06308273 is referenced by 433 patents and cites 38 patents.

An improved computer network security system and method wherein access to network resources is based on information that includes the location of the connecting user. In general, the less trusted the location of the user, the more the access rights assigned to the user are restricted. A discrimination mechanism and process determines the location of a user with respect to categories of a security policy, such as to distinguish local users, intranet users and dial-up users from one another. Based on information including the location and the user's credentials, an access token is set up that may restrict the user's normal access in accordance with the security policy, such as to not restrict a user's processes beyond the user-based security information in the user's normal access token, while further restricting the same user's access to resources when connecting via a dial-up connection. Restricted tokens are preferably used to implement the location-based discrimination by restricting the security context of users connecting from less trusted locations.

Title
Method and system of security location discrimination
Application Number
9/96676
Publication Number
6308273 (B1)
Application Date
June 12, 1998
Publication Date
October 23, 2001
Inventor
Bharat Shah
New Castle
WA, US
Praerit Garg
Kirkland
WA, US
Susi E Strom
Redmond
WA, US
Mario C Goertzel
Kirkland
WA, US
Agent
Michalik & Wylie PLLC
US
Assignee
Microsoft Corporation
WA, US
IPC
G06F 12/14
View Original Source