Information security – Access control or authentication – Network
Reexamination Certificate
2005-05-27
2010-06-01
Tran, Ellen (Department: 2433)
Information security
Access control or authentication
Network
Reexamination Certificate
active
07730527
ABSTRACT:
Disclosed is a method and system for controlling access of a source terminal to a network that includes, in particular, a firewall and an authentication portal that maintains the firewall during an access request originating from the source terminal and which permits access when periodically and subsequently provided with a valid authentication token. The source terminal can also communicate in tunnel mode with the destination terminal of the network via a block mode tunnel. Authentication tokens are periodically supplied on the OSI Layer 2 level so that the tokens continue to be provided during a block tunnel mode communication. A network operator can maintain access control using a captive portal paradigm even when a user chooses to use a block mode tunnel.
REFERENCES:
patent: 7454622 (2008-11-01), Laidlaw et al.
patent: 2003/0035006 (2003-02-01), Kodosky et al.
patent: 2003/0204744 (2003-10-01), Maltais et al.
patent: 2004/0053601 (2004-03-01), Frank et al.
Haidong Xia et al., “Detecting and Blocking Unauthorized Access in Wi-Fi Networks”; Networking 2004, Networking Technologies, Services, and Protocols; Performance of Computer and Communication Networks; Mobile and Wireless Communications. Third International IFIP-TC6 Networking Conference Proceedings. (Lecture notes in Comput. Sci., May 2004), pp. 795-806.
Vaughn-Nichols S.J., “Securing your Wi-Fi Connection on the Road”, Wi-Fi Planet, “Online”, Nov. 7, 2003, www.wi-fiplanet.com/tutorials/article.php/3106011.
[ARP] Address Resolution Protocol, “An Ethernet Address Resolution Protocol,” RFC 826, Nov. 1982, pp. 1-8.
[HMAC-MD5] Krawcyzk, H., Bellare M., and Canettit, R., “HMAC: Keyed-Hashing for Message Authentification,” RFC 2104, Feb. 1997, pp. 1-11.
[1EEE-802.11-1997] Institute of Electrical and Electronic Engineers, “Information Technology—Telecommunications and Information Exchange between Systems—Local and Metropolitan Area Network-Specific Requirements—Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications,” IEEE Standard 802.11,1997, pp. 1-459.
[IPSec] Kent, S., and R. Atkinson, “Security Architecture for the Internet Protocol,” RFC 2401, Nov. 1998, pp. 1-63.
[TLS] Dierks, T. and Allen, C., “The TLS Protocol Version 1.0,” RFC 2246, Jan. 1999., pp. 1-76.
(IEEE Std 802.1X-2001), ] Institute of Electrical and Electronic Engineers, IEEE Standard for Local and Metropolitan Area Networks, “Port-Based Network Access Control”, Sponsor: LAN/MAN Standards Committee of the IEEE, Approved Jun. 14, 2001 IEEE-SA Standards Board, Approved Oct. 25, 2001 American National Standards Institute, pp. 1-142.
802.3® IEEE Standard for Information technology—Telecommunications and information exchange between systems—Local and metropolitan area networks—Specific requirements, Part 3: Carrier sense multiple access with collision detection (CSMA/CD) access method and physical layer specifications Published by The Institute of Electrical and Electronics Engineers, Inc.,3 Park Avenue, New York, NY 10016-5997, USA, Mar. 8, 2002, IEEE Computer Society, Sponsored by the LAN/MAN Standards Committee. pp. 1-578.
802.3® IEEE Standard for Information technology—Telecommunications and information exchange between systems—Local and metropolitan area networks—Specific requirements—Part 3: Carrier Sense Multiple Access with Collision Detection (CSMA/CD) access method and physical layer specifications Section Two: This section includes Clauses 21 through 33 and Annexes 22A through 32A, pp. 1-582.
802.3® IEEE Standard for Information technology—Telecommunications and information exchange between systems—Local and metropolitan area networks—Specific requirements—Part 3: Carrier Sense Multiple Access with Collision Detection (CSMA/CD) access method and physical layer specifications Section Three: This section includes Clauses 34 through 43 and Annexes 36A through 43C, pp. 1-379. Telecommunications and information exchange between systems— Local and Metropolitan area networks—Specific requirements—Part 11: Wireless Lan Medium Access Control (Mac) and Physical Layer (Phy) Specifications - Sponsor Lan Man Standards Committee of the IEEE Computer Society - Reaffirmed 6/12/03 IEEE-Sa Standards Board, pp. 1-528.Multiple Access with Collision Detection.
ANSI/IEEE Std 802.11, 1999 Edition (R2003)Information technology—Telecommunications and information exchange between systems—Local and Metropolitan area networks—Specific requirements—Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications—Sponsor LAN MAN Standards Committee of the IEEE Computer Society—Reaffirmed Jun. 12, 2003 IEEE-SA Standards Board, pp. 1-528.
EEE Std 802.11i™-2004 [Amendment to IEEE Std 802.11™, 1999 Edition (Reaff 2003) as amended by IEEE Stds 802.11a™-1999, 802.11b™-1999, 802.11b™-1999/Cor 1-2001, 802.11d™-2001, 802.11g™-2003, and 802.11h™-2003]802.11iTM IEEE Standard for Information technology—Telecommunications and information exchange between systems—Local and metropolitan area networks—Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications Amendment 6: Medium Access Control (MAC) Security Enhancements—3 Park Avenue, New York, NY 10016-5997, USA—IEEE Computer Society Sponsored by theLAN/MAN Standards Commitee—Jul. 23, 2004 Print: SH95248 PDF: SS95248, pp. 1-190.
International Standard ISO/IEC 7498-I—Second edition 1994-I I-I 5—Corrected and reprinted 1996-06-I 5 Information technology— Open Systems Interconnection—Basic Reference Model; The Basic Model—Reference No. ISO/I EC 7498-I : 1994(E), pp. 1-68.
International Standard ISO/IEC 7498-3 Second edition 1997-04-I 5—Information technology—Open Systems Interconnection—Basic Reference Model: Naming and addressing— Reference No. ISO/I EC 7498-3 : 1997(E) pp. 1-32.
International Standard ISOIEC—7498-4 First edition—1989-II-15—Information processing systems —Open Systems Interconnection— Basic Reference Model—Part 4 : Management framework—Reference No. ISO/I EC 7498-4 : 1989(E), pp. 1-16.
Wi-Fi Protected Access (WPA) Abstract—This document captures those clauses of the IEEE 802.11i Draft 3.0 that comprise an enhanced security implementation for 802.11i known as Wi-Fi Protected Access. Implementation notes are also provided. Line number references to the 802.11i Draft 3.0 standard are used throughout this document. In order to ensure consistent referencing, this document should be used in conjunction with the Portable Document Format (PDF) version of the IEEE 802.11i Draft 3.0 standard, pp. 1-32.
Butti Laurent
Charles Olivier
Veysset Franck
Aycock, II Stephen W.
Carmichael James T.
France Telecom
Miles & Stockbridge P.C.
Tran Ellen
LandOfFree
Procedure for controlling access to a source terminal... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Procedure for controlling access to a source terminal..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Procedure for controlling access to a source terminal... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4190022