Secure authenticated network connections

US 20050120223A1
Filed: 07/14/2004
Published: 06/02/2005
Est. Priority Date: 12/01/2003
Status: Abandoned Application

First Claim

Patent Images

1. A method comprising:

registering a plurality of system nodes with a data node communicatively coupled to a control node;

identifying at the control node a number of clients authorized to access each of the system nodes;

receiving at the control node a request from an authorized client to access and control at least one of the system nodes; and

establishing via the control node and data node a secure authenticated connection between the authorized client and the system node.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Implementations described and claimed herein provide access, e.g., to building automation systems, via a secure authenticated network: connection. A secure authenticated network connection may be established in a network environment according to one implementation between a client and a system node (e.g., a server controlling the building automation system). The system node registers with a data node and the control node maintains a listing of clients authorized to access the system node. When a client desires access to the system node, the client requests access via the control node. The control node authenticates the client as an authorized user and establishes a secure authenticated connection between the client and the system node via the data node.

50 Citations

View as Search Results

20 Claims

1. A method comprising:
- registering a plurality of system nodes with a data node communicatively coupled to a control node;
  
  identifying at the control node a number of clients authorized to access each of the system nodes;
  
  receiving at the control node a request from an authorized client to access and control at least one of the system nodes; and
  
  establishing via the control node and data node a secure authenticated connection between the authorized client and the system node.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1 wherein the system nodes are always connected to the data node.
  - 3. The method of claim 1 wherein the secure authenticated connection is via an SSH tunnel.
  - 4. The method of claim 1 further comprising forwarding requests from the client to a designated port on the system node for controlling the system node from the client.
  - 5. The method of claim 1 further comprising maintaining an online status of the system node at the control node.
  - 6. The method of claim 1 further comprising providing a listing of at least one system node the client is authorized to access to the client in response to receiving the request from the client to access the system node.

7. A computer program product encoding computer programs for executing a computer process on a control node communicatively coupled to a data node, the computer process comprising:
- registering a plurality of system nodes with the data node;
  
  identifying at the control node a number of clients authorized to access the system nodes;
  
  receiving at the control node a request from an authorized client to access and control at least one of the system nodes; and
  
  establishing via the control node and data node a secure authenticated connection between the authorized client and the system node.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The computer program product of claim 7 wherein the computer process further comprises establishing the secure authenticated connection as an SSH tunnel via the control node and the data node.
  - 9. The computer program product of claim 7 wherein the computer process further comprises forwarding requests from the client to a designated port on the system node.
  - 10. The computer program product of claim 7 wherein the computer process further comprises maintaining an online status of the system node at the control node.
  - 11. The computer program product of claim 7 wherein the computer process further comprises providing a listing of at least one system node the client is authorized to access to the client in response to receiving the request from the client to access the system node.

12. A service provider system for establishing a secure authenticated network connection between remote clients and system nodes for controlling building automation systems, comprising:
- a data node securely connecting to a plurality system nodes, the data node registering each of the securely connected system nodes; and
  
  a control node communicatively coupled to the data node, the control node authenticating a remote client to access and control at least one of the system nodes registered with the data node and then establishing a secure authenticated connection between the remote client and the system node.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
- - 13. The system of claim 12 wherein the control node is a web server.
  - 14. The system of claim 12 wherein the secure authenticated connection is via an SSH tunnel established through the control node and data node.
  - 15. The system of claim 12 wherein the control node forwards requests from the remote client through the control node and data node to a designated port on the system node.
  - 16. The system of claim 12 wherein the control node maintains a data store including system nodes and clients authorized to access the system nodes.
  - 17. The system of claim 12 wherein the data node maintains a data store including system node registrations.
  - 18. The system of claim 12 wherein the data node maintains at data store including status of the system nodes.
  - 19. The system of claim 12 wherein the remote client is provided access to control predetermined features of the building automation system via the secure authenticated connection.
  - 20. The system of claim 12 wherein the remote client is provided restricted access to the building automation system via the secure authenticated connection.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google Inc. (Alphabet Inc.)
Original Assignee
Google Inc. (Alphabet Inc.)
Inventors
Files, Craig Matthew, Kiwimagi, Gary, McJilton, Charles

Application Number

US10/890,877
Publication Number

US 20050120223A1
Time in Patent Office

Days
Field of Search
US Class Current

713/182
CPC Class Codes

G06F 21/33   using certificates

H04L 63/061   for key exchange, e.g. in p...

H04L 63/102   Entity profiles

Secure authenticated network connections

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

50 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Secure authenticated network connections

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

50 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links