Location Based Authentication

US 20090254975A1
Filed: 03/10/2006
Published: 10/08/2009
Est. Priority Date: 03/31/2005
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating a mobile wireless user device, the method comprising:

identifying other devices as being within the proximity of the user device using wireless communication between the user device and the other devices;

comparing the identities of said other devices with reference identities;

authenticating said user device when the identity comparison meets a threshold.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention relates to authenticating a mobile device using logical location information associated with the device which provides an indication of the proximity of the device to other devices. The present invention provides a mechanism for authenticating a mobile device based on location related information or a “logical location”, but without requiring an actual location. The mobile user device identifies or discovers other devices, using direct wireless communication, within its vicinity and forwards this information to the authenticating authority. If this information matches previous or otherwise predetermined information, then the device is authenticated.

Citations

28 Claims

1. A method of authenticating a mobile wireless user device, the method comprising:
- identifying other devices as being within the proximity of the user device using wireless communication between the user device and the other devices;
  
  comparing the identities of said other devices with reference identities;
  
  authenticating said user device when the identity comparison meets a threshold.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 22, 25, 26)
- - 2. A method as claimed in claim 1, wherein the method further comprises the step of:
    - determining for at least one identified other device a proximity range value indicating the proximity of the device to the user device;
      
      comparing said range value with a reference range value for said identified other device; and
      
      ,authenticating said user device if said proximity comparison indicates said proximity range value is an acceptable proximity range being a proximity range value less or equal to said reference proximity range value.
  - 3. A method as claimed in claim 2, wherein said proximity range value is determined by said user device detecting a physical characteristic of a communications signal between a said other wireless device and said user device.
  - 4. A method as claimed in claim 2, wherein said method steps are implemented for all said other wireless devices, and said authentication step requires all proximity comparisons to indicate that said user device is within a range of proximity less or equal to a reference range for each of said other wireless devices.
  - 5. A method as claimed in claim 2, wherein said authentication is performed automatically as soon as said user device enters a proximity range sufficient for authentication.
  - 6. A method as claimed in claim 1, wherein said user device is further identified by its spatial location, wherein the spatial location is determined by the proximity of the device to a plurality of fixed spatial reference points associated with said other wireless devices.
  - 7. A method according to claim 1, wherein the wireless communication comprises using one or more wireless access technologies to directly communicate with one or more of said other devices in order to request respective identities.
  - 8. A method according to claim 7 wherein one or more said wireless access technologies are used to communicate with all said other devices having said wireless access technology capability within the respective ranges of said user device.
  - 9. A method according to claim 7 wherein the wireless access technology comprises one ore more of the following group:
    - IEEE802.11a;
      
      IEEE802.11b;
      
      IEEE802.11g;
      
      Bluetooth.
  - 10. A method according to claim 1, wherein the identities comprise the MAC addresses of the other devices.
  - 11. A method according to claim 1, wherein the reference identities comprise the identities of the other devices compared on a previous successful authentication attempt.
  - 12. A method according to claim 1, wherein the comparison threshold comprises having at least a predetermined percentage of the same identities of the other devices as the reference identities.
  - 13. A method according to claim 2, wherein in said step of comparing a proximity range value to a reference value, the comparison threshold comprises having at least a predetermined percentage of the same identities of the other devices as the reference identities.
  - 14. A method according to claim 1, wherein in the comparing step, identities corresponding to some other devices are weighted more highly than other identities.
  - 15. A method according to claim 14 wherein, for each other device identity, the weighting is dependent on one or more of the following:
    - the range of mobility of the respective other device; and
      
