Location-based security rules

US 8,644,506 B2
Filed: 12/18/2007
Issued: 02/04/2014
Est. Priority Date: 12/19/2000
Status: Expired due to Term

First Claim

Patent Images

1. A computer-implemented method, for providing secure access control in connection with a requested resource, based on a characteristic of a request to access the resource, location information for a mobile communication device associated with the request, and a quality of the location information, comprising:

receiving, at a tangible, non-transitory computing component, the request to access the resource from a user associated with the mobile communication device;

determining, at the tangible, non-transitory computing component, that a security trigger has occurred;

in response to determining that the security trigger has occurred, the tangible, non-transitory computing component requesting the location information for the mobile communication device associated with the request;

receiving, at the tangible, non-transitory computing component, the location information for the mobile communication device associated with the request;

determining a quality of a location source providing the location information;

in response to (a) receiving the request, (b) determining that the security trigger has occurred, and (c) receiving the location information, the tangible, non-transitory computing component determining a pre-established access rule, the determining the pre-established access rule including identifying the pre-established access rule based on each of (i) a characteristic of the request to access the resource, (ii) the location information for the mobile communication device associated with the request, and (iii) the quality of the location source providing the location information; and

executing a pre-determined security action associated with the pre-established rule determined by the tangible, non-transitory computing component.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Location based security rules are provided for preventing unauthorized access to a device, application, system, content, and/or network, etc. The location-based security rules enable a user, computing device, system, etc. to access the requested item or information when the user provides proper identification information. The proper identification information is based in part on the location of the user and/or the user'"'"'s access request.

403 Citations

18 Claims

1. A computer-implemented method, for providing secure access control in connection with a requested resource, based on a characteristic of a request to access the resource, location information for a mobile communication device associated with the request, and a quality of the location information, comprising:
- receiving, at a tangible, non-transitory computing component, the request to access the resource from a user associated with the mobile communication device;
  
  determining, at the tangible, non-transitory computing component, that a security trigger has occurred;
  
  in response to determining that the security trigger has occurred, the tangible, non-transitory computing component requesting the location information for the mobile communication device associated with the request;
  
  receiving, at the tangible, non-transitory computing component, the location information for the mobile communication device associated with the request;
  
  determining a quality of a location source providing the location information;
  
  in response to (a) receiving the request, (b) determining that the security trigger has occurred, and (c) receiving the location information, the tangible, non-transitory computing component determining a pre-established access rule, the determining the pre-established access rule including identifying the pre-established access rule based on each of (i) a characteristic of the request to access the resource, (ii) the location information for the mobile communication device associated with the request, and (iii) the quality of the location source providing the location information; and
  
  executing a pre-determined security action associated with the pre-established rule determined by the tangible, non-transitory computing component.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The computer-implemented method of claim 1, the resource comprising at least one of an additional device, an application, a system, content, and a network.
  - 3. The computer-implemented method of claim 1, the pre-established access rule being defined by the user.
  - 4. The computer-implemented method of claim 1, further comprising:
    - determining that the location information indicates a location of the mobile communication device, associated with the request, corresponding to a restricted location;
      
      wherein, in response to determining that the location associated with the request corresponds to the restricted location, the executing the pre-determined security action associated with the pre-established rule determined by the tangible, non-transitory computing component includes denying the request.
  - 5. The computer-implemented method of claim 1, the executing comprising using at least one of a biometric identification application, a radio-frequency identification tag application, and a smartcard application to verify the request in response to a determination that the location information indicates that a location of the mobile communication device that requires a high level of security.
  - 6. The computer-implemented method of claim 1, the quality of the location source relating to a certain accuracy of the location information.
  - 7. The computer-implemented method of claim 1, the quality of the location source relating to an authentication process performed in connection with the location information received.
  - 8. The computer-implemented method of claim 1, the pre-determined security action executed (A) allowing access by the user to certain functionality associated with the resource requested while (B) disallowing access by the user to other functionality associated with the resource requested.
  - 9. The computer-implemented method of claim 1, the determining the pre-established access rule further including, in identifying the pre-established rule based on the characteristic of the request to access the resource, identifying the pre-established rule based on content of data sought by the request.
  - 10. The computer-implemented method of claim 1, further comprising:
    - determining that the location information indicates a location of the mobile communication device, associated with the request, corresponding to a restricted location;
      
      wherein, in response to determining that the location associated with the request corresponds to the restricted location, the executing the pre-determined security action associated with the pre-established rule determined by the tangible, non-transitory computing component includes undertaking an evasive action including at least one of;
      
      erasing a memory location;
      
      encrypting data contained within the mobile communication device;
      
      encrypting data contained within a system associated with the resource;
      
      severing power associated with the mobile communication device;
      
      severing power associated with the system associated with the resource;
      
      severing a functionality of the mobile communication device; and
      
      severing a functionality of the system associated with the resource.

