Method and apparatus for detecting an unauthorized client in a network of computer systems

US 20060047823A1
Filed: 06/22/2004
Published: 03/02/2006
Est. Priority Date: 06/22/2004
Status: Active Grant

First Claim

Patent Images

1. A method for controlling access by a client system of a network of computer systems including a certification authority server, the method comprising:

storing, by the certification authority server, respective authorization codes for each client system authorized to access the network of computer system;

connecting a prospective client system to the network of computer systems;

sending to the certification authority server, by the prospective client system, an authorization code unique to the prospective client system; and

allowing access by the prospective client system to the network of computer systems if the authorization code of the prospective client system matches an authorization code stored in the certification authority server.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for detecting an unauthorized client system attempting to connect to a network of computer systems is disclosed. The network includes a certification authority server that includes a database of unique identification codes of authorized network client systems. A client system attempting to connect to the network transmits an authorization code over the network. If the client'"'"'s authorization code matches an authorization code stored in the database of the certification authority server, then the client is authorized and is sent a network address which the client can use to communicate with other clients. However, if there is no match, the client is unauthorized and is scanned for viruses by an anti-virus server also on the network. Alternatively, the unauthorized client is blocked from the network without performing a virus scan.

45 Citations

View as Search Results

23 Claims

1. A method for controlling access by a client system of a network of computer systems including a certification authority server, the method comprising:
- storing, by the certification authority server, respective authorization codes for each client system authorized to access the network of computer system;
  
  connecting a prospective client system to the network of computer systems;
  
  sending to the certification authority server, by the prospective client system, an authorization code unique to the prospective client system; and
  
  allowing access by the prospective client system to the network of computer systems if the authorization code of the prospective client system matches an authorization code stored in the certification authority server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1 including blocking access by the prospective client system to the network of computer systems if the authorization code of the prospective client system does not match an authorization code stored in the network server.
  - 3. The method of claim 1 including performing a virus scan of the prospective client system if the authorization code of the prospective client system does not match an authorization code stored in the network server.
  - 4. The method of claim 3 including performing a virus cleaning operation if a virus is found on the prospective client system.
  - 5. The method of claim 1 wherein the certification authority server includes a database for storing the authentication codes of authorized client systems and the address of a dedicated IP assignment server.
  - 6. The method of claim 1 wherein the authorization code is a MAC address.
  - 7. The method of claim 1 wherein the network includes an IP address offering server.
  - 8. The method of claim 7 wherein the network includes an anti-virus server.
  - 9. The method of claim 8 wherein the IP address server assigns an IP address to the prospective client system and the anti-virus server performs a virus scan on the prospective client system if the authorization code of the prospective client system does not match an authorization code stored in the network server.
  - 10. The method of claim 9 including cleaning a virus from the prospective client system if a virus is found therein by the anti-virus server.
  - 11. The method of claim 1 wherein the network employs a DHCP network connection protocol.
  - 12. The method of claim 1 wherein the networked computer system employs a BootP network connection protocol.

13. A network of computer systems comprising:
- a network backbone for coupling the computer systems together;
  
  a certification authority server, coupled to the network backbone, for storing respective authorization codes for each client system authorized to access the network of computer systems;
  
  a prospective client system, coupled to the network backbone, seeking access to other computer systems in the network;
  
  a network address offering server, coupled to the network backbone, for providing the prospective client system with a network address if the authorization code of the prospective client system matches an authorization code stored in the certification authority server; and
  
  an anti-virus server, coupled to the network backbone, for scanning the prospective client system for viruses if the authorization code of the prospective client system does not match an authorization code stored in the certification authority server.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The network of claim 13 wherein the network address is an IP address.
  - 15. The network of claim 13 wherein the certification authority server includes a database for storing the authentication codes of authorized client systems and the address of a dedicated network address assignment server.
  - 16. The network of claim 13 wherein the network employs a DHCP network connection protocol.
  - 17. The network of claim 13 wherein the network employs a BootP network connection protocol.

18. A network of computer systems comprising:
- a network backbone for coupling the computer systems together;
  
  a certification authority server, coupled to the network backbone, for storing respective authorization codes for each client system authorized to access the network of computer systems;
  
  a prospective client system, coupled to the network backbone, seeking access to other computer systems in the network; and
  
  an network address offering server, coupled to the network backbone, for providing the prospective client system with an network address if the authorization code of the prospective client system matches an authorization code stored in the certification authority server.
- View Dependent Claims (19, 20, 21, 22, 23)
- - 19. The network of claim 18 including an anti-virus server, coupled to the network backbone, for scanning the prospective client system for viruses if the authorization code of the prospective client system does not match an authorization code stored in the certification authority server.
  - 20. The network of claim 19 wherein the network address is an IP address.
  - 21. The network of claim 19 wherein the certification authority server includes a database for storing the authentication codes of authorized client systems and the address of the network address offering server.
  - 22. The network of claim 19 wherein the network employs a DHCP network connection protocol.
  - 23. The network of claim 19 wherein the network employs a BootP network connection protocol.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Taiwan Semiconductor Manufacturing Company Limited
Original Assignee
Taiwan Semiconductor Manufacturing Company Limited
Inventors
Cheng, Tung-Sheng

Granted Patent

US 7,467,405 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/229
CPC Class Codes

G06F 21/33   using certificates

G06F 21/56   Computer malware detection ...

H04L 61/5014   using dynamic host configur...

H04L 63/0876   based on the identity of th...

H04L 63/145   the attack involving the pr...

Method and apparatus for detecting an unauthorized client in a network of computer systems

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

45 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for detecting an unauthorized client in a network of computer systems

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

45 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links