Electrical computers and digital processing systems: support – System access control based on user identification by... – Using record or token
Reexamination Certificate
2006-09-26
2006-09-26
Smithers, Matthew (Department: 2137)
Electrical computers and digital processing systems: support
System access control based on user identification by...
Using record or token
C726S005000, C382S115000
Reexamination Certificate
active
07114080
ABSTRACT:
A remote computer access facility uses two dedicated computers outside the firewall. To ensure security the system makes use of biometrics features and a one-time password mechanism on top of secure socket layer (SSL) to authenticate a user. The system also provides three layers of security levels for transmission. The first layer establishes an SSL connection, the second layer periodically asks for a one-time password (OTP), and the third layer uses any kind of conventional encryption. The combination of the biometric, OTP and encryption key forms a strong password. The system also uses a mechanism for secure file accesses within the organization based on the security privileges assigned to various users. Based on the user's access privileges, the server side software module sends the requested file in an encrypted form along with the key to decrypt that file—this key is encrypted by the user's strong password.
REFERENCES:
patent: 6119096 (2000-09-01), Mann et al.
patent: 6263446 (2001-07-01), Kausik et al.
patent: 6356941 (2002-03-01), Cohen
patent: 6618806 (2003-09-01), Brown et al.
patent: 6732278 (2004-05-01), Baird et al.
patent: 2001/0055388 (2001-12-01), Kaliski
patent: 2002/0124176 (2002-09-01), Epstein
patent: 2003/0225693 (2003-12-01), Ballard et al.
patent: 2004/0230807 (2004-11-01), Baird et al.
patent: WO 3063411 (2003-07-01), None
Leslie Lamport, “Password Authentication with Insecure Communication”, Communications of ACM, vol. 24, No. 11, Nov. 1981, pp. 770-772.
Rahman, Mahfuzur and Bhattacharya, Prabir, “Secure Network Communication Using Biometrics”, Multimedia and Expo, 2001, ICME 2001, IEEE International Conference, Aug. 22-25, 2001, pp. 269-272.
N. Haller, “The S/Key One-Time Password System”, http://developer.netscape.com/docs/manuals/security/Sslin/contents.htm, Feb. 1995.
C. Gilmore et al., “Secure Remote Access to an Internal Web Server”, AT&T Labs—Research, Florham, Park, NJ, USA.
“Introduction to SSL”, http://developer.netscape.com/docs/manuals/security/sslin/contents.htm.
“ID in the Blink of an Eye”, http://www.washtech.com/cgi-bin. . ./WTW.PRINT.STORY?client=washtech-tTest&storyid=819.
“Introduction to Public-Key Cryptography”, http://developer.netscape.com/docs/manuals/security/pkin/Contents.htm.
Bhattacharya Prabir
Rahman Mahfuzur
Fields Courtney
Matsushita Electric - Industrial Co., Ltd.
RatnerPrestia
Smithers Matthew
LandOfFree
Architecture for secure remote access and transmission using... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Architecture for secure remote access and transmission using..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Architecture for secure remote access and transmission using... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3537628