Authentication based on future geo-location

US 7,805,128 B2
Filed: 11/20/2006
Issued: 09/28/2010
Est. Priority Date: 11/20/2006
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving one or more identifier/geo-location pairs that are defined by a user U, wherein each of the identifiers is meaningful to said user U but does not indicate the associated geo-location to other users, and wherein said user U is associated with a wireless telecommunications terminal;

receiving, after the receiving of said one or more identifier/geo-location pairs, a first signal that indicates that the current user of said wireless telecommunications terminal is to be authenticated;

selecting, in response to said first signal, an identifier/geo-location pair I/L from said one or more identifier/geo-location pairs;

presenting identifier I at said wireless telecommunications terminal at time t; and

when the geo-location of said wireless telecommunications terminal is substantially the same as L at a time that exceeds t by no more than a positive threshold, storing in a memory a value that indicates that the current user of said wireless telecommunications terminal is authenticated for access to a telecommunications network.

View all claims

23 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus and methods are disclosed for authenticating users of wireless telecommunications terminals. A user is authenticated by instructing the user to travel to a geo-location, where the geo-location is referred to by an identifier that the user has previously associated with the geo-location. When the user chooses identifiers that are meaningful to the user, but that do not indicate the associated geo-locations to other people, the user can be securely authenticated via the following procedure: (i) select one of the identifiers that the user has defined, (ii) instruct the user to “go to <identifier>,” and (iii) declare the user authenticated if and only if the user visits the geo-location associated with <identifier> before a timeout expires.

Citations

19 Claims

1. A method comprising:
- receiving one or more identifier/geo-location pairs that are defined by a user U, wherein each of the identifiers is meaningful to said user U but does not indicate the associated geo-location to other users, and wherein said user U is associated with a wireless telecommunications terminal;
  
  receiving, after the receiving of said one or more identifier/geo-location pairs, a first signal that indicates that the current user of said wireless telecommunications terminal is to be authenticated;
  
  selecting, in response to said first signal, an identifier/geo-location pair I/L from said one or more identifier/geo-location pairs;
  
  presenting identifier I at said wireless telecommunications terminal at time t; and
  
  when the geo-location of said wireless telecommunications terminal is substantially the same as L at a time that exceeds t by no more than a positive threshold, storing in a memory a value that indicates that the current user of said wireless telecommunications terminal is authenticated for access to a telecommunications network.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1 wherein said user U defines said identifier/geo-location pair I/L by inputting identifier I to said wireless telecommunications terminal when said wireless telecommunications terminal is at geo-location L.
  - 3. The method of claim 1 further comprising, when and only when the geo-location of said wireless telecommunications terminal is substantially the same as L at a time that exceeds t by no more than said positive threshold, transmitting to said wireless telecommunications terminal a second signal that indicates that the current user of said wireless telecommunications terminal is authenticated for access to a telecommunications network.
  - 4. The method of claim 1 further comprising receiving an estimate of the geo-location of said wireless telecommunications terminal at one or more points in time.

5. A method comprising:
- receiving one or more identifier/geo-location pairs that are defined by a user U, wherein each of the identifiers is meaningful to said user U but does not indicate the associated geo-location to other users, and wherein said user U is associated with a wireless telecommunications terminal;
  
  receiving, after the receiving of said one or more identifier/geo-location pairs, a first signal that indicates that the current user of said wireless telecommunications terminal is to be authenticated;
  
  selecting, in response to said first signal, an identifier/geo-location pair I/L from said one or more identifier/geo-location pairs;
  
  presenting at said wireless telecommunications terminal at time t identifier I and a task that involves said wireless telecommunications terminal; and
  
  when and only when, the current user of said wireless telecommunications terminal performs said task at a geo-location that is substantially the same as L and at a time that exceeds t by no more than a positive threshold, storing in a memory a value that indicates that the current user of said wireless telecommunications is authenticated for access to a telecommunications network.
- View Dependent Claims (6, 7, 8, 9)
- - 6. The method of claim 5 further comprising, when and only when the geo-location of said wireless telecommunications terminal is substantially the same as L at a time that exceeds t by no more than said positive threshold, transmitting to said wireless telecommunications terminal a second signal that indicates that the current user of said wireless telecommunications terminal is authenticated for access to a telecommunications network.
  - 7. The method of claim 5 further comprising generating said task at random.
  - 8. The method of claim 5 wherein said task comprises supplying an input to said wireless telecommunications terminal that is public.
  - 9. The method of claim 5 wherein said user U defines said identifier/geo-location pair I/L by inputting identifier I to said wireless telecommunications terminal when said wireless telecommunications terminal is at geo-location L.

10. A method comprising:
- receiving one or more identifier/geo-location pairs that are defined by a user U, wherein each of the identifiers is meaningful to said user U but does not indicate the associated geo-location to other users, and wherein said user U is associated with a wireless telecommunications terminal;
  
  receiving, after the receiving of said one or more identifier/geo-location pairs, a first signal that indicates that the current user of said wireless telecommunications terminal is to be authenticated;
  
  generating, in response to said first signal, an authentication challenge based on one of the identifier/geo-location pairs I/L;
  
  presenting said authentication challenge at said wireless telecommunications terminal at time t; and
  
  when and only when, the geo-location of said wireless telecommunications terminal is substantially the same as said geo-location L at a time that exceeds t by no more than a positive threshold Δ
  
  , storing in a memory a value that indicates that the current user of said wireless telecommunications terminal is authenticated for access to a telecommunications network.
- View Dependent Claims (11, 12, 13, 14)
- - 11. The method of claim 10 further comprising, when and only when the geo-location of said wireless telecommunications terminal is substantially the same as L at a time that exceeds t by no more than said positive threshold Δ
    - , transmitting to said wireless telecommunications terminal a second signal that indicates that the current user of said wireless telecommunications terminal is authenticated for access to a telecommunications network.
  - 12. The method of claim 11 further comprising, when and only when said second signal is not received at said wireless telecommunications terminal in time interval [t, t+Δ
    - ], generating a third signal after time t+Δ
      
      that indicates that the current user of said wireless telecommunications terminal is not authenticated for access to a telecommunications network.
  - 13. The method of claim 10 wherein said user U defines said identifier/geo-location pair I/L by inputting identifier I to said wireless telecommunications terminal when said wireless telecommunications terminal is at geo-location L.
  - 14. The method of claim 10 further comprising transmitting from said wireless telecommunications terminal an estimate of the geo-location of said wireless telecommunications terminal at one or more points in time.

15. A method comprising:
- receiving one or more identifier/geo-location pairs that are defined by a user U, wherein each of the identifiers is meaningful to said user U but does not indicate the associated geo-location to other users, and wherein said user U is associated with a wireless telecommunications terminal;
  
  receiving, after the receiving of said one or more identifier/geo-location pairs, a first signal that indicates that the current user of said wireless telecommunications terminal is to be authenticated;
  
  generating, in response to said first signal, an authentication challenge that is based on one of the identifier/geo-location pairs I/L and comprises a task that involves said wireless telecommunications terminal;
  
  presenting said authentication challenge at said wireless telecommunications terminal at time t; and
  
  when, and only when, the current user of said wireless telecommunications terminal performs said task at a geo-location that is substantially the same as L and at a time that exceeds t by no more than a positive threshold Δ
  
  , storing in a memory a value that indicates that the current user of said wireless telecommunication terminal is authenticated for access to a telecommunications network.
- View Dependent Claims (16, 17, 18, 19)
- - 16. The method of claim 15 further comprising, when and only when the geo-location of said wireless telecommunications terminal is substantially the same as L at a time that exceeds t by no more than said positive threshold Δ
    - , transmitting to said wireless telecommunications terminal a second signal that indicates that the current user of said wireless telecommunications terminal is authenticated for access to a telecommunications network.
  - 17. The method of claim 15 wherein said task comprises supplying an input to said wireless telecommunications terminal that is public.
  - 18. The method of claim 16 further comprising, when and only when said second signal is not received at said wireless telecommunications terminal in time interval [t, t+Δ
    - ], generating a third signal after time t+Δ
      
      that indicates that the current user of said wireless telecommunications terminal is not authenticated for access to a telecommunications network.
  - 19. The method of claim 15 wherein said user U defines said identifier/geo-location pair I/L by inputting identifier I to said wireless telecommunications terminal when said wireless telecommunications terminal is at geo-location L.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avaya Incorporated
Original Assignee
Avaya Incorporated
Inventors
Skiba, David Joseph, Sammon, Michael J., O'Gorman, Lawrence, Erhart, George William, Bentley, Jon Louis
Primary Examiner(s)
Kincaid, Lester
Assistant Examiner(s)
SAMS, MATTHEW C

Application Number

US11/561,830
Publication Number

US 20080120718A1
Time in Patent Office

1,408 Days
Field of Search

455/410, 455/411, 4554561-4566, 4554141-4144, 726/21
US Class Current

455/411
CPC Class Codes

G06F 21/35   communicating wirelessly

H04L 63/107   wherein the security polici...

H04L 9/3228   One-time or temporary data,...

H04W 12/06   Authentication

H04W 12/63   Location-dependent; Proximi...

H04W 4/02   Services making use of loca...

H04W 4/029   Location-based management o...

H04W 4/185   by embedding added-value in...

Authentication based on future geo-location

First Claim

23 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication based on future geo-location

First Claim

23 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links