Social and proximity based access control for mobile applications

US 9,479,512 B2
Filed: 09/18/2013
Issued: 10/25/2016
Est. Priority Date: 01/03/2013
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer readable storage medium comprising a computer readable program for proximity-based access control, wherein the computer readable program when executed on a computer causes the computer to perform the steps of:

determining whether a distance from a first mobile device to each of one or more safe mobile devices falls below a threshold distance, wherein safe mobile devices include devices sharing a threshold secret key with the first mobile device;

determining, with a processor, whether a number of safe mobile devices within the threshold distance exceeds a safe gathering threshold and whether enough threshold secret keys are available to meet a decryption threshold;

activating a safe gathering policy in accordance with the safe gathering threshold that decreases a security level in the first mobile device, wherein the safe gathering policy includes setting a security level for all nearby users based on a security level of a lowest clearance level user or a sensitivity of data on the first mobile device;

continuously verifying that the number of safe mobile devices exceeds the safe gathering threshold; and

deactivating the safe gathering policy if the number of safe mobile devices does not exceed the safe gathering threshold.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems for proximity-based access control include a proximity module configured to determine whether a distance from a first mobile device to each of one or more safe mobile devices falls below a threshold distance; a policy engine comprising a processor configured to determine whether a number of safe mobile devices within the threshold distance exceeds a safe gathering threshold; and a security module configured to activate a safe gathering policy in accordance with the safe gathering threshold that decreases a security level in the first mobile device.

Citations

13 Claims

1. A non-transitory computer readable storage medium comprising a computer readable program for proximity-based access control, wherein the computer readable program when executed on a computer causes the computer to perform the steps of:
- determining whether a distance from a first mobile device to each of one or more safe mobile devices falls below a threshold distance, wherein safe mobile devices include devices sharing a threshold secret key with the first mobile device;
  
  determining, with a processor, whether a number of safe mobile devices within the threshold distance exceeds a safe gathering threshold and whether enough threshold secret keys are available to meet a decryption threshold;
  
  activating a safe gathering policy in accordance with the safe gathering threshold that decreases a security level in the first mobile device, wherein the safe gathering policy includes setting a security level for all nearby users based on a security level of a lowest clearance level user or a sensitivity of data on the first mobile device;
  
  continuously verifying that the number of safe mobile devices exceeds the safe gathering threshold; and
  
  deactivating the safe gathering policy if the number of safe mobile devices does not exceed the safe gathering threshold.
- View Dependent Claims (11)
- - 11. The system of claim 1, wherein the security module authenticates with each safe device before exchanging threshold secret keys with said safe device.

2. A system for proximity-based access control, comprising:
- a proximity module comprising a processor and a memory, configured to determine whether a distance from a first mobile device to each of one or more safe mobile devices falls below a threshold distance;
  
  a policy engine comprising a processor configured to determine whether a number of safe mobile devices within the threshold distance exceeds a safe gathering threshold, wherein safe mobile devices include devices sharing a threshold secret key with the first mobile device and the policy engine is further configured to;
  
  determine whether enough threshold secret keys are available to meet a decryption threshold, andcontinuously verify that the number of safe mobile devices exceeds the safe gathering threshold and, if not, deactivating the safe gathering policy; and
  
  a security module configured to activate a safe gathering policy in accordance with the safe gathering threshold that decreases a security level in the first mobile device, wherein the safe gathering policy includes setting a security level for all nearby users based on a security level of a lowest clearance level user or a sensitivity of data on the first mobile device.
- View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10)
- - 3. The system of claim 2, wherein the security module is further configured to prompt a user of the first mobile device for a decision as to whether to activate the safe gathering policy.
  - 4. The system of claim 2, wherein the proximity module is further configured to receive an identifier and a signal strength magnitude from the safe mobile device.
  - 5. The system of claim 2, wherein the proximity module is further configured to determine whether the first mobile device is physically located within a safe space and the security module is to activate the safe gathering policy further in accordance with presence in the safe space.
  - 6. The system of claim 5, wherein the proximity module is further configured to determine whether the first mobile device is within a threshold range of one or more fixed transmitting stations.
  - 7. The system of claim 5, wherein the proximity module is further configured to access door access logs to determine the identities of people who have entered the safe space.
  - 8. The system of claim 2, wherein the safe gathering policy implements one or more authentication schemes that are less strict than a default authentication scheme.
  - 9. The system of claim 2, wherein the safe gathering threshold is one of a set of safe gathering thresholds having varying levels of safety and wherein activating a safe gathering policy comprises selecting a policy from a set of safe gathering policies in accordance with a corresponding safe gathering threshold.
  - 10. The system of claim 2, wherein the policy engine is further configured to determine whether a meeting is scheduled and wherein the security module is further configured to activate the safe gathering policy further in accordance with a determination that a meeting is scheduled.

12. A non-transitory computer readable storage medium comprising a computer readable program for proximity-based access control, wherein the computer readable program when executed on a computer causes the computer to perform the steps of:
- determining whether a distance from a first mobile device to each of one or more safe mobile devices falls below a threshold distance, wherein safe mobile devices include devices sharing a threshold secret key with the first mobile device;
  
  determining, with a processor, whether a number of safe mobile devices within the threshold distance exceeds a safe gathering threshold and whether enough threshold secret keys are available to meet a decryption threshold;
  
  activating a safe gathering policy in accordance with the safe gathering threshold that decreases a security level in the first mobile device, wherein the safe gathering policy includes setting a security level for all nearby users to a security level of a lowest clearance level user;
  
  continuously verifying that the number of safe mobile devices exceeds the safe gathering threshold; and
  
  deactivating the safe gathering policy if the number of safe mobile devices does not exceed the safe gathering threshold.
- View Dependent Claims (13)
- - 13. The non-transitory computer readable storage medium of claim 12, wherein the safe gathering policy further includes setting a security level for all nearby users based on a sensitivity of data on the first mobile device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AirBNB Incorporated
Original Assignee
International Business Machines Corporation
Inventors
Castro, Paul C., Huang, Yunwu, Pistoia, Marco, Topkara, Umut
Primary Examiner(s)
JHAVERI, JAYESH M

Application Number

US14/030,552
Publication Number

US 20140189786A1
Time in Patent Office

1,133 Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/104   Grouping of entities

H04L 63/105   Multiple levels of security

H04L 63/107   wherein the security polici...

H04L 63/20   for managing network securi...

H04W 12/04   Key management, e.g. using ...

H04W 12/06   Authentication

H04W 12/08   Access security

H04W 12/30   Security of mobile devices;...

H04W 12/64   using geofenced areas

Social and proximity based access control for mobile applications

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Social and proximity based access control for mobile applications

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links