      /or the communications mode used to identify the other device.
  - 16. A method according to claim 1, wherein in response to an authentication challenge received from a server, the user device performs said step of identifying said other wireless devices and forwards said identities to said server for use in said comparing step.
  - 17. A method as claimed in claim 2, wherein said user device sends an updated proximity range value at subsequent points of time following said initial authentication, and if an updated proximity range values exceeds said acceptable proximity range, said server issues an authentication challenge, and wherein in response to an authentication challenge received from a server.
  - 22. Processor code which when executed on a processor is arranged to cause the processor to carry out the method according to claim 1.
  - 25. A wireless user device arranged to be authenticated in use according to claim 1, the device comprising:
    - means for receiving an authentication challenge from a server;
      
      means for identifying other wireless devices as being in the proximity of the device using wireless communication with the other devices;
      
      means for forwarding said identities to said server in response to said challenge.
  - 26. A wireless user device as claimed in claim 25, further comprising:
    - means for determining a proximity range value for each identified other device said value indicating the proximity range of said identified device to said user device;
      
      means for forwarding said proximity range to said server in response to said challenge in association with said other device identity.

18. A method of authenticating a mobile wireless user device, the method comprising the user device performing the steps of:
- receiving an authentication challenge from a server;
  
  identifying other wireless devices as being in its proximity using wireless communication with said other devices; and
  
  forwarding said identities to said server in response to said challenge.
- View Dependent Claims (19, 28)
- - 19. A method as claimed in claim 18, further comprising the user device performing the steps of:
    - determining a proximity range value for at least one identified device indicating the proximity range of said identified device to said user device; and
      
      forwarding said proximity range value to said server in response to said challenge.
  - 28. A server as claimed in claim 19, further comprising:
    - means for receiving a proximity range value in association with an identity for one or more of said other devices, each proximity range value indicating the proximity of said other device to said user device;
      
      means for comparing each said received proximity range value with a stored proximity range value;
      
      means to authenticate said user device when each received proximity range value is less than or equal to said stored proximity range value associated with said device identity.

20. A method of authenticating a wireless user device, the method comprising a server performing the steps of:
- forwarding an authentication challenge to said user device;
  
  receiving identities of other devices determined as being in the proximity of the user device in response to said challenge;
  
  comparing said identities with reference identities for said user device; and
  
  authenticating said user device when the comparison meets a threshold.
- View Dependent Claims (21)
- - 21. A method as claim 20, wherein the server further performs the steps of:
    - receiving at least one proximity range value in association with a device identity, said proximity range value indicating the range of said identified device to said user device;
      
      comparing said received proximity range value with a stored proximity range value;
      
      authenticating said user device when said received proximity range value is less than or equal to said stored proximity range value.

23. A system for authenticating a wireless user device, the system comprising:
- means for identifying other devices as being in the proximity of the user device using wireless communication between the user device and the other devices;
  
  means for comparing said identities with reference identities;
  
  means for authenticating said user device when the comparison meets a threshold.
- View Dependent Claims (24)
- - 24. A system as claimed in claim 23, wherein the system further comprises:
    - means for receiving a proximity range value for each identified other device said value indicating the proximity range of said identified device to said user device;
      
      means for comparing said received proximity range value with a stored proximity range value;
      
      means to authenticate said user device when said received proximity range value is less than or equal to said stored proximity range value.

27. A server for authenticating a wireless user device, the server comprising:
- means for forwarding an authentication challenge to said user device;
  
  means for receiving identities of other devices in the proximity of the user device in response to said challenge;
  
  means for comparing said identities with reference identities for said user device;
  
  means for authenticating said user device when the comparison meets a threshold.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
British Telecommunications PLC (BT Group PLC)
Original Assignee
British Telecommunications PLC (BT Group PLC)
Inventors
Gedge, Richard, Turnbull, Rory S.

Granted Patent

US 8,321,913 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/3
CPC Class Codes

H04L 63/0492   by using a location-limited...

H04L 63/08   for authentication of entit...

H04L 63/0876   based on the identity of th...

H04W 12/06   Authentication

H04W 12/63   Location-dependent; Proximi...

H04W 4/02   Services making use of loca...

H04W 4/029   Location-based management o...

H04W 84/12   WLAN [Wireless Local Area N...

Location Based Authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Location Based Authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links