System and method for secure access
First Claim
1. An authentication system comprising:
- an access controller operable to communicate with a client via a first communication medium; and
, an authentication server operable to communicate with said client and said access controller via a second communication medium and further operable to generate a first key for delivery to said client and a second key for delivery to said access controller, said second key being complementary to said first key such that when said client and said controller are connected, communications therebetween can be encrypted using said keys; and
wherein said access controller is operable to selectively pass instructions received from said client to a computer attached to said access controller if a verification protocol utilizing said keys is met.
2 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides a method and system for secure access to computer equipment. An embodiment includes a secure access controller connected to a link between a transceiver (such as a modem) and the computer equipment. Public and private keys are used by the secure access controller and a remote user. The keys are provided to the secure access controller by an authentication server. Once the transceiver establishes a communication link with the user, the access controller uses these keys to authenticate packets issued by the user to the computer equipment. If the packet is authenticated, the access controller passes the packet to the computer equipment. Otherwise, the packet is discarded.
-
Citations
34 Claims
-
1. An authentication system comprising:
-
an access controller operable to communicate with a client via a first communication medium; and
,an authentication server operable to communicate with said client and said access controller via a second communication medium and further operable to generate a first key for delivery to said client and a second key for delivery to said access controller, said second key being complementary to said first key such that when said client and said controller are connected, communications therebetween can be encrypted using said keys; and
wherein said access controller is operable to selectively pass instructions received from said client to a computer attached to said access controller if a verification protocol utilizing said keys is met. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. An access controller for intermediating communications between an interface and a computer and operable to store a second key complementary to a first key;
- said access controller operable to communicate with a client via said interface;
said client operable to store said first key and to receive instructions from a user;
said access controller operable to selectively pass said instructions to said computer if a verification protocol utilizing said keys is met. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
- said access controller operable to communicate with a client via said interface;
-
20. In an authentication server, a method of generating a set of keys for securing access between a client having temporary connection to a computer via an access controller, said access controller for selectively passing instructions received from said client to said computer if a verification protocol utilizing said keys is met, said method comprising the steps of:
-
receiving a request from said access controller for an updated first key;
authenticating said request;
generating said updated first key and a second key corresponding to said updated first key; and
,delivering said updated first key to said access controller. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29)
-
-
30. A method of securing access between a client and a computer having an access controller intermediate said client and said computer, said method comprising the steps of:
- receiving an instruction at said client destined for said computer;
generating a random number by said client;
encrypting said random number by said client using a first key;
delivering said random number, said encrypted random number and said instruction to said access controller;
decrypting of said encrypted number using a second key by said access controller, said second key complementary to said first key;
comparing said random number and said decrypted number;
passing at least a portion of said instruction to said computer if said comparison finds a match of said random number with said decrypted number; and
,discarding said at least a portion if no match is found.
- receiving an instruction at said client destined for said computer;
-
31. An authentication server comprising:
- an interface for communicating with a client and an access controller via a communication medium; and
a processing unit operable to generate a first key for delivery to said client and a second key for delivery to said access controller;
such that when saidcontroller and said client are connected, said controller selectively passes instructions from said client to a computer attached to said controller if a verification protocol utilizing said keys is met.
- an interface for communicating with a client and an access controller via a communication medium; and
-
32. An authentication server for generating a set of keys for securing access between a client having temporary connection to a computer via an access controller, said access controller for selectively passing instructions received from said client to said computer if a verification protocol utilizing said keys is met, said server comprising:
-
means for receiving a request from said access controller for an updated first key;
means for authenticating said request;
means for generating said updated first key and a second key corresponding to said updated first key; and
,means for delivering said updated first key to said access controller.
-
-
33. In an access controller for selectively passing instructions between a client and a computer if a verification protocol is met, a method of expiring said verification protocol comprising the steps of:
-
determining if a first preset period of time since said client disconnected from said access controller has elapsed;
determining if a second preset period of time since said verification protocol was updated has elapsed; and
,expiring said verification protocol by refusing to pass said instructions if either of said preset periods of time have elapsed. - View Dependent Claims (34)
-
Specification