11. A tangible, non-transitory computer-readable storage medium, for providing secure access control in connection with a requested resource, based on a characteristic of a request to access the resource, location information for a mobile communication device associated with the request, and a quality of the location information, comprising instructions that, when executed by a processor, cause the processor to perform acts including:
- receiving the request to access the resource from a user associated with the mobile communication device;
  
  determining that a security trigger has occurred;
  
  in response to determining that the security trigger has occurred, requesting the location information for the mobile communication device associated with the request;
  
  receiving the location information for the mobile communication device associated with the request;
  
  determining a quality of a location source providing the location information;
  
  in response to (a) receiving the request, (b) determining that the security trigger has occurred, and (c) receiving the location information, determining a pre-established access rule, the determining the pre-established access rule including identifying the pre-established access rule based on each of (i) a characteristic of the request to access the resource, (ii) the location information for the mobile communication device associated with the request, and (iii) the quality of the location source providing the location information; and
  
  executing a pre-determined security action associated with the pre-established rule.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
- - 12. The tangible, non-transitory computer-readable storage medium of claim 11, the instructions being configured to further cause the processor to:
    - determine that the location information indicates a location of the mobile communication device, associated with the request, corresponding to a restricted location;
      
      wherein, in response to determining that the location associated with the request corresponds to the restricted location, the executing the pre-determined security action associated with the pre-established rule includes denying the request.
  - 13. The tangible, non-transitory computer-readable storage medium of claim 11, the instructions being configured to further cause the processor to, in executing the pre-determined security action, use at least one of a biometric identification application, a radio-frequency identification tag application, and a smartcard application to verify the access request when the comparison yields a location that requires a high level of security.
  - 14. The tangible, non-transitory computer-readable storage medium of claim 11, the quality of the location source relating to a certain accuracy of the location information.
  - 15. The tangible, non-transitory computer-readable storage medium of claim 11, the quality of the location source relating to an authentication process performed in connection with the location information received.
  - 16. The tangible, non-transitory computer-readable storage medium of claim 11, the pre-determined security action executed (A) allowing access by the user to certain functionality associated with the resource requested while (B) disallowing access by the user to other functionality associated with the resource requested.
  - 17. The tangible, non-transitory computer-readable storage medium of claim 11, the instructions being configured to further cause the processor to, in identifying the pre-established rule based on the characteristic of the request to access the resource, identify the pre-established rule based on content of data sought by the request.
  - 18. The tangible, non-transitory computer-readable storage medium of claim 11, the instructions being configured to further cause the processor to:
    - determine that the location information indicates a location of the mobile communication device, associated with the request, corresponding to a restricted location;
      
      wherein, in response to determining that the location associated with the request corresponds to the restricted location, and in the executing the pre-determined security action associated with the pre-established rule, undertake an evasive action includes at least one of;
      
      erasing a memory location;
      
      encrypting data contained within the mobile communication device;
      
      encrypting data contained within a system associated with the resource;
      
      severing power associated with the mobile communication device;
      
      severing power associated with the system associated with the resource;
      
      severing a functionality of the mobile communication device; and
      
      severing a functionality of the system associated with the resource.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Inventors
Zellner, Samuel
Primary Examiner(s)
Cumming, William D

Application Number

US11/959,283
Publication Number

US 20080096529A1
Time in Patent Office

2,240 Days
Field of Search

455/414.3, 455/419, 455/430, 455/456.1, 455/456.3, 455/404.2, 455/414.1, 455/415, 455/456.5, 380/249, 380/282, 726/2, 726/5, 726/7, 705/40, 713/153, 725/2, 709/225, 709/242
US Class Current

380/249
CPC Class Codes

G06F 21/62   Protecting access to data v...

H04L 41/12   Discovery or management of ...

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

H04L 63/0861   using biometrical features,...

H04L 63/10   for controlling access to d...

H04L 63/107   wherein the security polici...

H04L 67/52   specially adapted for the l...

H04M 1/66   with means for preventing u...

H04M 1/72457   according to geographic loc...

H04M 2203/6045   Identity confirmation

H04M 2203/609   Secret communication

H04M 2242/15   Information service where t...

H04M 2242/22   Automatic class or number i...

H04M 3/42059   Making use of the calling p...

H04M 3/42136   Administration or customisa...

H04M 3/42357   where the information is pr...

H04W 12/08   Access security

H04W 12/63   Location-dependent; Proximi...

H04W 4/02   Services making use of loca...

H04W 4/029 : Location-based management o...

H04W 4/18 : Information format or conte...

View All

Location-based security rules

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

403 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Location-based security rules

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

403 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links