Information security – Access control or authentication
Reexamination Certificate
2003-04-02
2009-11-03
Zand, Kambiz (Department: 2439)
Information security
Access control or authentication
C380S247000, C380S248000, C380S249000, C380S250000, C707S793000, C711S147000, C713S155000, C713S156000, C713S157000, C713S158000, C713S159000, C709S225000
Reexamination Certificate
active
07614078
ABSTRACT:
A method and apparatus for authorizing an access requester to access a data communication network is provided. A determination is made that a threshold access control server cannot process an access request associated with the access requester. Access requester history data, or data that describes the access history for an access requester, is analyzed to obtain a threshold access level. A threshold access level is an expression of how likely that a particular access requester is a legitimate access requester. A session profile is selected for the access requester based on the threshold access level. The session profile indicates one or more actions the access requester is authorized to perform in the network. The session profile may subsequently be transmitted to the access requester to allow the access requester access to the network to the extent appropriate in view of the access requester history data.
REFERENCES:
patent: 6070244 (2000-05-01), Orchier et al.
patent: 6141778 (2000-10-01), Kane et al.
patent: 6189104 (2001-02-01), Leppek
patent: 6314425 (2001-11-01), Serbinis et al.
patent: 6487600 (2002-11-01), Lynch
patent: 6611881 (2003-08-01), Gottfurcht et al.
patent: 6823401 (2004-11-01), Feather et al.
patent: 6986161 (2006-01-01), Billhartz
patent: 7032241 (2006-04-01), Venkatachary et al.
patent: 7243369 (2007-07-01), Bhat et al.
patent: 2003/0154406 (2003-08-01), Honarvar et al.
Cisco Systems, Inc., “CiscoSecure ACS 3.0 for Windows 2000/NT Servers User Guide,” Nov. 2001, pp. 1-654 (text provided on CD-ROM).
Sami Levijoki, “Authentication, Authorization and Accounting in Ad Hoc networks,” May 26, 2000, http://www.tml.fi/Opinnot/Tik-110.551/papers/authentication/aaa.htm, printed Jun. 22, 2003, pp. 1-20.
D. Gustafson, et al., “Securely Available Credentials—Credentials Server Framework,” Internet Draft, Sep. 2002, http://www.ietf.org/internet-drafts/draft-ietf-sacred-framwork-05.txt, printed Jun. 22, 2003, pp. 1-20.
H. Anderson, et al., “Protected EAP Protocol (PEAP),” PPPEXT Working Group, Internet-Draft, Feb. 23, 2002, http:///www.globecom.net/ietf/draft/draft-josefsson-pppext-eap-tls-eap-02.html, printed Apr. 16, 2003, pp. 1-43.
L. Blunk, et al., “PPP Extensible Authentication Protocol (EAP),” Mar. 1998, Network Working Group, Request for Comments: 2284, pp. 1-15.
Security First Corp., “TrustEngine™ White Paper,” Jun. 2002, pp. 1-9.
Cisco Technology Inc.
Hickman Palermo & Truong & Becker LLP
Homayounmehr Farid
Zand Kambiz
LandOfFree
Threshold access based upon stored credentials does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Threshold access based upon stored credentials, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Threshold access based upon stored credentials will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4120050