Method and apparatus for token-based tamper detection
First Claim
1. An apparatus comprising:
- a memory storing;
a first set of a plurality of tokens, the first set of the plurality of tokens comprising;
a hard token representing identification information of a device,a network token representing the status of a network that facilitates communication from the device, anda resource token representing information associated with a resource; and
a second set of a plurality of tokens, the second set comprising secured copies of the hard token, network token, and resource token, the second set generated when the hard token, network token, and resource token of the first set were first generated; and
a processor;
receiving, based on network jitter, a suspect token indicating a risk that at least one of the device, the network, and the resource has been tampered;
in response to receiving the suspect token, applying one or more token tampering rules that specify which of the at least one of the hard token, network token, and resource token may have been affected as result of the risk indicated in the suspect token;
comparing the at least one of the hard token, network token, and resource token of the first set that is identified by the one or more token tampering rules as being associated with the suspect token with its corresponding secured copy of the second set;
in response to determining that the at least one of the hard token, network token, and resource token of the first set does not match the corresponding secured copy of the second set, communicating a revalidation token indicating the at least one token has been tampered;
computing, based upon the revalidation token, a risk token representing an increased level of risk associated with the at least one of the device, the network, and the resource; and
determining, based on the risk token, an access decision associated with the at least one of the device, the network, and the resource.
1 Assignment
0 Petitions
Accused Products
Abstract
According to one embodiment, an apparatus may store: a hard token representing identification information of the device, a network token representing the status of a network, and a resource token representing information associated with a resource. The apparatus may further store secured copies of the hard token, network token, and resource token. The apparatus may receive a suspect token indicating a risk that at least one of the device, the network, and the resource has been tampered, and in response, determine to inspect at least one of the hard token, network token, and resource token. The apparatus may then compare the at least one of the hard token, network token, and resource token with its corresponding secured copy. If at least one of those tokens does not match its corresponding secured copy, the apparatus may communicate a revalidation token indicating at least one token has been tampered.
78 Citations
24 Claims
-
1. An apparatus comprising:
-
a memory storing; a first set of a plurality of tokens, the first set of the plurality of tokens comprising; a hard token representing identification information of a device, a network token representing the status of a network that facilitates communication from the device, and a resource token representing information associated with a resource; and a second set of a plurality of tokens, the second set comprising secured copies of the hard token, network token, and resource token, the second set generated when the hard token, network token, and resource token of the first set were first generated; and a processor; receiving, based on network jitter, a suspect token indicating a risk that at least one of the device, the network, and the resource has been tampered; in response to receiving the suspect token, applying one or more token tampering rules that specify which of the at least one of the hard token, network token, and resource token may have been affected as result of the risk indicated in the suspect token; comparing the at least one of the hard token, network token, and resource token of the first set that is identified by the one or more token tampering rules as being associated with the suspect token with its corresponding secured copy of the second set; in response to determining that the at least one of the hard token, network token, and resource token of the first set does not match the corresponding secured copy of the second set, communicating a revalidation token indicating the at least one token has been tampered; computing, based upon the revalidation token, a risk token representing an increased level of risk associated with the at least one of the device, the network, and the resource; and determining, based on the risk token, an access decision associated with the at least one of the device, the network, and the resource. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for validating tokens comprising:
-
storing a first set of a plurality of tokens, the first set of the plurality of token comprising; a hard token representing identification information of a device, a network token representing the status of a network that facilitates communication from the device, and a resource token representing information associated with a resource; storing a second set of a plurality of tokens, the second set comprising secured copies of the hard token, network token, and resource token, the second set generated when the hard token, network token, and resource token of the first set were first generated; receiving, based on network jitter, a suspect token indicating a risk that at least one of the device, the network, and the resource has been tampered; in response to receiving the suspect token, applying, by a processor, one or more token tampering rules that specify which of the at least one of the hard token, network token, and resource token may have been affected as result of the risk indicated in the suspect token; comparing the at least one of the hard token, network token, and resource token of the first set that is identified by the one or more token tampering rules as being associated with the suspect token with its corresponding secured copy of the second set; in response to determining that the at least one of the hard token, network token, and resource token of the first set does not match the corresponding secured copy of the second set, communicating a revalidation token indicating the at least one token has been tampered; computing, based upon the revalidation token, a risk token representing an increased level of risk associated with the at least one of the device, the network, and the resource; and determining, based on the risk token, an access decision associated with the at least one of the device, the network, and the resource. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. One or more computer-readable non-transitory storage media embodying software that is operable when executed to:
-
store a first set of a plurality of tokens, the first set of the plurality of token comprising; a hard token representing identification information of the device, a network token representing the status of a network that facilitates communication from a device, and a resource token representing information associated with a resource; store a second set of a plurality of tokens, the second set comprising secured copies of the hard token, network token, and resource token, the second set generated when the hard token, network token, and resource token of the first set were first generated; receive, based on network jitter, a suspect token indicating a risk that at least one of the device, the network, and the resource has been tampered; in response to receiving the suspect token, apply one or more token tampering rules that specify which of the at least one of the hard token, network token, and resource token may have been affected as result of the risk indicated in the suspect token; compare the at least one of the hard token, network token, and resource token of the first set that is identified by the one or more token tampering rules as being associated with the suspect token with its corresponding secured copy of the second set; in response to determining that the at least one of the hard token, network token, and resource token of the first set does not match the corresponding secured copy of the second set, communicate a revalidation token indicating the at least one token has been tampered; compute, based upon the revalidation token, a risk token representing an increased level of risk associated with the at least one of the device, the network, and the resource; and determine, based on the risk token, an access decision associated with the at least one of the device, the network, and the resource. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
-
Specification