Geo-Enabled Access Control
First Claim
1. A method, comprising:
- receiving a request from a first portable access device for a first user to access a first dataset stored in a financial services network;
determining a current location of the first portable access device;
querying a location database to determine whether the current location of the first portable access device is an authorized location for the first user to access the first dataset in the financial services network;
when the current location of the first portable access device is determined not to be an authorized location for the first user to access the first dataset, denying access to the first dataset; and
when the current location of the first portable access device is determined to be an authorized location for the first user to access the first dataset;
granting the first user access to the first dataset via the first portable access device,periodically determining a new current location of the first portable access device, andterminating access to the first dataset when the new current location of the first portable access device is not an authorized location for the first user to access the first dataset.
1 Assignment
0 Petitions
Accused Products
Abstract
Aspects described herein provide methods and systems that monitor mobile data processing devices used for remote access to a computer network or system, and allowing or preventing access to the computer system or network based at least in part on a determined geographical location of the mobile device. Different datasets stored on the network or system might have different geographical limitations associated with each. Different users also might have different geographic access limitations for the same dataset. User location may be based on GPS information associated with the device from which the user is attempting access, based on Wi-Fi, triangulation, or the like, or may be based on a photograph taken by the remote access device contemporaneously with the access request.
-
Citations
20 Claims
-
1. A method, comprising:
-
receiving a request from a first portable access device for a first user to access a first dataset stored in a financial services network; determining a current location of the first portable access device; querying a location database to determine whether the current location of the first portable access device is an authorized location for the first user to access the first dataset in the financial services network; when the current location of the first portable access device is determined not to be an authorized location for the first user to access the first dataset, denying access to the first dataset; and when the current location of the first portable access device is determined to be an authorized location for the first user to access the first dataset; granting the first user access to the first dataset via the first portable access device, periodically determining a new current location of the first portable access device, and terminating access to the first dataset when the new current location of the first portable access device is not an authorized location for the first user to access the first dataset. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. One or more non-transitory computer readable media storing computer executable instructions that, when executed, cause a system to perform:
-
receiving a request from a first portable access device for a first user to access a first dataset; determining a current location of the first portable access device; querying a location database to determine whether the current location of the first portable access device is an authorized location for the first user to access the first dataset; when the current location of the first portable access device is determined not to be an authorized location for the first user to access the first dataset, denying access to the first dataset; and when the current location of the first portable access device is determined to be an authorized location for the first user to access the first dataset; granting the first user access to the first dataset via the first portable access device, periodically determining a new current location of the first portable access device, and terminating access to the first dataset when the new current location of the first portable access device is not an authorized location for the first user to access the first dataset. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A portable access device, comprising:
-
a processor controlling operations of the portable access device; memory storing a database of authorized locations for access to a plurality of datasets, and further storing computer readable instructions that, when executed, cause the portable access device to perform; receiving a request from a first user to access a first dataset stored on the portable access device; determining a current location of the portable access device; querying the database to determine whether the current location of the portable access device is an authorized location for the first user to access the first dataset; when the current location of the portable access device is determined not to be an authorized location for the first user to access the first dataset, denying access to the first dataset; and when the current location of the portable access device is determined to be an authorized location for the first user to access the first dataset; granting the first user access to the first dataset, periodically determining a new current location of the portable access device, and terminating access to the first dataset when the new current location of the portable access device is not an authorized location for the first user to access the first dataset. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification