Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
2005-03-29
2005-03-29
Wu, Kim (Department: 2131)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C713S152000, C713S152000, C713S151000, C713S150000
Reexamination Certificate
active
06874090
ABSTRACT:
A user authentication service for a communication network authenticates local users before granting them access to personalized sets of network resources. Authentication agents on intelligent edge devices present users of associated end systems with log-in challenges. Information supplied by the users is forwarded to an authentication server for verification. If successfully verified, the authentication server returns to the agents authorized connectivity information and time restrictions for the particular authenticated users. The agents use the information to establish rules for filtering and forwarding network traffic originating from or destined for particular authenticated users during authorized time periods. An enhanced authentication server may be engaged if additional security is desired. The authorized connectivity information preferably includes identifiers of one or more virtual local area networks active in the network. Log-in attempts are recorded so that the identity and whereabouts of network users may be monitored from a network management station.
REFERENCES:
patent: 4896319 (1990-01-01), Lidinsky et al.
patent: 4922486 (1990-05-01), Lidinsky et al.
patent: 4962449 (1990-10-01), Schlesinger
patent: 5191613 (1993-03-01), Graziano et al.
patent: 5249230 (1993-09-01), Mihm, Jr.
patent: 5272754 (1993-12-01), Boerbert
patent: 5311593 (1994-05-01), Carmi
patent: 5343529 (1994-08-01), Goldfine et al.
patent: 5414844 (1995-05-01), Wang
patent: 5469576 (1995-11-01), Dauerer et al.
patent: 5499297 (1996-03-01), Boebert
patent: 5502766 (1996-03-01), Boebert et al.
patent: 5564016 (1996-10-01), Korenshtein
patent: 5657388 (1997-08-01), Weiss
patent: 5671354 (1997-09-01), Ito et al.
patent: 5678004 (1997-10-01), Thaweethai
patent: 5684951 (1997-11-01), Goldman et al.
patent: 5696898 (1997-12-01), Baker et al.
patent: 5721779 (1998-02-01), Funk
patent: 5721780 (1998-02-01), Ensor et al.
patent: 5761309 (1998-06-01), Ohashi et al.
patent: 5774525 (1998-06-01), Kanevsky et al.
patent: 5774551 (1998-06-01), Wu et al.
patent: 5774650 (1998-06-01), Chapman et al.
patent: 5778065 (1998-07-01), Hauser et al.
patent: 5784566 (1998-07-01), Viavant et al.
patent: 5796942 (1998-08-01), Esbensen
patent: 5852714 (1998-12-01), Tseng et al.
patent: 5889958 (1999-03-01), Willens
patent: 5968126 (1999-10-01), Ekstrom et al.
patent: 6021495 (2000-02-01), Jain et al.
patent: 6055638 (2000-04-01), Pascal et al.
patent: 6061790 (2000-05-01), Bodnar
patent: 6070240 (2000-05-01), Xydis
patent: 6070243 (2000-05-01), See et al.
patent: 6212191 (2001-04-01), Alexander et al.
patent: 6233686 (2001-05-01), Zenchelsky et al.
patent: 6311218 (2001-10-01), Jain et al.
Estrin, Deborah, et al. “Visa Protocols for Controlling Inter-Organizational Datagram Flow: Extended Description,” WRL Research Report 88/5, Western Research Laboratory, The University of Southern California, Dec. 1988, 41 Pages.
Xylan and Checkpoint Develop First Secure Virtual LANs and User Authenticated Virtual LANs; Business Wire, Inc.; Calabasas, California; 4 Pages; Jun. 11, 1996.
Stoneburner, Gary R., et al.; The Boeing MLS LAN: Headed Towards an Infosec Security Solution; Boeing Aerospace and Electronics; pp. 254-265; (Undated).
Weiss, Howard; Verdix Secure LAN & Boeing MLS LAN Product Bulletins, Sparta, Inc.; 5 Pages; Sep. 4, 1990.
Microsoft SNA Server; Microsoft Corporation; 6 Pages, 1993.
Microsoft® SNA Server for Windows NT™ Fact Sheet; Microsoft Corporation; 3 Page; 1994.
Microsoft SNA Server Evaluation Guide; Microsoft Corporation; 28 Pages; Jan. 1994.
Cover letter for Microsoft SNA Server Fact Sheet and Evaluation Guide, Microsoft Corporation; 1 Page; (Undated).
Guideline for the Analysis of Local Area Network Security; Federal Information Processing Standards Publication 191; http://www.itl.nist.gov/fipspubs/fip191.htm; 43 Pages, Nov. 9, 1994.
McNealis, Martin; New Cisco IOS VLAN Service Make “Virtual” a Reality; Cisco Systems Software Engineering; pp. 1-5; Jun. 6, 1995.
