	US 12,250,542 B2
	Inference-based detection of proximity changes
Alain Slak, Bedford, MA (US); Paul Bradford, Bedford, MA (US); Boris Boruchovich, Bedford, MA (US); Lou Bergandi, Fallbrook, CA (US); Jay Tucker, Arlington, MA (US); Joel Lemieux, Natick, MA (US); and Jason Mafera, Francestown, NH (US)
Assigned to IMPRIVATA, INC., Waltham, MA (US)
Filed by Alain Slak, Bedford, MA (US); Paul Bradford, Bedford, MA (US); Boris Boruchovich, Bedford, MA (US); Lou Bergandi, Fallbrook, CA (US); Jay Tucker, Arlington, MA (US); Joel Lemieux, Natick, MA (US); and Jason Mafera, Francestown, NH (US)
Filed on May 6, 2022, as Appl. No. 17/738,274.
Application 17/738,274 is a continuation of application No. 17/089,982, filed on Nov. 5, 2020, granted, now 11,356,848.
Application 17/089,982 is a continuation of application No. 16/395,779, filed on Apr. 26, 2019, granted, now 10,917,788, issued on Feb. 9, 2021.
Application 16/395,779 is a continuation in part of application No. 15/843,460, filed on Dec. 15, 2017, granted, now 11,363,424.
Application 15/843,460 is a continuation in part of application No. 14/945,658, filed on Nov. 19, 2015, granted, now 10,216,366, issued on Feb. 26, 2019.
Claims priority of provisional application 62/183,793, filed on Jun. 24, 2015.
Claims priority of provisional application 62/081,820, filed on Nov. 19, 2014.
Prior Publication US 2022/0264298 A1, Aug. 18, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. H04W 12/06 (2021.01); G06N 3/02 (2006.01); H04W 4/80 (2018.01); H04W 12/082 (2021.01); H04W 12/63 (2021.01); H04W 24/08 (2009.01); H04W 76/10 (2018.01)

CPC H04W 12/06 (2013.01) [G06N 3/02 (2013.01); H04W 4/80 (2018.02); H04W 12/082 (2021.01); H04W 12/63 (2021.01); H04W 24/08 (2013.01); H04W 76/10 (2018.02)]

20 Claims

1. A method of controlling access to a secure resource accessible by a user via a node, the node being in operative communication, via a network, with (i) a location server configured to receive and broadcast location events to subscribers thereto, and (ii) an authentication server, the location events comprising notifications of walk-away events that involve geospatial zones, the method comprising:

authenticating the user at the node in accordance with a security policy applicable both to the user and the secure resource;

with the authentication server, subscribing to the location events, receivable from the location server, pertaining to at least one of the user, the node, or the secure resource;

when a location event indicative of a walk-away event of the user from the node is broadcast to the authentication server, terminating the user's access of the secure resource via the node by launching a privacy screen on the node, the walk-away event resulting from the user exiting a monitored geospatial zone or entering another one or leaving a predetermined vicinity of the secure resource;

thereafter, when a location event indicative of a walk-up event of the user to the node is broadcast to the authentication server, and only when an elapsed time between the walk-away event and the walk-up event does not exceed a threshold, removing the privacy screen and affording the user access to the secure resource via the node without requiring additional authentication from the user.