METHOD AND SYSTEM OF SECURITY LOCATION DISCRIMINATION

An improved computer network security system and method wherein access to network resources is based on information that includes the location of the connecting user. In general, the less trusted the location of the user, the more the access rights assigned to the user are restricted. A discriminati...

Full description

Saved in:
Bibliographic Details
Main Authors GOERTZEL, MARIO, C, SHAH, BHARAT, STROM, SUSI, E, GARG, PRAERIT
Format Patent
LanguageEnglish
French
German
Published 06.04.2016
Subjects
Online AccessGet full text

Cover

Loading…
More Information
Summary:An improved computer network security system and method wherein access to network resources is based on information that includes the location of the connecting user. In general, the less trusted the location of the user, the more the access rights assigned to the user are restricted. A discrimination mechanism and process determines the location of a user with respect to categories of a security policy, such as to distinguish local users, intranet users and dial-up users from one another. Based on information including the location and the user's credentials, an access token is set up that may restrict the user's normal access in accordance with the security policy, such as to not restrict a user's processes beyond the user-based security information in the user's normal access token, while further restricting the same user's access to resources when connecting via a dial-up connection. Restricted tokens are preferably used to implement the location-based discrimination by restricting the security context of users connecting from less trusted locations.
Bibliography:Application Number: EP19990955576