Browse Prior Art Database

Location & Time Based Security

IP.com Disclosure Number: IPCOM000012189D
Original Publication Date: 2003-Apr-16
Included in the Prior Art Database: 2003-Apr-16
Document File: 1 page(s) / 50K

Publishing Venue

IBM

Abstract

Location and Time Based Security

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

Page 1 of 1

Location & Time Based Security

Traditionally IT has been centralized around one or more computing resources that are fixed in location.

     Access to resources (Data & Function) has been controlled by simple ACL's i.e, an individual or application, providing authentication details (user ID and Password) which then associates them with a specific ACL group. Simple attempts at location based security have been achieved by fixed IP addresses positioned in secure areas. It is also the case that once authentication is performed then it is assumed valid for the period of use of the resource. The key problem addressed by this invention is to ensure that users or applications can only operate within controlled environments or safe environments, potentially in specific time periods (hours per day, weekends etc..) Rather than the relationship Group = fn(Userid/Password) it is proposed to extend the function to Group = fu(Userid/Password,positional information,time) and recheck this periodically (specified as part of the group attribute-perhaps).

     This article covers mechanisms that implement the above function. Which would consist of a device that :
provides a simple user interface
knows the time
knows the position
can locally identify the individual transmit/receive data to a communications infrastructure the connects the device to the resource
revoke authority if position moves out of a predefined area The resource access function would validate the information and grant access to the resource for a specified period, then re-authenticate to ensure that position has not changed. The authentication may also be revalid...