INFERENCE-BASED DETECTION OF PROXIMITY CHANGES
First Claim
Patent Images
1. A method of detecting departure of a previously authenticated user from proximity to a secure resource, the method comprising the steps of:
- establishing a wireless communication link between the secure resource and a device proximate thereto;
verifying, by the secure resource, an association between the authenticated user and the device;
monitoring over time, by the secure resource, a signal strength of the wireless communication link and periodically storing, in a computer memory, values indicative of the monitored signal strength;
periodically analyzing, by the secure resource, the stored values for patterns indicative of a walkaway event and, when a pattern indicative of a walkaway event is detected, assigning a probability thereto; and
if the probability exceeds a threshold specified by a security policy, registering a walkaway event and terminating the authenticated user'"'"'s access to the secure resource.
2 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of the present invention analyze multiple factors—such as user input events, device motion data, other data from the endpoint, or data from an external system (such as a real-time location system)—to make a probabilistic determination whether a walkaway event has occurred.
44 Citations
21 Claims
-
1. A method of detecting departure of a previously authenticated user from proximity to a secure resource, the method comprising the steps of:
-
establishing a wireless communication link between the secure resource and a device proximate thereto; verifying, by the secure resource, an association between the authenticated user and the device; monitoring over time, by the secure resource, a signal strength of the wireless communication link and periodically storing, in a computer memory, values indicative of the monitored signal strength; periodically analyzing, by the secure resource, the stored values for patterns indicative of a walkaway event and, when a pattern indicative of a walkaway event is detected, assigning a probability thereto; and if the probability exceeds a threshold specified by a security policy, registering a walkaway event and terminating the authenticated user'"'"'s access to the secure resource. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system comprising a plurality of secure resources, each of the secure resources comprising:
-
a processor; a computer memory including stored instructions executable by the processor for implementing (i) an authentication module and (ii) an event-monitoring module; a wireless interface for establishing wireless communication links with user devices proximate to the secure resource; RSSI circuitry configured to monitor a signal strength of a wireless communication link between the wireless interface and a user device, and periodically storing, in the computer memory, values indicative of the monitored signal strength, wherein; the authentication module is configured to authenticate a user and verify an association between the authenticated user and the linked user device; and the event-monitoring module is configured to (i) periodically analyze the stored values for patterns indicative of a walkaway event and, when a pattern indicative of a walkaway event is detected, assign a probability thereto; and
(ii) if the probability exceeds a threshold specified by a security policy, terminating the authenticated user'"'"'s access to the secure resource. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
-
Specification