LOCATION AND DEVICE BASED STUDENT ACCESS CONTROL
First Claim
1. A method comprising:
- maintaining, on a storage device, first time information and first location information of a most recent access to a service by a particular user;
receiving a subsequent request to access the service;
receiving, in association with the subsequent request, authentication information for the particular user;
in response to receiving the subsequent request;
determining second time information and second location information associated with the subsequent request;
determining, based on the first time information, the second time information, the first location information, and the second location information, whether it is feasible for the particular user to have travelled from a first location associated with the first location information to a second location associated with the second location information in an amount of time that lapsed between the first time information and the second time information; and
responsive to determining that it is not feasible for the particular user to have travelled from the first location to the second location in the amount of time, performing at least one of;
denying the subsequent request;
granting the subsequent request only after receiving additional authentication information in association with the subsequent request.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques are described for controlling access to an online service by a one or more authentication mechanisms based on device, browser, or location, or a combination of the three. A method comprises receiving a request to access a service, receiving, in association with the request, a first access mechanism, receiving a first and second level of authentication associated with the user requesting the service, updating authenticated-mechanism data to indicate that the first access mechanism is an authenticated access mechanism for the particular user, receiving a second request to access the service, in response to receiving a second request, determining whether the second access mechanism is an authenticated access mechanism for the particular user, upon determining that the second access mechanism is not an authenticated mechanism, requesting a second level of authentication for the particular user, otherwise granting access.
-
Citations
20 Claims
-
1. A method comprising:
-
maintaining, on a storage device, first time information and first location information of a most recent access to a service by a particular user; receiving a subsequent request to access the service; receiving, in association with the subsequent request, authentication information for the particular user; in response to receiving the subsequent request; determining second time information and second location information associated with the subsequent request; determining, based on the first time information, the second time information, the first location information, and the second location information, whether it is feasible for the particular user to have travelled from a first location associated with the first location information to a second location associated with the second location information in an amount of time that lapsed between the first time information and the second time information; and responsive to determining that it is not feasible for the particular user to have travelled from the first location to the second location in the amount of time, performing at least one of; denying the subsequent request; granting the subsequent request only after receiving additional authentication information in association with the subsequent request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system comprising:
-
one or more processors; and a storage storing instructions which, when executed by the one or more processors, cause the one or more processors to perform operations comprising; maintaining, on a storage device, first time information and first location information of a most recent access to a service by a particular user; receiving a subsequent request to access the service; receiving, in association with the subsequent request, authentication information for the particular user; in response to receiving the subsequent request; determining second time information and second location information associated with the subsequent request; determining, based on the first time information, the second time information, the first location information, and the second location information, whether it is feasible for the particular user to have travelled from a first location associated with the first location information to a second location associated with the second location information in an amount of time that lapsed between the first time information and the second time information; and responsive to determining that it is not feasible for the particular user to have travelled from the first location to the second location in the amount of time, performing at least one of; denying the subsequent request; granting the subsequent request only after receiving additional authentication information in association with the subsequent request. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification