IP based security applications using location, port and/or device identifier information
First Claim
Patent Images
1. A security method for use in a communication system, the security method comprising:
- receiving an IP packet including a source address and a destination address;
obtaining physical location information indicating a location of a user device which is a source of said IP packet prior to delivery of the packet to the destination address, and wherein said obtaining physical location information indicating the location of the user device further includes performing a database lookup operation to retrieve a geographic location corresponding to an edge router and port information obtained from said edge router; and
determining, as a function of the obtained physical location information, an action to be taken, wherein determining an action to be taken includes;
comparing the obtained physical location information to information listing physical locations authorized to obtain access to a service for which security is to be provided.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus for determining, in a reliable manner, a port, physical location and/or device identifier, such as a MAC address, associated with a device using an IP address and for using such information, e.g., to support one or more security applications is described. Supported security applications include restricting access to services based on the location of a device seeking access to a service, determining the location of stolen devices, and verifying the location of the source of a message or other IP signal, e.g., to determine if a prisoner is contacting a monitoring service from a predetermined location.
-
Citations
19 Claims
-
1. A security method for use in a communication system, the security method comprising:
-
receiving an IP packet including a source address and a destination address; obtaining physical location information indicating a location of a user device which is a source of said IP packet prior to delivery of the packet to the destination address, and wherein said obtaining physical location information indicating the location of the user device further includes performing a database lookup operation to retrieve a geographic location corresponding to an edge router and port information obtained from said edge router; and determining, as a function of the obtained physical location information, an action to be taken, wherein determining an action to be taken includes; comparing the obtained physical location information to information listing physical locations authorized to obtain access to a service for which security is to be provided. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A security method for use in a communication system, the security method comprising:
-
receiving an IP packet including a source address and a destination address; obtaining physical location information indicating a location of a user device which is a source of said IP packet prior to delivery of the packet to the destination address, including transmitting a location information request message including the source address of the received IP packet and receiving, in response to said transmitted location information request message, information corresponding to the location of the user device; determining, as a function of the obtained physical location information, an action to be taken, and determining the location of the user device from edge router information and port information obtained from an edge router identified by said edge router information, and wherein determining the location of the user device includes performing a database lookup operation to retrieve a geographic location stored in association with said edge router information and said port information.
-
-
7. A security method for use in a communication system, the security method comprising:
-
(a) receiving an IP packet including a source address and a destination address; (b) obtaining physical location information indicating a location of a user device which is a source of said IP packet, by; (i) transmitting a location information request message including the source address of the received IP packet, (ii) receiving in response to said transmitted location information request message, information corresponding to the location of the user device determined from edge router information indicating an edge router corresponding to said source address and port information obtained from said edge router; and (c) comparing a received device identifier to a list of device identifiers corresponding to stolen devices, and (d) when said comparing indicates a match between the received device identifier and a device identifier on said list, taking an action involving use of said obtained physical location information. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A security device for use in a communication system in which IP packets are transmitted, the device comprising:
-
means for receiving an IP packet including a source address and a destination address; means for obtaining physical location information indicating a location of a user device which is a source of said IP packet prior to delivery of the packet to the destination address, wherein said obtaining means includes means for performing a database lookup operation to retrieve a geographic location stored in association with edge router information and port information obtained from an edge router identified by said edge router information; means for determining, as a function of the obtained physical location information, an action to be taken; a database of physical location information listing physical locations authorized to obtain access to said service; and wherein said determining means includes a comparator for comparing the obtained physical location information to information listing physical locations authorized to obtain access to a service for which security is to be provided. - View Dependent Claims (13)
-
-
14. A location verification method, the method comprising;
-
receiving an IP packet including a source address and a destination address; determining from said source address, edge router information corresponding to said source address, and port information obtained from an edge router identified by said edge router information, a physical location from which said IP packet was sent prior to delivery of the packet to the destination address; comparing the determined physical location to an expected physical location of the source of said IP packet; and determining a reporting error when said determined physical location does not match the expected physical location. - View Dependent Claims (15, 16, 17, 18)
-
-
19. A location verification method, the method comprising;
-
receiving an IP packet including a source address wherein said IP packet is transmitted from a bracelet worn by a parolee and wherein said IP packet includes parolee identification information; determining from said source address, edge router information corresponding to said source address, and port information obtained from an edge router identified by said edge router information, a physical location from which said IP packet was sent; comparing the determined physical location to an expected physical location of the source of said IP packet; determining a reporting error when said determined physical location does not match the expected physical location; transmitting a message including information on the determined reporting error to a law enforcement authority; including the determined physical location information in said message; identifying a device transmitting said IP packet from a MAC address determined from a database associating said MAC address with said source address; and including in said message information obtained from said IP packet identifying the parolee.
-
Specification