System and method for access control
First Claim
1. In a gateway server, a method of controlling access to a resource comprising:
- receiving a digital certificate from a device;
extracting an identifier embedded into said certificate;
determining if said identifier is valid;
if said identifier is determined to be valid, permitting said device to access said resource; and
, if said identifier is determined to be invalid, denying said device access to said resource.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for access control is provided. In one embodiment, a system includes a computing device connected to an access server that controls the ability of the computing device to access to a computing resource, such as the Internet. The access server connects to an activation server via a network. The activation server is operable to receive a request for to generate a certificate for the computing device from the activation server. The activation server is operable to generate the certificate and embed a unique identifier of the computing device and/or the access server and/or the like inside the certificate. Once generated, the certificate is installed in the computing device. When the computing device initiates a request to access the computing resource, the computing device initially sends the certificate to the access server. If the certificate received by the access server does not include the expected unique identifier(s), then access to the computing resource is prevented and/or restricted. If the key received by the access server includes the expected unique identifier(s), then access to the computing resource is permitted.
-
Citations
54 Claims
-
1. In a gateway server, a method of controlling access to a resource comprising:
-
receiving a digital certificate from a device;
extracting an identifier embedded into said certificate;
determining if said identifier is valid;
if said identifier is determined to be valid, permitting said device to access said resource; and
,if said identifier is determined to be invalid, denying said device access to said resource. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A gateway server comprising a first interface for connection to a local device and a second interface for connection to a resource, said server further comprising a microcomputer intermediate said interfaces, said microcomputer operable to receive a request for access to said resources from said device, said request including a certificate received from said device, said microcomputer operable to extract an identifier embedded into said certificate and further operable to permit said device to access said resource if said identifier is valid;
- and to deny said device access to said resource if said identifier is invalid.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
- 43. A digital certificate for use on a client device, said digital certificate including an identifier embedded therein, said identifier being extractable by a server to which said device can connect such that said server can permit or deny access to a resource connected to said server based on a validity of said identifier.
-
52. A method of generating a digital certificate for use on a client device comprising:
-
receiving at least one unique identifier;
generating a digital certificate payload;
embedding said at least one unique identifier and said payload into a certificate. - View Dependent Claims (53)
-
-
54. A computer readable media containing a set of programming instructions for use in a gateway server, said instructions including a method of controlling access to a resource comprising:
-
receiving a digital certificate from a device;
extracting an identifier embedded into said certificate;
determining if said identifier is valid;
if said identifier is determined to be valid, permitting said device to access said resource; and
,if said identifier is determined to be invalid, denying said device access to said resource.
-
Specification