Temporal proximity to verify physical proximity
First Claim
1. A security system for protecting source information from being illicitly copied from a remote location, the security system comprising:
- a processor and an access device configured to execute a challenge-response protocol between them, during which protocol a secret key is exchanged;
a timer configured to measure a time-lag between a challenge and a response, where said challenge is sent from said processor to said access device during said challenge-response protocol and said response is received from said access device at said processor; and
a verifier configured to cause the protocol to be aborted if the measured time-lag is greater than an expected time-lag between said challenge and response during said challenge-response protocol and,wherein said verifier is configured to continually request randomly selected portions of said source information to be protected, in more than one of a plurality of predetermined order sequences until the verifier is able to determine statistically whether the access device accessing said source information in response to said verifier request is local or remote.
1 Assignment
0 Petitions
Accused Products
Abstract
A security system assesses the response time to requests for information to determine whether the responding system is in physical proximity to the requesting system. Generally, physical proximity corresponds to temporal proximity. If the response time indicates a substantial or abnormal lag between request and response, the system assumes that the lag is caused by the request and response having to travel a substantial or abnormal physical distance, or caused by the request being processed to generate a response, rather than being answered by an existing response in the physical possession of a user. If a substantial or abnormal lag is detected, the system is configured to limit subsequent access to protected material by the current user, and/or to notify security personnel of the abnormal response lag.
-
Citations
10 Claims
-
1. A security system for protecting source information from being illicitly copied from a remote location, the security system comprising:
-
a processor and an access device configured to execute a challenge-response protocol between them, during which protocol a secret key is exchanged; a timer configured to measure a time-lag between a challenge and a response, where said challenge is sent from said processor to said access device during said challenge-response protocol and said response is received from said access device at said processor; and a verifier configured to cause the protocol to be aborted if the measured time-lag is greater than an expected time-lag between said challenge and response during said challenge-response protocol and, wherein said verifier is configured to continually request randomly selected portions of said source information to be protected, in more than one of a plurality of predetermined order sequences until the verifier is able to determine statistically whether the access device accessing said source information in response to said verifier request is local or remote. - View Dependent Claims (2, 3)
-
-
4. A security system for protecting source information from being illicitly copied from a remote location, the security system comprising:
-
a processor and an access device configured to execute a challenge-response protocol between them, during which protocol a secret key is exchanged; a timer configured to measure a time-lag between a challenge sent by the processor and a corresponding response received from the access device during said protocol; and a verifier configured to cause the protocol to be aborted if the measured time-lag exceeds an expected time-lag in N out of M trials; and wherein said verifier is configured to continually request randomly selected portions of source information in at least M predetermined order sequences until the verifier is able to determine statistically whether the access device is local or remote, wherein said M is greater than one. - View Dependent Claims (5, 6, 7)
-
-
8. A security system comprising:
-
a processor and an access device configured to execute a challenge-response protocol between them, during which protocol a secret key is exchanged; a timer configured to measure a time-lag between a challenge sent by the processor and a corresponding response received from the access device during said protocol; and a verifier configured to cause the protocol to be aborted if the measured time-lag is greater than an expected time-lag between a challenge of said processor and a corresponding response from the access device; and wherein said verifier is configured for controlling the order of occurrence of continual routine data requests by the processor in at least two of a plurality of predefined order sequences until the verifier is able to determine statistically whether the access device attempting to access a protected source information is local or remote. - View Dependent Claims (9, 10)
-
Specification