Network authentication of a geo-fenced volume
First Claim
1. A computer implemented method for managing a software defined network by a processor in a wireless access point hardware security device, the method comprising:
- accessing a user profile for a device that includes one or more network permissions based on a geographic location of the device relative to a first geo-fenced volume of the software defined network,wherein the one or more network permissions includes access to resources within the first geo-fenced volume,wherein the user profile includes the geographic location of the device and security information of a user,wherein the security information includes at least one of a biometric identity marker scan and an authentication identifier of the user,wherein the biometric identity marker scan is selected from the group consisting of a retinal scan and a fingerprint scan,wherein the authentication identifier is selected from the group consisting of badge access and guarded entries;
determining a first condition where the geographic location of the device is within the first geo-fenced volume;
granting the one or more network permissions in response to the first condition wherein the device is within the first geo-fenced volume; and
providing physical access to the user to a second geo-fenced volume of the software defined network through a point of access based on the security information, wherein the point of access includes a locked doorway.
1 Assignment
0 Petitions
Accused Products
Abstract
Provided is a method for managing a software defined network using a software control layer to regulate a geo-fenced volume. The software control layer can use a Global Positioning System (GPS) including a range of latitudes, a range of longitudes and a range of altitudes. A resource within the geo-fenced volume can be assigned a location using the GPS coordinates. The resource can be managed by external applications that are operating through the software control layer. To determine an access of a device to the geo-fenced volume, the GPS coordinates, are gathered as a geographical location of the device. A user profile can be accessed to determine an access path of the user. Depending on the geographical location of the device a first condition can be generated based on the device being within the geo-fenced volume. A network permission can be granted to the device based on the first condition.
-
Citations
10 Claims
-
1. A computer implemented method for managing a software defined network by a processor in a wireless access point hardware security device, the method comprising:
-
accessing a user profile for a device that includes one or more network permissions based on a geographic location of the device relative to a first geo-fenced volume of the software defined network, wherein the one or more network permissions includes access to resources within the first geo-fenced volume, wherein the user profile includes the geographic location of the device and security information of a user, wherein the security information includes at least one of a biometric identity marker scan and an authentication identifier of the user, wherein the biometric identity marker scan is selected from the group consisting of a retinal scan and a fingerprint scan, wherein the authentication identifier is selected from the group consisting of badge access and guarded entries; determining a first condition where the geographic location of the device is within the first geo-fenced volume; granting the one or more network permissions in response to the first condition wherein the device is within the first geo-fenced volume; and providing physical access to the user to a second geo-fenced volume of the software defined network through a point of access based on the security information, wherein the point of access includes a locked doorway. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
Specification
-
- Resources
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsBarillaud, Franck, Cho, Insoo, Christiani, Daniel M., Thill, Mark R., Zhang, David S.
-
Primary Examiner(s)Shaifer Harriman, Dant B
-
Application NumberUS15/839,920Publication NumberTime in Patent Office181 DaysField of Search726 4US Class CurrentCPC Class CodesH04L 41/00 Arrangements for maintenanc...H04L 41/0813 characterised by the condit...H04L 41/40 using virtualisation of net...H04L 63/0861 using biometrical features,...H04L 63/107 wherein the security polici...H04L 67/306 User profilesH04W 12/069 using certificates or pre-s...H04W 12/088 using filters or firewallsH04W 4/021 Services related to particu...H04W 4/50 Service provisioning or rec...
