Method and system for identifying a replay attack by an access device to a computer system
First Claim
1. A method of authenticating a user device requesting access to a computer system, the method including:
- encrypting current session data at a connection application of the user device via which a user requests access to the computer system, the current session data changing with each user request;
including the encrypted current session data in user authentication data in an access request which is communicated in plain text;
decrypting the access request and comparing reference session data with the decrypted current session data; and
selectively categorizing the user request dependent upon the outcome of the comparison.
1 Assignment
0 Petitions
Accused Products
Abstract
A method is provided of authenticating a user device requesting access to a computer system. The method includes encrypting current session data at a connection application of the user device via which a user requests access to the computer system, the current session data changing with each user request. The encrypted current session data is then included in user authentication data in an access request which is communicated in plain text which is then decrypted. Reference session data is then compared with the decrypted current session data and the user request is selectively categorized dependent upon the outcome of the comparison. The encrypted session data is provided in a format suitable for communication using a protocol from one of Point-to-Point Protocol (PPP), Password Authentication Protocol (PAP), Challenge-Handshake Authentication Protocol (CHAP), Remote Authentication Dial In User Service (RADIUS) protocol, Terminal Access Controller Access Control System (TACACS) protocol, Lightweight Directory Access Protocol (LDAP), NT Domain authentication protocol, Unix password authentication protocol, HyperText Transfer Protocol (HTTP), HyperText Transfer Protocol over Secure sockets layer (HTTPS), Extended Authentication Protocol (EAP), Transport Layer Security (TLS) protocol, Token Ring protocol and Secure Remote Password protocol (SRP).
258 Citations
34 Claims
-
1. A method of authenticating a user device requesting access to a computer system, the method including:
-
encrypting current session data at a connection application of the user device via which a user requests access to the computer system, the current session data changing with each user request;
including the encrypted current session data in user authentication data in an access request which is communicated in plain text;
decrypting the access request and comparing reference session data with the decrypted current session data; and
selectively categorizing the user request dependent upon the outcome of the comparison. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method identifying a replay attack by an access device requesting access to a computer system, the method including:
-
receiving an encrypted access request in plain text from the access device;
decrypting the access request and identifying current session data in the access request, the current session data being generated by the access device;
comparing decrypted current session data with reference session data; and
selectively categorizing the user request as a replay attack dependent upon the outcome of the comparison. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A system for authenticating a user device requesting access to a computer, the system including:
-
a session data generator to generate current session data at a connection application of the user device via which a user requests access to the computer, the current session data changing with each user request;
an encryption module to encrypt and include the current session data in user authentication data to provide an encrypted access request which is communicated in plain text; and
a processor to decrypt the encrypted access request;
a comparator to compare the reference session data with the decrypted current session data, the processor selectively categorizing the user request dependent upon the outcome of the comparison. - View Dependent Claims (18, 19, 20, 21)
-
-
22. A computer server for identifying a replay attack by an access device requesting access to a computer system, the computer server including:
-
a receiver to receive an encrypted access request which is in plain text from the access device;
a processor to decrypt and identify current session data in the access request, the current session data being generated by the access device;
a comparator to compare the decrypted current session data with reference session data, the processor selectively categorizing the user request as a replay attack dependent upon the outcome of the comparison. - View Dependent Claims (23, 24, 25, 26, 27, 28)
-
-
29. A computer server for identifying a replay attack by an access device requesting access to a computer system, the computer server including:
-
means for receiving an access request from the access device;
means for identifying current session data in the access request, the current session data being generated by the access device; and
means for comparing current session data with reference data and selectively categorizing the user request as a replay attack dependent upon the outcome of the comparison.
-
-
30. A machine-readable medium embodying a sequence of instructions for identifying a replay attack by an access device requesting access to a computer system, the instructions, when executed by the machine, causing the machine to:
-
receive an encrypted access request from the access device in plain text;
decrypt and identify current session data in the access request, the current session data being generated by the access device;
compare current session data with reference data; and
selectively categorize the user request as a replay attack dependent upon the outcome of the comparison. - View Dependent Claims (31, 32, 33, 34)
-
Specification