Apparatus and method for location specific authentication using powerline networking

US 7,299,503 B2
Filed: 06/26/2003
Issued: 11/20/2007
Est. Priority Date: 06/26/2003
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating a data processing device, comprising:

receiving an electrical signal having a data signal added therein, wherein the electrical signal is indicative of a location of the data processing device;

extracting the data signal from the electrical signal;

comparing data of the data signal to security information stored in the data processing device; and

permitting operation of the data processing device based on the comparison of the data of the data signal to the security information, wherein the method further comprises;

receiving a data packet from a sending device via a data network, wherein the data packet includes a first data value and a first timestamp associated with the first data value;

querying a history data structure for a second data value associated with a second timestamp in the history data structure based on the first timestamp;

comparing the second data value to the first data value;

permitting processing of the data packet if the second data value matches the first data value;

adding an identifier of the sending device to a list based on the comparison of the second data value to the first data value, wherein if the second data value matches the first data value, the list is a list of authorized devices, and wherein if the second data value does not match the first data value, the list is a list of unauthorized devices; and

periodically clearing the list of authorized devices and the list of unauthorized devices.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mechanism for ensuring the physical location of data processing devices as a security check is provided. With this mechanism, security data is transmitted to data processing devices via an electrical network and is used to perform a security check to determine if the data processing device may operate. The data processing devices may be limited such that they may only power-up, boot-up, or remain operational when they are coupled to the electrical network. Thus, they must be physically located such that they may gain access to the electrical network. In addition, a security check may be used to control which data processing devices may communicate data packets with one another over the data network. When a data packet is received by a data processing device, security data in the data packet is compared against a local history of security data received by the recipient of the data packet via the electrical network. If matching security data is found in the history for the same time represented by an associated timestamp, then the sending data processing device and the receiving data processing device are determined to be present on the same electrical network and may communicate with one another.

Citations

3 Claims

1. A method of authenticating a data processing device, comprising:
- receiving an electrical signal having a data signal added therein, wherein the electrical signal is indicative of a location of the data processing device;
  
  extracting the data signal from the electrical signal;
  
  comparing data of the data signal to security information stored in the data processing device; and
  
  permitting operation of the data processing device based on the comparison of the data of the data signal to the security information, wherein the method further comprises;
  
  receiving a data packet from a sending device via a data network, wherein the data packet includes a first data value and a first timestamp associated with the first data value;
  
  querying a history data structure for a second data value associated with a second timestamp in the history data structure based on the first timestamp;
  
  comparing the second data value to the first data value;
  
  permitting processing of the data packet if the second data value matches the first data value;
  
  adding an identifier of the sending device to a list based on the comparison of the second data value to the first data value, wherein if the second data value matches the first data value, the list is a list of authorized devices, and wherein if the second data value does not match the first data value, the list is a list of unauthorized devices; and
  
  periodically clearing the list of authorized devices and the list of unauthorized devices.

2. A computer program product in a recordable-type computer readable medium for authenticating a data processing device, comprising;
- first instructions for receiving an electrical signal having a data signal added therein, wherein the electrical signal is indicative of a location of the data processing device;
  
  second instructions for extracting the data signal from the electrical signal;
  
  third instructions for comparing data of the data signal to security information stored in the data processing device; and
  
  fourth instructions for permitting operation of the data processing device based on the comparison of the data of the data signal to the security information, wherein the computer program product further comprises;
  
  fifth instructions for receiving a data packet from a sending device via a data network, wherein the data packet includes a first data value and a first timestamp associated with the first data value;
  
  sixth instructions for querying a history data structure for a second data value associated with a second timestamp in the history data structure based on the first timestamp;
  
  seventh instructions for comparing the second data value to the first data value;
  
  eighth instructions for permitting processing of the data packet if the second data value matches the first data value;
  
  ninth instructions for adding an identifier of the sending device to a list based on the comparison of the second data value to the first data value, wherein if the second data value matches the first data value, the list is a list of authorized devices, and wherein if the second data value does not match the first data value, the list is a list of unauthorized devices; and
  
  tenth instructions for periodically clearing the list of authorized devices and the list of unauthorized devices.

3. A method of securing a data network, comprising:
- receiving an electrical signal from an external electrical network;
  
  adding a data signal to the electrical signal to generate a modified electrical signal, wherein the data signal includes security data, and wherein the modified electrical signal is indicative of a location of devices coupled to the data network;
  
  outputting the modified electrical signal to a local electrical network; and
  
  permitting operation of the devices on the data network based on an authentication of the devices using the data signal extracted from the modified electrical signal, wherein the method further comprises;
  
  receiving a data packet from a second device, via a data network, in a first device, wherein the data packet includes a first data value and a first timestamp associated with the first data value;
  
  querying a history data structure for a second data value associated with a second timestamp in the history data structure based on the first timestamp;
  
  comparing the second data value to the first data value;
  
  permitting processing of the data packet if the second data value matches the first data value;
  
  adding an identifier of the second device to a list based on the comparison of the second data value to the first data value, wherein if the second data value matches the first data value, the list is a list of authorized devices, and wherein if the second data value does not match the first data value, the list is a list of unauthorized devices; and
  
  periodically clearing the list of authorized devices and the list of unauthorized devices.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
International Business Machines Corporation
Inventors
Ballard, Thomas Vance
Primary Examiner(s)
Zand; Kambiz
Assistant Examiner(s)
Nalven; Andrew L

Application Number

US10/607,556
Publication Number

US 20050005150A1
Time in Patent Office

1,608 Days
Field of Search

726/29, 726/27
US Class Current

726/29
CPC Class Codes

G06F 21/31   User authentication

G06F 21/575   Secure boot

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2111   Location-sensitive, e.g. ge...

G06F 2221/2129   Authenticate client device ...

G06F 2221/2151   Time stamp

H04B 2203/5412   by modofying wave form of t...

H04B 2203/5445   Local network

H04B 3/542   the information being in di...

H04L 63/08   for authentication of entit...

Apparatus and method for location specific authentication using powerline networking

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

3 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus and method for location specific authentication using powerline networking

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

3 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links