Who is the assignee on this patent?

Parla Vincent E, Gelasco Eli John, Tillotson Paul Michael, and 1 more

What technology area does this patent fall under?

Primary CPC classification G06F21/00. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue May 10 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Restricting network and device access based on presence detection

US9336356B2 · US · B2

Patent metadata
Field	Value
Publication number	US-9336356-B2
Application number	US-201113267508-A
Country	US
Kind code	B2
Filing date	Oct 6, 2011
Priority date	Oct 6, 2011
Publication date	May 10, 2016
Grant date	May 10, 2016

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

In an example embodiment, a technique that applies a network policy responsive to specified events, or triggers, to a networked device. If a specified event occurs, the network policy may restrict the device's access to the network. For example, if a user walks away from their networked device, such as a laptop, the device's network access changes. For example, depending upon the policy, network traffic may be blocked or otherwise restricted.

First claim

Opening claim text (preview).

The invention claimed is: 1. An apparatus, comprising: an interface for communicating with an associated network; and a controller coupled with the interface; wherein the controller obtains data representative of a location of the apparatus; wherein the controller obtains data representative of a location of a user associated device, wherein the location of the user associated device comprises one of a geographical location and a network location; wherein the controller determines a first proximity of the apparatus with the user associated device; wherein the controller obtains data representative of a predefined trigger event, the predefined trigger event comprising the first proximity of the apparatus with the user associated device exceeding a predetermined threshold; wherein the controller selects a network policy in accordance with the location of the apparatus; wherein the controller, in response to the predefined trigger event, applies the selected network policy to restrict communication with the associated network via the interface; wherein the controller obtains data representative of a plurality of release triggers, the plurality of release triggers comprising a first release trigger responsive to the user associated device returning to within a predefined proximity of the apparatus, and a second release trigger comprising the controller receiving a predefined response to a secondary challenge issued by the controller; and wherein the controller applies a network restoration policy responsive to obtaining the data representative of the plurality of release triggers and wherein network restoration policy restores access to the associated network via the interface. 2. The apparatus of claim 1 , further comprising a sensor for detecting the user associated device returning to within the predefined proximity of the apparatus as a predefined trigger event. 3. The apparatus of claim 2 , wherein the sensor is a radio frequency identification transceiver and the trigger event is based on whether a predefined radio frequency identification tag is within a predefined proximity of the sensor. 4. The apparatus of claim 2 , wherein the sensor is a wireless transceiver and the trigger event is based on whether a predefined wireless device is within a predefined proximity of the wireless transceiver. 5. The apparatus of claim 1 , wherein the network policy comprises blocking packets from the network. 6. The apparatus of claim 1 , wherein the network policy comprises preventing packets from being sent to the network. 7. The apparatus of claim 1 , wherein the network policy comprises pausing a virtual private network session. 8. The apparatus of claim 1 , wherein the network policy comprises disconnecting a virtual private network session. 9. The apparatus of claim 1 , wherein the network policy comprises establishing a session for remediation. 10. The apparatus of claim 1 , wherein the network policy comprises encrypting data stored on the apparatus. 11. The apparatus of claim 1 , wherein the secondary challenge of the second release trigger comprises the controller obtaining data representative of facial recognition associated with a predefined user. 12. The apparatus of claim 1 , wherein the secondary challenge of the second release trigger comprises the controller identifying a fingerprint associated with a predefined user. 13. The apparatus of claim 1 , wherein the secondary challenge of the second release trigger comprises the controller identifying a voice associated with a predefined user. 14. The apparatus of claim 1 , wherein the network restoration policy is selected from a group consisting of restoring full access to the network, providing a logon to the network, reconnecting a virtual private network session, and credential renewal. 15. A method, comprising: determining a location of a networked device associated with a user; determining a location of a user associated device associated with the user, wherein the location comprises one of a geographical location or a network location; determining the proximity of the networked device with the user associated device; selecting a network policy in accordance with the location of the networked device; restricting access to an associated network in accordance with the selected network policy responsive to the proximity of the networked device with the user associated device exceeding a predetermined threshold; determining an updated location of the user associated device; determining the proximity of the networked device with the user associated device based on the updated location; and restoring access to the network responsive to: i) determining the proximity of the networked device with a user associated device does not exceed a predetermined threshold, and ii) receiving a predefined response to a secondary challenge. 16. The method of claim 15 , wherein restricting access to the network comprises one of a group consisting of blocking packets from the networked device and preventing packets from being sent to the networked device. 17. The method of claim 15 , wherein the user associated device is selected from a group consisting of a radio frequency identification tag and a wireless device employing a predefined communication protocol. 18. Logic encoded in a non-transitory computer readable media for execution by a processor, and when executed by the processor, operable to perform an operation, the operation comprising: determining a location of a networked device associated with a user; determining a location of a user associated device associated with the user, wherein the location comprises one of a geographical location or a network location; determining the proximity of the networked device with the user associated device; selecting a network policy in accordance with the location of the networked device; restricting access to an associated network in accordance with the selected network policy responsive to the proximity of the networked device with the user associated device exceeding a predetermined threshold; determining an updated location of the user associated device; determining the proximity of the networked device with the user associated device based on the updated location; and restoring access to the network responsive to: i) determining the proximity of the networked device with a user associated device does not exceed a predetermined threshold, and ii) receiving a predefined response to a secondary challenge.

Assignees

Inventors

Classifications

H04L63/10
for controlling access to devices or network resources · CPC title
G06F21/00Primary
Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity · CPC title
H04L63/0272Primary
Virtual private networks · CPC title
H04W12/08
Access security · CPC title
H04W12/082
using revocation of authorisation · CPC title

Patent family

Related publications grouped by family.

View patent family 48042979

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US9336356B2 cover?: In an example embodiment, a technique that applies a network policy responsive to specified events, or triggers, to a networked device. If a specified event occurs, the network policy may restrict the device's access to the network. For example, if a user walks away from their networked device, such as a laptop, the device's network access changes. For example, depending upon the policy, networ…
Who is the assignee on this patent?: Parla Vincent E, Gelasco Eli John, Tillotson Paul Michael, and 1 more
What technology area does this patent fall under?: Primary CPC classification G06F21/00. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue May 10 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).