Location authentication of requests to a web server system linked to a physical entity

US 7,024,552 B1
Filed: 10/04/2000
Issued: 04/04/2006
Est. Priority Date: 08/04/2000
Status: Expired due to Fees

First Claim

Patent Images

1. A system for a physical entity for authenticating that a user access request to the system is generated from a client system close to the physical entity, comprisinga web server for providing web content designed for an access request from the client system close to the physical entity;

a location beacon adjacent to the physical entity to transmit within a predetermined transmission range a first beacon signal containing a web address of the web server and a location token for indicating physical presence of the client system close to the physical entity and which expires within a predetermined time period;

a location authentication module for authenticating that the client system having received the first beacon signal is still close to the physical entity wherein the location authentication module receives a first request including the web address, the location token, and a key from the client system;

a location authentication beacon adjacent to the physical entity and communicatively coupled to the location authentication module for receiving the key and the location token and for encrypting a customized location token that expires in a predetermined time period using the key and for transmitting a second beacon signal within the predetermined transmission range containing the web address and the customized token; and

responsive to receiving a second request from the client system including the customized token and the web address, the location authentication module causes the web server to provide content designed for an access request from the client system close to the physical entity if the customized location token has not expired.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for authenticating the location of a client system accessing a web server system associated with a physical entity includes a location beacon adjacent to the physical entity. The location beacon transmits a first beacon signal containing a web address of the web server system and a token that expires within a predetermined time period. A beacon receiver in the client system receives the first beacon signal, and sends a first request having the token and a key generated by a random number generator in the client system to the web server system. A location authentication module in the web server system retrieves the key from the first request if the token has not expired. A location authentication beacon adjacent to the physical entity transmits a second beacon signal containing the web address and a customized token encrypted using the key. The beacon receiver receives the second beacon signal and uses the key to decrypt the customized token. A web browser in the client system sends a second request having the web address and the customized token to the web server system if the beacon receiver can decrypt the customized token with the key. A method of authenticating locations of clients accessing a web server system is also described.

108 Citations

View as Search Results

12 Claims

1. A system for a physical entity for authenticating that a user access request to the system is generated from a client system close to the physical entity, comprisinga web server for providing web content designed for an access request from the client system close to the physical entity;
- a location beacon adjacent to the physical entity to transmit within a predetermined transmission range a first beacon signal containing a web address of the web server and a location token for indicating physical presence of the client system close to the physical entity and which expires within a predetermined time period;
  
  a location authentication module for authenticating that the client system having received the first beacon signal is still close to the physical entity wherein the location authentication module receives a first request including the web address, the location token, and a key from the client system;
  
  a location authentication beacon adjacent to the physical entity and communicatively coupled to the location authentication module for receiving the key and the location token and for encrypting a customized location token that expires in a predetermined time period using the key and for transmitting a second beacon signal within the predetermined transmission range containing the web address and the customized token; and
  
  responsive to receiving a second request from the client system including the customized token and the web address, the location authentication module causes the web server to provide content designed for an access request from the client system close to the physical entity if the customized location token has not expired.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The system of claim 1, wherein responsive to the location token in the first request being expired, the location authentication module causes the web server to provide web content designed for an access request from a client system not close to the physical entity.
  - 3. The system of claim 1, wherein the customized token also expires within a predetermined time period, wherein if the location authentication module determines that the customized token has expired, then the location authentication module does not cause the web server to service the second request.
  - 4. The system of claim 1, wherein the key is a random number generated by the client system.
  - 5. The system of claim 1, wherein the location authentication beacon further comprisesa first token generator that generates the un-encrypted customized token using a stored secret key;
    - a second token generator that encrypts the customized token using a random number key;
      
      a store that stores the customized token and the web address;
      
      a communication interface that receives the web address and the customized token from the store and transmits the second beacon signal.

