Network access protection
First Claim
1. A method comprising:
- receiving, at a server, an access request for access to at least one network resource from a client machine, the access request including account authentication information comprising an account identifier and password;
serving an executable object to the client machine operable to generate a client machine identifier comprising a machine fingerprint in response to receiving the access request, wherein the machine fingerprint is generated using at least one user-configurable machine parameter of the client machine, and at least one non-user-configurable machine parameter of the client machine;
obtaining the client machine identifier from the client machine; and
controlling access to the network resource in response to the access request, by authorizing access to the network resource for the access request if the client machine identifier matches a registered machine identifier that is registered for use with the account authentication information and the account authentication information matches registered information for a valid account, but denying access to the network resource if the client machine identifier does not match a registered client machine identifier that is registered for use with the account authentication information;
wherein the at least one non-user-configurable machine parameter includes at least one selected from a group consisting essentially of;
a measure of carbon degradation of a component of the client machine, a measure of silicon degradation of a component of the client machine, data representing one or more failures of one or more components of the client machine, and data representing one or more bad sectors of a component of the client machine.
6 Assignments
0 Petitions
Accused Products
Abstract
A system or method for network access protection executes steps for receiving, at a server, an access request for access to at least one network resource from a client machine, the access request including account authentication information comprising an account identifier and password, obtaining a client machine identifier from the client machine in response to receiving the request for access, and controlling access to the network resource in response to the access request by authorizing access to the network resource for the access request if the client machine identifier matches a registered machine identifier that is registered for use with the account authentication information and the account authentication information matches registered information for a valid account, but denying access to the network resource if the client machine identifier does not match a registered client machine identifier that is registered for use with the account authentication information.
195 Citations
17 Claims
-
1. A method comprising:
-
receiving, at a server, an access request for access to at least one network resource from a client machine, the access request including account authentication information comprising an account identifier and password; serving an executable object to the client machine operable to generate a client machine identifier comprising a machine fingerprint in response to receiving the access request, wherein the machine fingerprint is generated using at least one user-configurable machine parameter of the client machine, and at least one non-user-configurable machine parameter of the client machine; obtaining the client machine identifier from the client machine; and controlling access to the network resource in response to the access request, by authorizing access to the network resource for the access request if the client machine identifier matches a registered machine identifier that is registered for use with the account authentication information and the account authentication information matches registered information for a valid account, but denying access to the network resource if the client machine identifier does not match a registered client machine identifier that is registered for use with the account authentication information; wherein the at least one non-user-configurable machine parameter includes at least one selected from a group consisting essentially of;
a measure of carbon degradation of a component of the client machine, a measure of silicon degradation of a component of the client machine, data representing one or more failures of one or more components of the client machine, and data representing one or more bad sectors of a component of the client machine. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for controlling access to network resources in response to access requests, the system comprising:
-
a processor; at least one computer-readable medium that is operatively coupled to the processor; an access management application that is stored in the computer-readable medium, is at least partially executable by the processor from the memory, and, when executed by the processor, causes the system to control access to the network resources in response to access requests by at least; processing an access request for access to at least one network resource from a client machine, the access request including account authentication information comprising an account identifier and password; serving an executable object to the client machine operable to generate a client machine identifier comprising a machine fingerprint in response to receiving the access request, wherein the machine fingerprint is generated using at least one user-configurable machine parameter of the client machine, and at least one non-user-configurable machine parameter of the client machine; obtaining the client machine identifier from the client machine; controlling access to the network resource in response to the access request, responsive to determining whether or not the client machine identifier matches a registered machine identifier that is registered for use with the account authentication information and the account authentication information matches registered information for a valid account; wherein the at least one non-user-configurable machine parameter includes at least one selected from a group consisting essentially of;
a measure of carbon degradation of a component of the client machine, a measure of silicon degradation of a component of the client machine, data representing one or more failures of one or more components of the client machine, and data representing one or more bad sectors of a component of the client machine. - View Dependent Claims (9, 10, 11)
-
-
12. Anon-transitory computer-readable medium encoded with software, that when executed by a processor, causes a computer to perform the functions of:
-
receiving an access request for access to at least one network resource from a client machine, the access request including account authentication information comprising an account identifier and password; serving an executable object to the client machine operable to generate a client machine identifier comprising a machine fingerprint in response to receiving the access request, wherein the machine fingerprint is generated using at least one user-configurable machine parameter of the client machine, and at least one non-user-configurable machine parameter of the client machine; obtaining the client machine identifier from the client machine; and
controlling access to the network resource in response to the access request, by authorizing access to the network resource for the access request if the client machine identifier matches a registered machine identifier that is registered for use with the account authentication information and the account authentication information matches registered information for a valid account, but denying access to the network resource if the client machine identifier does not match a registered client machine identifier that is registered for use with the account authentication information;wherein the at least one non-user-configurable machine parameter includes at least one selected from a group consisting essentially of;
a measure of carbon degradation of a component of the client machine, a measure of silicon degradation of a component of the client machine, data representing one or more failures of one or more components of the client machine, and data representing one or more bad sectors of a component of the client machine. - View Dependent Claims (13, 14, 15, 16, 17)
-
Specification