IDENTIFYING UNAUTHORIZED ACCESS TO A NETWORK RESOURCE

US 20070220605A1
Filed: 03/15/2007
Published: 09/20/2007
Est. Priority Date: 03/15/2006
Status: Active Grant

First Claim

Patent Images

1. A method for identifying an unauthorized access, comprising:

accessing received access information comprising a received timestamp, a received network internet protocol (IP) address, and a received TCP/UDP port identifier of an unverified accessing client that accessed a network resource using authorization information of an authorized user;

accessing trusted access information comprising a trusted timestamp, a trusted network IP address, and a trusted TCP/UDP port identifier of a trusted accessing client that accesses the network resource by an authorized user;

comparing the received access information to the trusted access information;

identifying an unauthorized access if the received access information does not match the trusted access information.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An online service gathers information about a user'"'"'s access to an online account and makes that information available to the account owner and/or other authorized user. When an online account is accessed, the online service logs a time stamp, a network address from which the account was accessed, a port number, a user ID, routing data, and/or other access data. The online service may use the access information to obtain address ownership name, geographic location, and/or other ownership information associated with the account access. The accessing client also stores access data. The client, account owner, and/or another decision maker evaluates all, or portions of information to detect unauthorized access to the account. The decision maker may dynamically evaluate and display the access data or later compare log files of the online service and the account owner'"'"'s local log file.

97 Citations

View as Search Results

20 Claims

1. A method for identifying an unauthorized access, comprising:
- accessing received access information comprising a received timestamp, a received network internet protocol (IP) address, and a received TCP/UDP port identifier of an unverified accessing client that accessed a network resource using authorization information of an authorized user;
  
  accessing trusted access information comprising a trusted timestamp, a trusted network IP address, and a trusted TCP/UDP port identifier of a trusted accessing client that accesses the network resource by an authorized user;
  
  comparing the received access information to the trusted access information;
  
  identifying an unauthorized access if the received access information does not match the trusted access information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein the trusted access information is accessed from one of the following:
    - an authorized user; and
      
      a trusted storage that stores a copy of the received access information, wherein the copy is provided by the network resource to the trusted storage prior to comparing.
  - 3. The method of claim 2, wherein the trusted storage comprises one of the following:
    - a removable storage controlled by an authorized user and removably coupled to a trusted client in communication with the network resource to receive the copy of the received access information; and
      
      a trusted network node in communication with the network resource, wherein the trusted network node is accessible by an authorized user with additional authorization information.
  - 4. The method of claim 1, further comprising:
    - determining ownership information based on the received network IP address and on the received TCP/UDP port identifier, wherein the ownership information identifies an owner of the received network IP address; and
      
      providing the ownership information to the unverified accessing client for at least one of the following;
      
      displaying to a user of the unverified accessing client and storing in a local storage coupled to the unverified accessing client.
  - 5. The method of claim 4, wherein the ownership information comprises at least one of the following;
    - an owner name and an owner location.
  - 6. The method of claim 1, further comprising providing a warning that the unauthorized access is identified.
  - 7. The method of claim 1, wherein the authorization information comprises at least one of the following;
    - a password, a digital signature, and encrypted data.
  - 8. The method of claim 1, wherein the network resource comprises one of the following;
    - an online email account, an online financial account;
      
      a website, and a general computer user account.
  - 9. The method of claim 1, wherein the received access information is detected based at least in part on intermediary access information of an intermediary network node coupled between the unverified accessing client and the network resource.
  - 10. The method of claim 1, wherein the unverified accessing client is the trusted accessing client.
  - 11. A computer readable medium, comprising executable instructions for causing a computing device to perform the actions of claim 1.

12. A system for identifying an unauthorized access, comprising:
- a communication interface in communication with a network;
  
  a memory for storing instructions; and
  
  a processor in communication with the communication interface and with the memory, wherein the processor performs actions based at least in part on the stored instructions, including;
  
  accessing received access information comprising a received timestamp, a received network internet protocol (IP) address, and a received TCP/UDP port identifier of an unverified accessing client that accessed a network resource using authorization information of an authorized user;
  
  accessing trusted access information comprising a trusted timestamp, a trusted network IP address, and a trusted TCP/UDP port identifier of a trusted accessing client that accesses the network resource by an authorized user;
  
  comparing the received access information to the trusted access information;
  
  identifying an unauthorized access if the received access information does not match the trusted access information.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
- - 13. The system of claim 12, wherein the trusted access information is accessed from one of the following:
    - an authorized user; and
      
      a trusted storage in communication with the processor, wherein the trusted storage stores a copy of the received access information, and wherein the copy is provided by the network resource to the trusted storage prior to comparing.
  - 14. The system of claim 13, wherein the trusted storage comprises one of the following:
    - a removable storage controlled by an authorized user and removably coupled to a trusted client in communication with the network resource to receive the copy of the received access information; and
      
      a trusted network node in communication with the network resource, wherein the trusted network node is accessible by an authorized user with additional authorization information.
  - 15. The system of claim 12, wherein the instructions further cause the processor to perform the operations of:
    - determining ownership information based on the received network IP address and on the received TCP/UDP port identifier, wherein the ownership information identifies an owner of the received network IP address; and
      
      providing the ownership information to the unverified accessing client for at least one of the following;
      
      displaying to a user of the unverified accessing client and storing in a local storage coupled to the unverified accessing client.
  - 16. The system of claim 15, wherein the ownership information comprises at least one of the following;
    - an owner name and an owner location.
  - 17. The system of claim 12, wherein the instructions further cause the processor to perform the action of providing a warning that the unauthorized access is identified.
  - 18. The system of claim 12, wherein the authorization information comprises at least one of the following;
    - a password, a digital signature, and encrypted data.
  - 19. The system of claim 12, wherein the network resource comprises one of the following;
    - an online email account, an online financial account;
      
      a website, and a general computer user account.
  - 20. The system of claim 12, wherein the received access information is detected based at least in part on intermediary access information of an intermediary network node coupled between the unverified accessing client and the network resource.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Daniel Chien
Original Assignee
Daniel Chien
Inventors
Chien, Daniel

Granted Patent

US 8,214,899 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/23
CPC Class Codes

G06F 21/552 involving long-term monitor...

IDENTIFYING UNAUTHORIZED ACCESS TO A NETWORK RESOURCE

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

97 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

IDENTIFYING UNAUTHORIZED ACCESS TO A NETWORK RESOURCE

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

97 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links