted tolerance geographical area is based at least on historical locations associated with the client device.
  - 5. The system of claim 4, wherein the authenticating the client device is further based on time stamps associated with the current geographical location and the historical locations associated with the client device.
  - 6. The system of claim 5, wherein the time stamps are used to establish a likelihood of moving the client device between a historical location and the current geographical location within a period of time.
  - 7. The system of claim 1, wherein the processor is further configured to update the trusted tolerance geographical area in response to the authentication of the client device.
  - 8. The system of claim 1, wherein the processor is further configured to receive metadata from the client device, wherein the metadata include at least one of an Internet Protocol version 4 (IPv4) address and an Internet Protocol version 6 (IPv6) address associated with the client device.

9. A method for authentication of a client device, the method comprising:
- receiving, by at least one processor, an authentication request from the client device;
  
  establishing, by the at least one processor, a current geographical location of the client device;
  
  establishing, by the at least one processor, a trusted tolerance geographical area associated with the client device, the trusted tolerance geographical area being circumscribed by a plurality of points, the plurality of points being at varying respective distances from the client device;
  
  determining, by the at least one processor, whether the current geographical location of the client device is within the trusted tolerance geographical area; and
  
  authenticating the client device, by the at least one processor, based on the determination that the current geographical location of the client device is within the trusted tolerance geographical area.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
- - 10. The method of claim 9, wherein the current geographical location is established by a triangulation of the client device and two or more host machines with known locations.
  - 11. The method of claim 10, wherein the triangulation includes:
    - calculating trip times (RTTs) of test messages exchanged between the client device and the two or more host machines; and
      
      determining the current geographical location of the client device by forming triangles between the client device and the two or more host machines.
  - 12. The method of claim 9, wherein the trusted tolerance geographical area is based at least on historical locations associated with the client device.
  - 13. The method of claim 12, wherein the authenticating the client device is further based on time stamps associated with the current geographical location and the historical locations associated with the client device.
  - 14. The method of claim 13, wherein the time stamps are used to establish a likelihood of moving the client device between a historical location and the current geographical location within a period of time.
  - 15. The method of claim 9, further comprising updating the trusted tolerance geographical area in response to the authentication of the client device.
  - 16. The method of claim 9, further comprising receiving metadata from the client device, the metadata including at least one of an Internet Protocol version 4 (IPv4) address and Internet Protocol version 6 (IPv6) address associated with the client device.
  - 17. The method of claim 9, further comprising receiving user credentials, the user credentials including a user login and a password.

18. A system for authentication of a client device, the system comprising:
- a processor, wherein the processor is a hardware processor configured to;
  
  receive an authentication request from the client device;
  
  establish a current geographical location of the client device, wherein the current geographical location is established by a triangulation of the client device and two or more host machines with known locations, wherein the triangulation includes;
  
  calculating trip times (RTTs) of test messages exchanged between the client device and the two or more host machines and;
  
  determining the current geographical location of the client device by forming triangles between the client device and the two or more host machines;
  
  establish a trusted tolerance geographical area associated with the client device, wherein the trusted tolerance geographical area is circumscribed by a plurality of points, the plurality of points being at varying respective distances from the client device;
  
  determine whether the current geographical location of the client device is within the trusted tolerance geographical area;
  
  authenticate the client device based on the determination that the current geographical location of the client device is within the trusted tolerance geographical area; and
  
  update the trusted tolerance geographical area in response to the authentication of the client device; and
  
  a database configured to store at least data associated with the client device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
A10 Networks Incorporated
Original Assignee
A10 Networks Incorporated
Inventors
Thompson, Micheal
Primary Examiner(s)
Lewis, Lisa C

Application Number

US16/199,132
Publication Number

US 20190109840A1
Time in Patent Office

220 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/31   User authentication

G06F 2221/2111   Location-sensitive, e.g. ge...

H04L 2463/121   Timestamp cryptographic mec...

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

H04L 63/0876   based on the identity of th...

H04L 63/102   Entity profiles

H04L 63/107   wherein the security polici...

H04L 63/108   when the policy decisions a...

H04L 67/02   based on web technology, e....

H04L 67/52   specially adapted for the l...

H04W 12/06   Authentication

H04W 12/61   Time-dependent

H04W 12/63   Location-dependent; Proximi...

H04W 12/64   using geofenced areas

H04W 4/02   Services making use of loca...

Location determination for user authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

12 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Location determination for user authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

12 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links