DEVICE-SPECIFIC AUTHORIZATION AT DISTRIBUTED LOCATIONS
First Claim
1. A method comprising:
- receiving authentication information at a server for a client device coupled to a first network, wherein the authentication information includes a geographic location of the client device and a first result of a one-way hash function based on a combination including an authentication seed and a first secret;
receiving the authentication seed at the server;
retrieving a second secret at the server;
computing, at the server, a second result of the one-way hash function based on a combination including the authentication seed and the second secret; and
in response to a determination by the server that the first result matches the second result and a determination by the server that the client device is authorized to access a second network coupled to the first network based on the geographic location, enabling, via the server, the client device to access the second network, wherein the second network is different from the first network.
1 Assignment
0 Petitions
Accused Products
Abstract
A method includes receiving authentication information for a client device at a server. The authentication information includes a geographic location of the client device and a first result of a one-way hash function based on a combination including an authentication seed and a first secret. The method includes computing, at the server, a second result of the one-way hash function based on a combination including the authentication seed and a second secret. The method also includes enabling the client device to access a second network in response to a determination by the server that the first result matches the second result and a determination by the server that the client device is authorized to access the second network based on the geographic location.
-
Citations
20 Claims
-
1. A method comprising:
-
receiving authentication information at a server for a client device coupled to a first network, wherein the authentication information includes a geographic location of the client device and a first result of a one-way hash function based on a combination including an authentication seed and a first secret; receiving the authentication seed at the server; retrieving a second secret at the server; computing, at the server, a second result of the one-way hash function based on a combination including the authentication seed and the second secret; and in response to a determination by the server that the first result matches the second result and a determination by the server that the client device is authorized to access a second network coupled to the first network based on the geographic location, enabling, via the server, the client device to access the second network, wherein the second network is different from the first network. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer-readable storage device comprising instructions that, when executed by a processing system, cause the processing system to perform operations including:
-
receiving, from a computing device coupled to a first network, a first result of a one-way hash function; computing a second result of the one-way hash function based on a combination including an authentication seed and a shared secret; determining that the first result matches the second result; determining a geographic location of the computing device; determining that the computing device is permitted network access from the geographic location; and determining that the computing device is permitted access to a second network based on the first result matching the second result and that the computing device is permitted network access from the geographic location. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A system comprising:
-
a processor; and a memory coupled to the processor, wherein the memory includes program instructions executable by the processor to perform operations including; sending an authentication seed via an access point and a first network to a computing device; receiving a first result of a one-way hash function from the computing device; selecting a shared secret from a plurality of shared secrets; computing a second result of the one-way hash function based on a combination including the authentication seed and the shared secret; and determining that the computing device is permitted access to a second network based on the first result matching the second result and based on a location of the computing device. - View Dependent Claims (17, 18, 19, 20)
-
Specification