System and method of user authentication for network...

Electrical computers and digital processing systems: multicomput – Computer-to-computer session/connection establishing – Network resources access controlling

Reexamination Certificate

Rate now

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Details

C709S238000, C709S225000, C713S185000, C713S153000, C713S152000, C713S152000

Reexamination Certificate

active

07039713

ABSTRACT:
A policy agent of a network performs an out-of-band user authentication process to verify the identity of a user of a client computer and associates the network data received from the client computer with the user. When the client computer initiates a network data connection to or through the policy agent, the policy agent sends an encrypted challenge to the client computer. The challenge is encrypted with a private key of the policy agent. When the client computer receives the challenge, it decrypts the challenge and prepares a message digest value based on the challenge and the network data sent by the user. The message digest value is then encrypted with the private key of the user to form a response, and the response is sent to the policy agent. The policy agent decrypts the response with the public key of the user to obtain the message digest value and calculates a digest value based on the challenge and the received network data. The policy agent then compares the calculated digest value with the decrypted digest value. A match between the two digest values indicates that the user is successfully authenticated and that the received network data are associated with the user. The policy agent may then apply network policies based on the credentials of the authenticated user.

REFERENCES:
patent: 5684951 (1997-11-01), Goldman et al.
patent: 5724425 (1998-03-01), Chang et al.
patent: 5745573 (1998-04-01), Lipner et al.
patent: 5757916 (1998-05-01), MacDoran et al.
patent: 6052788 (2000-04-01), Wesinger et al.
patent: 6292892 (2001-09-01), Davis
patent: 6311218 (2001-10-01), Jain et al.
patent: 6510513 (2003-01-01), Danieli
patent: 6725276 (2004-04-01), Hardjono et al.
“Applied Cryptography” by Bruce Schneier, 2nd edition.
K. Egevang & P. Francis,RFC 1631: The IP Network Address Translator(NAT), May 1994, Available from http://www-bib.fh-bielefeld.de/epub/doc/idoc/rfc/rfc1600-1699/rfc1631.html.
M. St. Johns,RFC 931: Authentication Server, Jan. 1984, Available from http://www-bib.fh-bielefeld.de/epub/doc/idoc/rfc/rfc0900-0999/rfc931.html.
R. Rivest,RFC 1321: The MD5 Message Digest Algorithm, Apr. 1992, Available from http://www-bib.fh-bielefeld.de/epub/doc/idoc/rfc/rfc1300-1399/rfc1321.html.
Burton S. Kaliski Jr,An Overview of the PKCS Standards: An RSA Laboratories Technical Note, Nov. 1, 1993, Available from http://www.areane.com/doc/rsa/pkcs/overview.htm.

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

System and method of user authentication for network... does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with System and method of user authentication for network..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and method of user authentication for network... will most certainly appreciate the feedback.

Rate now

     

Profile ID: LFUS-PAI-O-3627982

  Search
All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.