PIMN voor beter identity management
A new word: geo-authentication came to my attention via the website of BBFA,
The scope of the BBFA covers major areas necessary for secure collaboration:
- Federated identity and access management. Authentication, Authorisation, Accountability, Accreditation and Audit
- Enterprise Information Protection. Taxonomy generation; information classification and categorisation; information monitoring, routing and filtering, encryption policy enforcement.
- Geo-data interoperability for location based services (LBS), geo-authentication and situational awareness.
It brought me to Verimatrix
GeoAuthentication™ is a head-end option to the Verimatrix Video Content Authority System (VCAS) that directly addresses theft of service challenges for system operators. In even the most carefully controlled operational environment, service revenue can be lost through service piracy. Sophisticated attacks on a large-scale can involve "clone" STB clients that mimic legal equipment by duplication of MAC address and other theoretically unique identifiers. GeoAuthentication addresses this threat by cross referencing STB or PC client identifiers with information about the physical network connections between the head-end and the subscriber equipment. This physical connectivity information can be gathered from DHCP server option 82 records and other network management databases. Routine analysis of STB authentication requests in conjunction with network topology data generates exception conditions related to changes in location, duplicated credentials or other irregular activity which can then be investigated more thoroughly.
GeoAuthentication extends the security perimeter of the IPTV network by unambiguously linking the STB clients, the physical network infrastructure and the head-end authentication system. With management tools like GeoAuthentication, theft of service in IPTV systems due to client cloning can be reduced or eliminated.
No geo-authentication on Wikipedia, though an interesting topic on geolocation:
Geolocation is the identification of the real-world geographic location of an object, such as a cell phone or an Internet-connected computer terminal. Geolocation may refer to the practice of assessing the location, or to the actual assessed location.
Geolocation is closely related to positioning but can be distinguished from it by a greater emphasis on determining a meaningful location (e.g. a street address) rather then just a set of geographic coordinates.
Geolocation can be performed by associating a geographic location with the Internet Protocol (IP) address, MAC address, RFID, hardware embedded article/production number, embedded software number (such as UUID, Exif/IPTC/XMP or modern steganography), invoice, Wi-Fi connection location, or device GPS coordinates, or other, perhaps self-disclosed information. Geolocation usually works by automatically looking up an IP address on a WHOIS service and retrieving the registrant's physical address.
IP address geolocation data can include information such as country, region, city, postal/zip code, latitude, longitude and timezone.
The word geolocation is also used in other contexts to refer to the process of inferring the location of a tracked animal based, for instance, on the time history of sunlight brightness or the water temperature and depth measured by an instrument attached to the animal. Such instruments are commonly called archival tags or dataloggers.
Let's see where we will meet geo-authentication again.