System and method for verifying physical proximity to a network device

US 9,609,515 B2
Filed: 03/27/2013
Issued: 03/28/2017
Est. Priority Date: 03/27/2013
Status: Active Grant

First Claim

Patent Images

1. A method for verifying physical proximity to a network device, comprising:

establishing, using a computer device, electromagnetic communications with a tag that is fixed in, on, or proximal to the network device, wherein the tag is configured to be read and written to by the electromagnetic communications with the computing device, when the computing device is disposed in physical proximity to the tag;

acquiring, from the tag via the electromagnetic communications, an encrypted tag identifier, wherein an unencrypted tag identifier contained within the encrypted tag identifier is not accessible to the computer device and wherein the unencrypted tag identifier uniquely identifies the network device;

acquiring, from the tag via the electromagnetic communications, instructions for communicating with a server, wherein the server is configured to decrypt the encrypted tag identifier, to verify that the computer device is authorized to access the network device, and to authorize access to the network device based on the verification;

establishing, by executing the instructions on the computer device, a communications session with the server;

transmitting, to the server via the communications session, the encrypted tag identifier, wherein the server decrypts the encrypted tag identifier, verifies that the computer device is authorized to access the network device, and sends, based on the verification, authorization command to the network device allowing the computer device access to the network device;

receiving, from the server via the communications session, an authorization confirmation that grants access to the network device, wherein the authorization confirmation includes a new encrypted tag identifier;

rewriting, using the computing device, the tag so as to replace the encrypted tag identifier with a new encrypted tag identifier, wherein the sever utilizes the new encrypted tag identifier to grant future access to the network device; and

performing one or more operations with the network device after receiving the authorization confirmation.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for verifying physical proximity to a network device are provided. The method includes acquiring a tag identifier from a tag fixed in, on, or proximal to a network device, using a computing device. The tag is configured to be read and written to by electronic communication with the computing device, when the computing device is disposed in proximity to the tag. The method further includes transmitting data indicative of the tag identifier to a server, and receiving an authorization confirmation from the server. The method also includes rewriting the tag so as to replace the tag identifier with a new tag identifier, using the computing device, and performing one or more operations with the network device after receiving the authorization.

18 Citations

View as Search Results

19 Claims

1. A method for verifying physical proximity to a network device, comprising:
- establishing, using a computer device, electromagnetic communications with a tag that is fixed in, on, or proximal to the network device, wherein the tag is configured to be read and written to by the electromagnetic communications with the computing device, when the computing device is disposed in physical proximity to the tag;
  
  acquiring, from the tag via the electromagnetic communications, an encrypted tag identifier, wherein an unencrypted tag identifier contained within the encrypted tag identifier is not accessible to the computer device and wherein the unencrypted tag identifier uniquely identifies the network device;
  
  acquiring, from the tag via the electromagnetic communications, instructions for communicating with a server, wherein the server is configured to decrypt the encrypted tag identifier, to verify that the computer device is authorized to access the network device, and to authorize access to the network device based on the verification;
  
  establishing, by executing the instructions on the computer device, a communications session with the server;
  
  transmitting, to the server via the communications session, the encrypted tag identifier, wherein the server decrypts the encrypted tag identifier, verifies that the computer device is authorized to access the network device, and sends, based on the verification, authorization command to the network device allowing the computer device access to the network device;
  
  receiving, from the server via the communications session, an authorization confirmation that grants access to the network device, wherein the authorization confirmation includes a new encrypted tag identifier;
  
  rewriting, using the computing device, the tag so as to replace the encrypted tag identifier with a new encrypted tag identifier, wherein the sever utilizes the new encrypted tag identifier to grant future access to the network device; and
  
  performing one or more operations with the network device after receiving the authorization confirmation.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein acquiring the tag identifier comprises bringing the computing device to an area of physical proximity to the tag, wherein the tag is a radio frequency identification tag configured for near-field communication.
  - 3. The method of claim 2, wherein the area of physical proximity is an effective range of communication of the tag, a size of the area is configurable, or both.
  - 4. The method of claim 1, wherein the network device provides the server.
  - 5. The method of claim 1, further comprising:
    - selecting a portion of the encrypted new tag identifier using the computing device; and
      
      transmitting the portion of the encrypted new tag identifier to the server.
  - 6. The method of claim 1, further comprising:
    - acquiring a network device identifier using the computing device; and
      
      transmitting the network device identifier to the server.
  - 7. The method of claim 1, wherein the computing device is a mobile device.

