Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
2003-07-01
2009-02-24
Barron, Jr., Gilberto (Department: 2432)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
Reexamination Certificate
active
07496755
ABSTRACT:
A user device initiates a network access authentication operation via a network access device with a network access authentication server, e.g., a Remote Authentication Dial-In User Service (RADIUS) server, which also generates an X.509 proxy certificate and includes the proxy certificate with the information, such as a set of network access parameters, that is returned to the user device in response to a successful completion of the network access authentication operation. The user device extracts and stores the proxy certificate. The network access parameters are used by the user device to communicate via the network access device on a network, which supports a grid. When the user device accesses a resource in the grid, the proxy certificate is already available, thereby obviating the need to generate a new proxy certificate and allowing a user of the user device to experience an integrated single-sign-on for network access and grid access.
REFERENCES:
patent: 5944824 (1999-08-01), He
patent: 6694025 (2004-02-01), Epstein et al.
patent: 7069440 (2006-06-01), Aull
patent: 7353383 (2008-04-01), Skingle
patent: 2002/0144119 (2002-10-01), Benantar
patent: 2004/0064548 (2004-04-01), Adams et al.
patent: 2004/0123232 (2004-06-01), Hodges et al.
patent: 2004/0139202 (2004-07-01), Talwar et al.
patent: 2005/0021956 (2005-01-01), Genty et al.
patent: 2005/0144463 (2005-06-01), Rossebo et al.
patent: 1175038 (2002-01-01), None
patent: WO 01/11450 (2001-02-01), None
Johnson et al., “DOE Science Grid”, http://www/doesciencegrid.org/management/DOE—Science—Grid—highlight—June—21,—2002.pdf, Jun. 21, 2002.
Basney, “NCSA-IPG Collaboration Projects Overview”, http://www.ncsa.uiuc.edu/˜jbasney
csa-ipg-fy02.pdf, Feb. 6, 2003.
“Radiator OSC”, http://www.open.com.au/radiator/index.html, no date.
“Radius Server”, Nortel Networks, http://www.nortelnetworks.com/products/04/radius, no dat.
“Radius Server CX6800-RD”, NEC, http://www.nec-globalnet.com/products/cx6800rd.html, no date.
“Additional Vendor-Proprietary Radius Attributes”, CiscoIOS Release 11.3(3)T, no date.
“Configuring Radius Servers”, Ch. 11,Cisco Aironet 1100 Series Access Point Installation and Configuration Guide, Cisco Systems, no date.
“Cisco IOS Technologies: Radius Support in Cisco IOS Software”, Cisco Systems, Apr. 1997.
“Radius Protocol Security and Best Practices”, Microsoft Corp. Jan. 2000.
“Microsoft Windows 2000 Server: Access Server Requirements for Interoperability with the Internet Authentication Service”, Microsoft Corp., Feb. 2002.
“Cisco—How Does Radius Work?”, Cisco Systems, Jan. 2003.
Welch et al., “Security for Grid Services”,Twelfth International Symposium on High Performance Distributed Computing(HPDC-12), IEEE Press, Jun. 2003.
Foster et al., “The Anatomy of the Grid: Enabling Scalable Virtual Organizations”,International J. Supercomputer Applications, 15(3), 2001.
Foster et al., “The Physiology of the Grid: An Open Grid Services Architecture for Distributed Systems Integration”, Open Grid Service Infrastructure WG, Global Grid Forum, Jun. 22, 2002.
Foster et al., “A Security Architecture for Computational Grids”, Proc. 5th ACM Conference on Computer and Communications Security Conference, pp. 83-92, 1998.
Foster et al., “Grid Services for Distributed System Integration”,Computer, pp. 37-46, Jun. 2002.
Butler, “A National-Scale Authentication Infrastructure”,Computer, pp. 60-66, Dec. 2000.
Tuecke et al., “Internet X.509 Public Key Infrastructure Proxy Certificate Profile”, draft-ietf-pkix-proxy-06, Internet Engineering Task Force (IETF), May 2003.
Blunk et al., “PPP Extensible Authentication Protocol (EAP)”, RFC 2284, Internet Engineering Task Force (IETF), Mar. 1998.
Rigney et al., “Remote Authentication Dial In User Service (Radius)”, RFC 2865, Internet Engineering Task Force (IETF), Jun. 2000.
Rigney et al., “Radius Accounting”, RFC 2866, Internet Engineering Task Force (IETF), Jun. 2000.
Rigney et al., “Radius Extensions”, RFC 2869, Internet Engineering Task Force (IETF), Jun. 2000.
Housley et al., “Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile”, RFC 3280, Internet Engineering Task Force (IETF), Apr. 2002.
Genty Denise Marie
Mullen Shawn Patrick
Almeida Devin
Baca Matthew W.
Barron Jr. Gilberto
Fay III Theodore D.
International Business Machines - Corporation
LandOfFree
Method and system for a single-sign-on operation providing... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system for a single-sign-on operation providing..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system for a single-sign-on operation providing... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4053980