Information security – Access control or authentication – Network
Reexamination Certificate
2003-04-24
2010-11-16
Tran, Ellen (Department: 2433)
Information security
Access control or authentication
Network
Reexamination Certificate
active
07836493
ABSTRACT:
A management server manufactures a secure, tamper-resistant token for a particular user specifying the permissions and authorizations that user possesses. The token may be in the form of a digitally-signed message specifying, for example, a particular computer and associated port number that the user is permitted to access. The management server delivers the token to the user, preferably over a secure communications session. When challenged, the user presents the secure token to the security proxy server. The security proxy server examines the token to be sure it is authentic and has not be tampered with, and then extracts information contained in the token to determine the user's authorization to access a particular computer, particular port number and/or other resource. The security proxy server then establishes authorized communication with the authorized computing resource based on the information contained in the user's token, and thereafter may act in one embodiment as essentially a passthrough or proxy for permitting the user to access and communicate with the resource.
REFERENCES:
patent: 5592553 (1997-01-01), Guski et al.
patent: 5684951 (1997-11-01), Goldman et al.
patent: 5689638 (1997-11-01), Sadovsky
patent: 5706349 (1998-01-01), Aditham et al.
patent: 5721781 (1998-02-01), Deo et al.
patent: 5742756 (1998-04-01), Dillaway et al.
patent: 5805803 (1998-09-01), Birrell et al.
patent: 5850451 (1998-12-01), Sudia
patent: 5907621 (1999-05-01), Bachman et al.
patent: 5951636 (1999-09-01), Zerber
patent: 5999711 (1999-12-01), Misra et al.
patent: 5999766 (1999-12-01), Hisatomi et al.
patent: 6012066 (2000-01-01), Discount et al.
patent: 6041357 (2000-03-01), Kunzelman et al.
patent: 6061741 (2000-05-01), Murphy, Jr. et al.
patent: 6128738 (2000-10-01), Doyle et al.
patent: 6134658 (2000-10-01), Multerer et al.
patent: 6161182 (2000-12-01), Nadooshan
patent: 6189096 (2001-02-01), Haverty
patent: 6223287 (2001-04-01), Douglas et al.
patent: 6253248 (2001-06-01), Nakai et al.
patent: 6279030 (2001-08-01), Britton et al.
patent: 6324683 (2001-11-01), Fuh et al.
patent: 6327662 (2001-12-01), Araujo
patent: 6377691 (2002-04-01), Swift et al.
patent: 6446206 (2002-09-01), Feldbaum
patent: 6510464 (2003-01-01), Grantges et al.
patent: 6996841 (2006-02-01), Kadyk et al.
patent: 7137006 (2006-11-01), Grandcolas et al.
patent: 7139917 (2006-11-01), Jablon
patent: 2002/0031230 (2002-03-01), Sweet et al.
patent: 2002/0157019 (2002-10-01), Kadyk et al.
patent: 2003/0028495 (2003-02-01), Pallante
patent: 2003/0036999 (2003-02-01), Mirlas et al.
patent: 2003/0196087 (2003-10-01), Stringer et al.
patent: 2004/0128502 (2004-07-01), Royer
patent: 2004/0128546 (2004-07-01), Blakley et al.
patent: 2004/0162786 (2004-08-01), Cross et al.
WRQ Reflection for the Web—Secure access inside and outside the firewall.
Dierks & Allen Standards Track Jan. 1999 The TLS Protocol Version 1.0 pp. 1-80.
Connected: An Internet Encyclopedia 14.34 Proxy Authorization http://www.freesoft.org/CIE/RFC/2068/195.htm.
Bertold Kolics, MTA-SzTAKI Bertold. Kolica@swztaki.hu Proxy Authentication with Squid.
Fielding et al, Standards Track, Network Working Group Hypertext Transfer Protocol—HTTP/1.1 J, Jun. 1999 pp. 1-176.
Warsaw barry@wooz.org [Zzope3-checkins]CVS: Zope3/lib/pthon/Zope/Security, Dec. 2002.
Thompson et al Proceedings of the 8thUSENIX Security Symposium Aug. 1999 Certificate-Based Access Control for Widely Distributed Resources.
Gilmore et al AT&T Labs, Research pp. 1-12 Secure Remote Access to an Internal Web Server.
Jacobs Mitre Corp. USCINCPAC/J6 An Authorization Framework for Web-based Applications djacobs@mitre.org.
User Authentication and Authorization in a Networked Library pp. 3-10.
Rozmanov NTLM Authorization Proxy Server Nov. 2001.
Web proxy Server Information Page, pp. 1-12.
Understanding Cisco CNS Access Registrar HLR Proxy Server pp. 1-19, Oct. 2002.
Configuring the Cisco SIP Proxy Server pp. 1-37, Jan. 2003.
WRQ Reflection, Security Solutions.
Kohl, J., “RFC 1510—The Kerberos Network Authentication Service (V5),” 85 pages (Sep. 1993).
Microsoft TechNet, Article 313407, “How to: Create Automatic Certificate Requests with Group Policy in Windows,” 2 pages (2003).
Gilmore et al., “Secure Remote Access to an Internal Web Server,” AT&T: 1999. http://www.isoc.org/isoc/conferences
dss/99/proceedings/papers/gilmore.pdf (1999).
Office Action issued in commonly assigned copending U.S. Appl. No. 10/875,606 (Apr. 26, 2010).
Brombaugh Dan
Xia Sharon (Hong)
Attachmate Corporation
Nixon & Vanderhye PC
Tran Ellen
LandOfFree
Proxy server security token authorization does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Proxy server security token authorization, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Proxy server security token authorization will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4239250