8. A method for verifying physical proximity to a network device, comprising:
- associating the network device with a tag identifier of a tag fixed to, in, or proximal to the network device,wherein the tag is readable and writable using electromagnetic communications with a computing device in physical proximity to the tagwherein the tag identifier uniquely identifies the network device, andwherein the tag stores the tag identifier as an encrypted tag identifier and stores instructions for communicating with a server;
  
  receiving, from the computer device using the instructions, a request to establish a communications session;
  
  receiving, at the server via the communications session, an authorization request from the computing device, the authorization request comprising the encrypted tag identifier;
  
  decrypting the encrypted tag identifier to obtain the tag identifier;
  
  determining that the tag identifier matches a stored tag identifier associated with the network device and the computer device is authorized to access the network device;
  
  in response to determining that the tag identifier matches the stored tag identifier, sending, to the network device, an authorization command granting the computer device access to the network device; and
  
  in response to determining that the tag identifier matches the stored tag identifier, causing the computing device to rewrite the tag so as to substitute the encrypted tag identifier with a new encrypted tag identifier, wherein the new encrypted tag identifier is utilized to grant future access to the network device.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The method of claim 8, further comprising associating the network device with the new encrypted tag identifier after determining that the tag identifier matches the stored tag identifier of the network device.
  - 10. The method of claim 9, wherein associating the network device with the new encrypted tag identifier occurs before transmitting an authorization confirmation to the computer device.
  - 11. The method of claim 8, further comprising receiving the new encrypted tag identifier from the computing device after transmitting an authorization confirmation, wherein causing the computing device to rewrite the tag comprises transmitting the authorization confirmation to the computing device.
  - 12. The method of claim 8, further comprising selecting the new encrypted tag identifier, wherein causing the computing device to rewrite the tag comprises transmitting the new encrypted tag identifier to the computing device.
  - 13. The method of claim 12, further comprising transmitting instructions to the computing device that, when executed, are configured to cause the computing device to rewrite the tag with the new encrypted tag identifier.
  - 14. The method of claim 8, wherein the tag comprises a near-field communication tag.
  - 15. The method of claim 8, further comprising associating the network device with a network device identifier, wherein:
    - receiving the authorization request further comprises receiving an acquired network device identifier; and
      
      determining that the tag identifier matches the stored tag identifier of the network device further comprises determining that the acquired network device identifier matches the network device identifier that is associated with the network device.

16. A system, comprising:
- a network device;
  
  a tag that is readable and writeable by electromagnetic communications with a computing device positioned in physical proximity to the tag, the tag being fixed in a location in, on, or proximal to the network device and being configured to store an encrypted tag identifier comprising a tag identifier and store instructions for communicating with a server; and
  
  the server coupled to the network device, wherein the server comprises one or more processors and one or more computer-readable storing instructions that, when executed by at least one of the one or more processors, are configured to cause the server to perform operations, the operations comprising;
  
  associating the network device with the tag identifier;
  
  receiving, from the computer device using the instructions, a request to establish a communications sessionreceiving, via the communications session, an authorization request from the computing device, the authorization request comprising the encrypted tag identifier;
  
  decrypting the encrypted tag identifier to obtain the tag identifier;
  
  determining that the tag identifier matches a stored tag identifier of the network device and the computer device is authorized to access the network device;
  
  in response to determining that the tag identifier matches the stored tag identifier, sending, to the network device, an authorization command granting the computer device access to the network device; and
  
  in response to determining that the acquired tag identifier matches the stored tag identifier, causing the computing device to rewrite the tag so as to substitute the encrypted tag identifier with a new encrypted tag identifier, wherein the new encrypted tag identifier is utilized to grant future access to the network device.
- View Dependent Claims (17, 18, 19)
- - 17. The system of claim 16, wherein the computing device comprises a mobile device and the tag comprises a near-field communication tag.
  - 18. The system of claim 16, wherein the network device comprises a printing device.
  - 19. The system of claim 16, wherein the operations further comprise transmitting the new encrypted tag identifier to the computing device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Xerox Corporation (Xerox Holdings Corp.)
Original Assignee
Xerox Corporation (Xerox Holdings Corp.)
Inventors
Tredoux, Gavan L., Zehler, Peter J., Rajendran, Premkumar, Kramer, Roger T.
Primary Examiner(s)
Zimmerman, Brian
Assistant Examiner(s)
EUSTAQUIO, CAL J

Application Number

US13/851,264
Publication Number

US 20140292496A1
Time in Patent Office

1,462 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/35   communicating wirelessly

G06F 21/606   by securing the transmissio...

G06F 21/608   Secure printing

G06F 21/79   in semiconductor storage me...

G06F 2221/2111   Location-sensitive, e.g. ge...

G06F 2221/2115   Third party

H04L 63/0492   by using a location-limited...

H04W 12/08   Access security

H04W 4/80   Services using short range ...

System and method for verifying physical proximity to a network device

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

18 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for verifying physical proximity to a network device

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

18 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links