The present disclosure relates to computer security and more particularly to controlling access to protected information based on authentication of computer terminals.
Some content owners desire to restrict some content, such as documents containing confidential information or copyrighted works, to being accessible to only authorized computer terminals. The authorized computer terminals may be allowed access because they are determined to be more secure by design and/or trusted because of a known relationship to authorized users. For example, an authorized terminal may be provided by an employer or may be provided by a user who has registered the terminal for use in accessing the content. Such content owners would need a way to allow the content to be accessible only from computer terminals having a confirmed identity. However, fraudsters have developed sophisticated techniques to obtain credentials of users who are authorized to access content. Some of these fraudsters have moreover developed sophisticated techniques to cause computer terminals operated by the fraudsters to impersonate other computer terminals.
Electronic fingerprinting can be used to collect information about a computer terminal for the purpose of uniquely identifying it. A browser cookie can be stored on a computer terminal to contain information that forms an electronic fingerprint for the computer terminal, however cookies can be prone to tampering and can be discarded at any time by users or blocked by user preferences. An inventory of software versions and types residing on a computer terminal can also be used to form an electronic fingerprint, however software can be frequently updated and deleted by users. There is a need for electronic fingerprinting techniques for computer terminals that can be accurately repeated and beyond user manipulation.