Method And Apparatus For Securing An Application Using A Measurement Of A Location Dependent Physical Property Of The Environment
First Claim
Patent Images
1. A method for securing the interaction between a user and a computer based application, the method comprising the steps of:
- obtaining a measurement value of a location dependent physical property of a location from which the computer based application is being accessed by the user;
using the measurement value in a risk analysis; and
deciding on the basis of the outcome of said risk analysis whether or not to perform a certain action.
0 Assignments
0 Petitions
Accused Products
Abstract
Methods, apparatus, and systems for authenticating a user taking into account measurement values of characteristics of the purported environment of the user are described.
17 Citations
27 Claims
-
1. A method for securing the interaction between a user and a computer based application, the method comprising the steps of:
-
obtaining a measurement value of a location dependent physical property of a location from which the computer based application is being accessed by the user; using the measurement value in a risk analysis; and deciding on the basis of the outcome of said risk analysis whether or not to perform a certain action. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An apparatus for providing a secured measurement of a location dependent physical property comprising:
-
a sensor for making said measurement of the location dependent physical property; a memory component for storing a secret value; and a data processing component for generating an electronic signature over said measurement by cryptographically combining said measurement with a secret key comprised in or derived from said secret value. - View Dependent Claims (9, 10, 11)
-
-
12. A system for securing the interaction between a user and a computer based application comprising:
-
an apparatus for providing an electronic signature over a first location dependent physical property, the apparatus comprising; a sensor for making a first measurement of said first location dependent physical property at a location of the apparatus, a memory component for storing a secret value; and a data processing component for generating an electronic signature over said first measurement by cryptographically combining said first measurement with a secret key comprised in or derived from said secret value; and an authentication server adapted to; receive a second measurement value of a second location dependent physical property of a location from which the computer based application is being accessed by the user; receive said electronic signature over said first measurement value; verify said received electronic signature; use said received second measurement value and a result of said verification of said received electronic signature in a risk analysis; and decide on the basis of the outcome of said risk analysis whether or not to perform a certain action.
-
-
13. A method for securing interaction between a user and a remotely accessible application, the method comprising the steps of:
-
at an access device used by the user to access the remotely accessible application, determining a first value for a first location dependent variable; at an authentication device determining, independently from the access device, a second value for a second location dependent variable; at the authentication device generating a dynamic credential or electronic signature using said second value for the second location dependent variable and a cryptographic secret key; at an authentication server receiving the generated dynamic credential or electronic signature and the first value of the location dependent variable; and at the authentication server verifying whether the received first value of the location dependent variable is consistent with the received dynamic credential or electronic signature. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
Specification