Method and System for Dynamically Controlling Access to a Network
First Claim
1. A computer-implemented method for dynamically evaluating access by a requester to a computer network, comprising the steps of:
- receiving a request for access to the network from a requester at a device;
receiving authentication information for the requester;
accepting authorization information for the requester;
comparing the authentication information to authorization information to determine whether the requester is authentic;
generating an authentication score based on the comparison of the authentication information to the authorization information; and
determining network access based on the authentication score.
0 Assignments
0 Petitions
Accused Products
Abstract
The dynamic access evaluation system receives a service request from a device seeking access to a network. The system receives information about the requester, the device from which the request is made and/or the location of the requester and the device. The system analyzes rule sets for the application being requested on the network to determine whether authentication is necessary. The system authenticates the requester based on a comparison of authorization information to information about the requester received in the request. The system authenticates the device by comparing device information in the request to historical device information. Furthermore, the system receives location information for the device and the requester and compares them to determine whether the locations are the same or similar. After granting access, the system continues to monitor information about the requester, device, or location and can terminate device access based on a change in the monitored information.
-
Citations
52 Claims
-
1. A computer-implemented method for dynamically evaluating access by a requester to a computer network, comprising the steps of:
-
receiving a request for access to the network from a requester at a device; receiving authentication information for the requester; accepting authorization information for the requester; comparing the authentication information to authorization information to determine whether the requester is authentic; generating an authentication score based on the comparison of the authentication information to the authorization information; and determining network access based on the authentication score. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer-implemented method for dynamically evaluating access by a device to a computer network, comprising the steps of:
-
receiving a request for access to the network from a device; receiving information about the device making the request; comparing the device information to historical device information; determining whether the device is authentic based on the comparison of the device information to the historical device information; generating an authentication score based on the comparison of the device information to historical device information; and determining whether to grant network access to the device based on the authentication score. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A computer-implemented method for dynamically evaluating access by a device to a computer network, comprising the steps of:
-
receiving a request for access to the network from a requester at a device; receiving a device location; receiving a requester location; comparing the location of the device to the location of the requester to determine whether they are substantially similar; and granting access to the network at the device based on a positive determination that the device location and the requester location are substantially similar. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. A system for dynamically evaluating access by a device to a computer network comprising
a first logic component for receiving information about a requester using the device and determining the authenticity of the requester; -
a second logic component for receiving information about the device making a request to access the network and determine whether the device is authentic; and a third logic component for receiving information about a location of the device and a location of the requester and determining whether the locations of the device and the requester are substantially similar. - View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39)
-
-
40. A computer-implemented method for dynamically evaluating access by a requester to a computer network, comprising the steps of:
-
determining a first authentication information for the requester at a first period in time; determining a second authentication information for the requester at a second period in time while the requester is accessing the network; comparing the first authentication information to the second authentication information; identifying a change between the first and second authentication information for the requester; and determining whether to terminate the requester'"'"'s access to the network at the device based on the change. - View Dependent Claims (41, 42)
-
-
43. A computer-implemented method for dynamically evaluating access by a device to a computer network, comprising the steps of:
-
receiving a first set of information about the device making the request at a first period of time; receiving a second set of information about the device at a second period of time, while the device is accessing the network; comparing the first set of information about the device to the second set of information about the device; identifying a change between the first and second set of information; and determining whether to terminate the device'"'"'s access to the network based on the change. - View Dependent Claims (44, 45)
-
-
46. A computer-implemented method for dynamically evaluating access by a device to a computer network, comprising the steps of:
-
receiving a first location for the device at a first period of time; receiving a second location for the device at a second period of time, while the device is accessing the network; comparing the first location to the second location; identifying a change between the first and second location of the device; and determining whether to terminate the device'"'"'s access to the network based on the change. - View Dependent Claims (47, 48)
-
-
49. A computer-implemented method for dynamically evaluating access by a requester at a device to a computer network, comprising the steps of:
-
receiving a first location for the requester at a first period of time; receiving a second location for the requester at a second period of time, while the device is accessing the network; comparing the first location to the second location of the requester; identifying a change between the first and second location of the requester; and determining whether to terminate access to the network based on the change. - View Dependent Claims (50, 51)
-
-
52. A system for dynamically evaluating access by a device to a computer network comprising:
-
a first logic component for receiving information about a requester using the device and determining the authenticity of the requester; a second logic component for receiving information about the device making a request to access the network and determine whether the device is authentic; a third logic component for receiving information about a location of the device and a location of the requester and determining whether the locations of the device and the requester are substantially similar; a policy engine for receiving information from at least one of the first, second, and third logic components at a first period of time and updated information from at least one of the first, second, and third logic components at a second period of time, while the device is accessing the network, wherein the information and the updated information are compared to identify a change and a determination is made whether to terminate access by the device to the network based on the change.
-
Specification