6. A system for authenticating the location of a client systemaccessing a web server system for a physical entity, comprising in the web server system,a location beacon adjacent to the physical entity to transmit within a predetermined transmission range a first beacon signal containing a web address of the web server system and a location token for indicating physical presence of the client system close to the physical entity and which expires within a predetermined time period;
- a location authentication module for authenticating that the client system having received the first beacon signal is still close to the physical entity wherein the location authentication module receives a first request including the web address, the location token, and a key from the client system;
  
  a location authentication beacon adjacent to the physical entity and communicatively coupled to the location authentication module for receiving the key and the location token and for encrypting a customized location token that expires in a predetermined time period using the key and for transmitting a second beacon signal within the predetermined transmission range containing the web address and the customized token;
  
  responsive to receiving a second request from the client system including the customized token and the web address, the location authentication module causes the web server to provide content designed for an access request from the client system close to the physical entity;
  
  in the client system,a random number generator that generates the key; and
  
  a beacon receiver that receives the first and second beacon signals, wherein the beacon receiver generates the first request that includes the key and sends the customized token to a web browser of the client system such that authenticity and location of the client system is verified.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The system of claim 6, wherein responsive to the location token in the first request being expired, the location authentication module causes the web server to provide web content designed for an access request from a client system not close to the physical entity.
  - 8. The system of claim 6, wherein the customized token also expires within a predetermined time period, wherein if location authentication module determines that the customized token has expired, then the location authentication module does not cause the web server to service the second request.
  - 9. The system of claim 6, wherein the beacon receiver further comprisesa receiver circuit that receives the beacon signals and parse the tokens from the beacon signals;
    - a processor coupled to the receiver circuit to control the receiver circuit to either receive the first beacon signal or the second beacon signal;
      
      a request generation module that generates the first request that contains the key.
  - 10. The system of claim 6, wherein the location authentication beacon further comprisesa first token generator that generates a token using a stored secret key;
    - a second token generator that encrypts the token using the random number key such that the encrypted token becomes the customized token;
      
      a store that stores the customized token and the web address;
      
      a communication interface that receives the web address and the customized token from the store and transmits the second beacon signal.

11. A method of authenticating the location of a client system accessing a web server system associated with a physical entity, comprisingtransmitting within a predetermined transmission range a first beacon signal containing a web address of the web server system and a location token for indicating physical presence of the client system close to the physical entity and which expires within a predetermined time period from a location beacon adjacent to the physical entity;
- generating a random number key in the client system close to the physical entity and sending a first request from the client system to the web server system responsive to the client system receiving the first beacon signal, wherein the first request contains the web address, the location token and the key;
  
  retrieving the key from the first request in the web server system if the location token has not expired and encrypting a customized token that expires in a predetermined time period using the key;
  
  transmitting a second beacon signal within the predetermined transmission range containing the web address and the customized token from a location authentication beacon adjacent to the physical entity; and
  
  decrypting the customized token in the client system using the key to determine if the second beacon signal is intended for the client system.
- View Dependent Claims (12)
- - 12. The method of claim 11, further comprisingsending a second request to access the web server system if the customized token can be decrypted in the client system using the key, wherein the second request contains the web address of the web server system and the customized token;
    - causing the web server system to provide content designed for an access request from a client system close to the physical entity responsive to the second request if the customized token in the second request has not expired; and
      
      causing the web server system not to service the second request if the customized token in the second request has expired.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Krishnan, Venkatesh, Caswell, Deborah L., Morgan, Jeffrey Alan
Primary Examiner(s)
Barrón, Jr., Gilberto
Assistant Examiner(s)
Lanier, Benjamin E.

Application Number

US09/684,946
Time in Patent Office

2,008 Days
Field of Search

380/258, 380/30, 713/155, 713/158, 713/159, 713/176, 705/65, 705/67
US Class Current

713/155
CPC Class Codes

G06Q 20/367   involving electronic purses...

G06Q 20/3674   involving authentication

H04L 2209/043   of tables, e.g. lookup, sub...

H04L 2209/60   Digital content management,...

H04L 63/0428   wherein the data content is...

H04L 63/0492   by using a location-limited...

H04L 63/0846   using time-dependent-passwo...

H04L 63/107   wherein the security polici...

H04L 9/08   Key distribution or managem...

H04L 9/3234   involving additional secure...

H04L 9/3297   involving time stamps, e.g....

Location authentication of requests to a web server system linked to a physical entity

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

108 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Location authentication of requests to a web server system linked to a physical entity

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

108 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links