Network authentication of a geo-fenced volume
First Claim
Patent Images
1. A computer implemented method for managing a software defined network by a processor in a wireless access point hardware security device, the method comprising:
- defining a first geo-fenced volume of the software defined network using a coordinate system that includes a range of latitudes, a range of longitudes, and a range of altitudes, wherein the range of latitudes, the range of longitudes, and the range of altitudes is included in data received from a Global Positioning System;
determining a geographic location of a device using a latitude, a longitude, and an altitude within the coordinate system, wherein the latitude, the longitude, and the altitude is included in the data received from the Global Positioning System;
accessing a user profile for the device that includes one or more network permissions based on the geographic location of the device relative to the first geo-fenced volume,wherein the one or more network permissions includes access to resources within the first geo-fenced volume,wherein the user profile includes the geographic location of the device and security information of a user,wherein the security information includes at least one of a biometric identity marker scan and an authentication identifier of the user,wherein the biometric identity markers scan is selected from the group consisting of a retinal scan and a fingerprint scan,wherein the authentication identifier is selected from the group consisting of badge access and guarded entries;
determining a first condition where the geographic location of the device is within the first geo-fenced volume;
granting the one or more network permissions in response to the first condition wherein the device is within the first geo-fenced volume; and
providing physical access to the user to a second geo-fenced volume of the software defined network through a point of access based on the security information, wherein the point of access includes a locked doorway.
1 Assignment
0 Petitions
Accused Products
Abstract
Provided is a method for managing a software defined network using a software control layer to regulate a geo-fenced volume. The software control layer can use a Global Positioning System (GPS) including a range of latitudes, a range of longitudes and a range of altitudes. A resource within the geo-fenced volume can be assigned a location using the GPS coordinates. The resource can be managed by external applications that are operating through the software control layer. To determine an access of a device to the geo-fenced volume, the GPS coordinates, are gathered as a geographical location of the device. A user profile can be accessed to determine an access path of the user. Depending on the geographical location of the device a first condition can be generated based on the device being within the geo-fenced volume. A network permission can be granted to the device based on the first condition.
14 Citations
10 Claims
-
1. A computer implemented method for managing a software defined network by a processor in a wireless access point hardware security device, the method comprising:
-
defining a first geo-fenced volume of the software defined network using a coordinate system that includes a range of latitudes, a range of longitudes, and a range of altitudes, wherein the range of latitudes, the range of longitudes, and the range of altitudes is included in data received from a Global Positioning System; determining a geographic location of a device using a latitude, a longitude, and an altitude within the coordinate system, wherein the latitude, the longitude, and the altitude is included in the data received from the Global Positioning System; accessing a user profile for the device that includes one or more network permissions based on the geographic location of the device relative to the first geo-fenced volume, wherein the one or more network permissions includes access to resources within the first geo-fenced volume, wherein the user profile includes the geographic location of the device and security information of a user, wherein the security information includes at least one of a biometric identity marker scan and an authentication identifier of the user, wherein the biometric identity markers scan is selected from the group consisting of a retinal scan and a fingerprint scan, wherein the authentication identifier is selected from the group consisting of badge access and guarded entries; determining a first condition where the geographic location of the device is within the first geo-fenced volume; granting the one or more network permissions in response to the first condition wherein the device is within the first geo-fenced volume; and providing physical access to the user to a second geo-fenced volume of the software defined network through a point of access based on the security information, wherein the point of access includes a locked doorway. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsBarillaud, Franck, Cho, Insoo, Christiani, Daniel M., Thill, Mark R., Zhang, David S.
-
Primary Examiner(s)SHAIFER HARRIMAN, DANT B
-
Application NumberUS15/055,070Publication NumberTime in Patent Office704 DaysField of Search713168US Class CurrentCPC Class CodesH04L 41/00 Arrangements for maintenanc...H04L 41/0813 characterised by the condit...H04L 41/40 using virtualisation of net...H04L 63/0861 using biometrical features,...H04L 63/107 wherein the security polici...H04L 67/306 User profilesH04W 12/069 using certificates or pre-s...H04W 12/088 using filters or firewallsH04W 4/021 Services related to particu...H04W 4/50 Service provisioning or rec...
