Browse Prior Art Database

Autonomic Notification and Respond from LAN when system is moved outside allowed area Disclosure Number: IPCOM000018728D
Original Publication Date: 2003-Aug-04
Included in the Prior Art Database: 2003-Aug-04
Document File: 1 page(s) / 43K

Publishing Venue



There is a large concern on how to protect information as more and more clients become mobile with wireless access capability. Customers are concerned if a system leaves the enterprise and may want to either be notified and/or have the ability to disable the system from connecting to the corporate network. This is important because of the need to protect sensitive data. Current solutions can authenticate to the client hardware and/or user but are not location sensitive. This disclosure describes a method to add location sensitivity to the authentication process. It only allows normal operation when the location of the client is in a predefined area. If outside the allowable predefined area policy driven action are in effect. These action can be anything from a passive notification to a prevention of log-on.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 59% of the total text.

Page 1 of 1

  Autonomic Notification and Respond from LAN when system is moved outside allowed area

To log on to a network requires some method of authentication between the network and the client. Tokens are passed via the TCPIP protocol containing the token. Once the server is satisfied the log-on is allowed and the client has access to the network resources per defined by that particular log-on account.

Packets that travel though the Internet need to though multiple devices before reaching their final destination. Each time a data packet is forward to the next device, a hop occurs.

In the industry standard TCPIP protocol the maximum number of hops is preset. Every time a packet goes though a router or bridge the HOP count is decreased by 1. When it reaches zero the packet is no longer passed on. It is also possible within the TCPIP protocol to get the exact path that the packet traveled from the client though and all routers and or bridges by using the industry standard Ping command with trace on.

This disclosure describes a method of the network authentication server to check the path and ensure that the path is only within the contained physical location. If the client is outside of the allowable area than anything than an action can be taken that ranges from passive notification of movement of client to denial of log-on.

This adds location awareness to the log-on protocol with a policy driven response.

The log-on server adds the following to the log-on protocol:

When it...