Blunk, L.J., et al., PPP Extensible Authentication Protrocol (EAP) IETF Internet Draft draft-ietf-pppext-eap-auth-02.txt; http://www.watersprings.org/pub/id/draft-ietf-pppext-eap-auth-02.txt; 20 Pages; Jun. 1996.
Cisco IOS Lock and Key Security; Cisco Systems, Inc., pp. 1-6; 1996.
Cisco Announces Advanced Security Access Control Servers; Cisco Systems, Inc.; http://www.cisco.com/warp/public/146/pressroom/1997/apr97/1853.html; 3 Pages; Apr. 15, 1997.
Passmore, David, et al.; The Virtual LAN Technology Report; Decisys, Inc., 22 Pages; May 1996.
Symantec pcANYWHERE 32 Version 7.5 Packaging; Symantec Corporation; 4 Pages; 1996.
Symantec pcANYWHERE-Creating Scripts; Symantec Corporation, 254 Pages; 1993-1996.
Symantec pcANYWHERE 32 Version 7.5 User's Guide; Symantec Corporation, 261 Pages, 1993-1996.
Ascend Max/Pipeline Software Version 4.6 Dictionary Definitions, 9 Pages, Oct. 18, 1996.
Livingston Enterprises, Inc., “Remote Authetication Dial In User Service (RADIUS) Ascend Definitions,” Jul. 25, 1995.
Rigney, C., “RADIUS Accounting,” IETF RFC 1035, pp. 1-37, Jan. 1996, http://www.ietf.org/rfc/rfc2059.txt?number=2059.
Rigney, C., et al, “Remote Authentication Dial In User Service (RADIUS),” IETF RFC 2058, Network Working Group Internet, pp. 1-64, Jan. 1997, http://www.ietf.org.rfc/rfcw058.txt?number=2058.
Hamzeh, K., “Ascend Tunnel Management Protocol -ATMP,” IETF RFC 2107, Network Working Group Internet, pp. 1-19, Feb. 1997, ftp://ftp.isi.edu/in-notes/rfc2107.txt.
Rigney, C., et al., “Remote Authentication Dial In User Service (RADIUS),” IETF RFC 2138, pp. 1-65, Apr. 1997, http://www.ietf.org/rfc/rfc2138.txt?number-2138.
Rigney, C., “RADIUS Accounting,” IETF RFC 2139, pp. 1-37, Apr. 1997, http://www.ietf.org/rfc/rfc2139.txt?number=2139.
Claassen et al., “Secure Communication Procedure For ISDN,” IEEE Trans. on Computers, pp. 165-170, Jun. 1998.
Benhanmou, Eric, “Integrating Bridges and Routers in a Large Internetwork,” IEEE Network, pp. 65-71, Jan. 1998.
Weaver, et al., “A Real-Time Monitor for Token Ring Networks,” IEEE Trans. on Computers, pp. 0784-0798, May 1989.
Karri, Ramesh, “A Security Imbedded Authentication Protocol,” IEEE Trans. on Computers, pp. 1105-1109, Jun. 1988.
Cole, et al., “An Architecture for a Mobil OSI Mail Access System,” IEEE Journal on Selected Areas in Communications, vol. 7, No. 2, pp. 249-256, Feb. 1989.
Nakeo, et al., “Proposal on a Secure Communications Service Element in the OSI Application Layer,” IEEE Journal on Selected Areas on Communications, vol. 7, No. 4, pp. 505-516, May 1989.
Ciminiera, et al., “Authentication Mechanism in Microprocessor-Based Local Area Networks,” IEEE Trans. on Software Engineering, Col. 15, No. 5, pp. 654-658, May 1989.
Lu, et al., “Secure Communication in Internet Environments: A Hierarchical Key Management Scheme for end-to-end Encryption,” IEEE Trans. on Communications, vol. 37, No. 10, pp. 1014-1023, Oct. 1989.
Lloyd, B., et al., “PPP Authentication Protocols,” Network Working Group, http://www.ietf.org/rfc/rfc1334.txt?number=1334, pp. 1-16, Oct. 1992.
Haller, N., “The S/Key One-Time Password System,” Network Working Group, http://www.ietf.org/rfc/rfc1760.txt?number=1760, pp. 1-12, Feb. 1995.
Simpson, W., “PPP Challenge Handshake Authentication Protocol (CHAP),”, Network Working Group, http://www.ietf.org/rfc/rfc/1994.txt?number=1994, pp. 1-12, Aug. 1996.
Blunk, L.J., et al., “PPP Extensible Authentication Protocol (EAP),” Network Working Group, http://www.watersprings.org/pub/id/draft-ietf-pppext-eap-auth-02.txt, pp. 1-18, Jun. 1996.
Bailey John W.
Panza Charles L.
Pikover Yuri
See Michael E.
Stone Geoffrey C.
Alcatel
Reader Scot A.
Wu Allen S.
Wu Kim
LandOfFree
Deterministic user authentication service for communication... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Deterministic user authentication service for communication..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Deterministic user authentication service for communication... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3377975