Information security – Access control or authentication – Network
Reexamination Certificate
2007-12-04
2007-12-04
Moazzami, Nasser (Department: 2136)
Information security
Access control or authentication
Network
C713S156000, C726S011000
Reexamination Certificate
active
10611832
ABSTRACT:
A firewall acts as a transparent gateway to a server within a private network by initiating an unsolicited challenge to a client to provide authentication credentials. After receiving the client's credentials, the firewall verifies the authentication credentials and establishes a secure channel for accessing the server. Data destined for the server from the client may be forwarded through the firewall using the secure channel. The firewall may sign, or otherwise indicate that data forwarded to the server is from a client that the firewall has authenticated. The firewall also may provide some level of authentication to the client. While connected to the server, the client may access other servers external to the private network without having the data associated with the other servers pass through the private network. The firewall reduces configuration information that a client otherwise must maintain to access various private network servers.
REFERENCES:
patent: 5483597 (1996-01-01), Stern
patent: 5511122 (1996-04-01), Atkinson
patent: 5835726 (1998-11-01), Shwed et al.
patent: 5983350 (1999-11-01), Minear et al.
patent: 6009475 (1999-12-01), Shrader
patent: 6141755 (2000-10-01), Dowd et al.
patent: 6230271 (2001-05-01), Wadlow et al.
patent: 6317838 (2001-11-01), Baize
patent: 6327659 (2001-12-01), Boroditsky et al.
patent: 6332192 (2001-12-01), Boroditsky et al.
patent: 6473863 (2002-10-01), Genty et al.
patent: 6496935 (2002-12-01), Fink et al.
patent: 6615358 (2003-09-01), Dowd et al.
patent: 6631435 (2003-10-01), Lym et al.
patent: 6834795 (2004-12-01), Rasmussen et al.
patent: 6883095 (2005-04-01), Sandhu et al.
patent: 6931529 (2005-08-01), Kunzinger
patent: 6938157 (2005-08-01), Kaplan
patent: 6954862 (2005-10-01), Serpa
patent: 7010604 (2006-03-01), Munger et al.
patent: 7020645 (2006-03-01), Bisbee et al.
patent: 7051365 (2006-05-01), Bellovin
patent: 7058817 (2006-06-01), Ellmore
patent: 7073067 (2006-07-01), Mizrah
patent: 7143174 (2006-11-01), Miller et al.
patent: 7155614 (2006-12-01), Ellmore
patent: 7188314 (2007-03-01), Mizrah
patent: 2002/0023220 (2002-02-01), Kaplan
patent: 2002/0099826 (2002-07-01), Summers et al.
patent: 2002/0161884 (2002-10-01), Munger et al.
patent: 2002/0199007 (2002-12-01), Clayton et al.
patent: 2003/0046391 (2003-03-01), Moreh et al.
patent: 2003/0046586 (2003-03-01), Bheemarasetti et al.
patent: 2003/0046587 (2003-03-01), Bheemarasetti et al.
patent: 2003/0177390 (2003-09-01), Radhakrishnan
patent: 2003/0200321 (2003-10-01), Chen et al.
patent: 2004/0003116 (2004-01-01), Munger et al.
patent: 2004/0083394 (2004-04-01), Brebner et al.
patent: WO 97/00471 (1997-01-01), None
Check Point, Check Point FireWall-1 Architecture and Administration, version 4.0, Sep. 1998, <http://www.checkpoint.com/support/technical/documents/FWArchitecture.pdf>.
Check Point, Virtual Private Networking with FireWall-1, version 4.0, Sep. 1998, <http://www.checkpoint.com/support/technical/documents/FWVPN.pdf>.
Ferchichi, Azim; “IPSEC VPN: Theory and Practice”;ComTec; 2000; vol. 78, No. 7-8; p. 9-14.
Huan Liang; Kabranov, Ognian; Makrakis, Dimitrios; and Orozco-Barbosa, Luis; “Minimal Cost Design of Virtual Private Networks”; IEEE CCECE2002 Canadian Conference on Electrical and Computer Engineering Conference Proceedings; May 12-15, 2002; Cat. No. 02CH37373; vol. 3; p. 1610-15.
Napier, Duncan; “Setting Up a VPN Gateway”;Linux Journal; Jan. 2001; No. 93; p. 60-62, 64-6.
“IP Security Remote Access (IPSRA)”; <http://www.ietf.org/html.charters/OLD/ipsra-charter.html>; visitied Jun. 30, 2003.
Patel, Baiju; Aboba, Bernard; Kelly, Scott; and Gupta, Vipul; “DHCPV4 Configuration of IPSEC Tunnel Mode”; <http://www.ietf.org/proceedings/01aug/I-D/draft-ietf-ipsec-dhcp-13.txt>; visited Jun. 30, 2003.
Kelly, Scott and Ramamoorthi, Sankar; “Requirements for IPSEC Remote Access Scenarios”; <http://www.ietf.org/proceedings/02jul/I-D/draft-ietf-ipsra-reqmts-05.txt>; visited Jun. 30, 2003.
Sheffer, Y.; Krawczyk, H.; and Aboba, Bernard; “PIC, A Pre-Ike Credential Provisioning Protocol”; <http://ietf.org/internet-drafts/draft-ietf-ipsra-pic-06.txt>; visited Jun 30, 2003.
Peter S. Ford, “Host Based IPSec”, Sep. 15, 1999, Microsoft Corporation, peterf@microsoft.com.
Bernard Aboba, “VPN University Module 9: Extranets”, Dec. 1999, Microsoft Corporation.
Bernard Aboba, “Innovations in VPN Packet Network Security”, Dec. 1999, Microsoft Corporation.
Huitema Christian
Shelest Art
Cervetti David Garcia
Moazzami Nasser
Workman Nydegger
LandOfFree
Reducing network configuration complexity with transparent... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Reducing network configuration complexity with transparent..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Reducing network configuration complexity with transparent... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3842305