TOKEN BASED TWO FACTOR AUTHENTICATION AND VIRTUAL PRIVATE NETWORKING SYSTEM FOR NETWORK MANAGEMENT AND SECURITY AND ONLINE THIRD PARTY MULTIPLE NETWORK MANAGEMENT METHOD

US 20070186099A1
Filed: 04/16/2007
Published: 08/09/2007
Est. Priority Date: 03/04/2004
Status: Abandoned Application

First Claim

Patent Images

1. Secure electronic device networks comprising:

A plurality of independent networks;

Each independent network having a plurality of end user devices attachable to the network forming nodes thereof, each end user device having input plugs for coupling accessories thereto;

A network managing system which includes authenticating the end user devices attached to the network;

A plurality of authenticating keys, with each key attachable to an input plug of an end user device, each key containing a validation certificate therein and constructed to establish a virtual private network tunnel between at least a portion of the network managing system and the key, whereby the presence of a current validation certificate on a key coupled to the end users device may be validated prior to granting access to the network.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A two-factor network authentication system uses “something you know” in the form of a password/Pin and “something you have” in the form of a key token. The password is encrypted in a secure area of the USB device and is protected from brute force attacks. The key token includes authentication credentials. Users cannot authenticate without the key token. Four distinct authentication elements that the must be present. The first element is a global unique identifier that is unique to each key. The second is a private credential generated from the online service provider that is stored in a secure area of the USB device. The third element is a connection profile that is generated from the online service provider. The fourth element is a credential that is securely stored with the online service provider. The first two elements create a unique user identity. The second two elements create mutual authentication.

66 Citations

View as Search Results

20 Claims

1. Secure electronic device networks comprising:
- A plurality of independent networks;
  
  Each independent network having a plurality of end user devices attachable to the network forming nodes thereof, each end user device having input plugs for coupling accessories thereto;
  
  A network managing system which includes authenticating the end user devices attached to the network;
  
  A plurality of authenticating keys, with each key attachable to an input plug of an end user device, each key containing a validation certificate therein and constructed to establish a virtual private network tunnel between at least a portion of the network managing system and the key, whereby the presence of a current validation certificate on a key coupled to the end users device may be validated prior to granting access to the network.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The secure electronic device networks as claimed in claim 1 wherein each key attaches to a universal serial bus port of the end user device.
  - 3. The secure electronic device networks as claimed in claim 2 wherein the network managing system utilizes at least one additional network access validating tool which is distinct from the authenticating keys for access to the networks.
  - 4. The secure electronic device networks as claimed in claim 3 wherein the network managing system utilizes at least one of a user inputted Personal Identification Number and a user inputted password.
  - 5. The secure electronic device networks as claimed in claim 1 wherein selective end user devices may be coupled to multiple local networks each key adaptable for use with authentication of the multiple networks.
  - 6. The secure electronic device networks as claimed in claim 5 wherein each key includes password management software thereon
  - 7. The secure electronic device networks as claimed in claim 1 wherein each key further includes network protection software.
  - 8. The secure electronic device networks as claimed in claim 1 wherein at least one independent network is a Wi-Fi network.
  - 9. The secure electronic device networks as claimed in claim 1 wherein each key further includes a personal profile on an individual'"'"'s key that grant privileges on the network associated with the particular user to whom the key is assigned.
  - 10. The secure electronic device networks as claimed in claim 1 wherein end user devices is coupled to the local networks via the internet.

11. An authenticating key for access of an end users electronic device to a plurality of independent networks each having a network management system, the authenticating key comprising a key attachment mechanism which is attachable to an input plug of an end user device, each key configured to create a communication link between the network management system of each selected independent network and the key, wherein the communication between the network management system for the selected network and the key is not preconfigured on the end user device, each key further containing a validation certificate therein unique to the selected network, wherein the network can verify the presence of a current validation certificate on the key for that network coupled to the end users device through the communication link prior to granting access to the selected network.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The authenticating key claimed in claim 11 wherein each key further includes network protection software.
  - 13. The authenticating key claimed in claim 11 wherein each key attaches to a universal serial bus port of the end user device.
  - 14. The authenticating key as claimed in claim 13 wherein each key is a USB port flash drive.
  - 15. The authenticating key as claimed in claim 11 wherein each key includes password management software.
  - 16. The authenticating key as claimed in claim 11 wherein each key further includes a personal profile on an individual'"'"'s key that grant privileges on the networks associated with the particular user to whom the key is assigned.
  - 17. The authenticating key as claimed in claim 16 wherein each key is on the order of 1″
    - to 5″
      
      in length and includes indicia thereon.

18. A token based authentication system for network management and security of online networks comprising:
- authenticating key tokens for access of end user devices to at least one online end user device network, the authenticating key comprising a key attachment mechanism which is attachable to an input plug of an end user device, each key further containing at least one validation certificate therein associated with an specific end user device network, wherein the validation certificate includes a global identifier specific to the user and a private credential private credential specific to the associated end user device network; and
  
  a network management system associated with the at least one online end user device network, wherein the network management system can verify the presence of a current validation certificate on the key coupled to the end users device prior to granting access to the associated online end user device network.
- View Dependent Claims (19, 20)
- - 19. The token based authentication system for network management and security of online networks according to claim 18 wherein each validation certificate of each key that is associated with a specific end user device network further includes a connection profile associated with the specific end user device network;
    - and wherein a private credential for the specific network is stored remote from the key, and wherein the connection profile associated with the specific end user device network and the private credential for the specific network combine to form a mutual, two way authentication for the system.
  - 20. The token based authentication system for network management and security of online networks according to claim 18 wherein each key includes a plurality of validation certificates with each certificate containing a common global identifier specific to the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Directpointe Incorporated
Original Assignee
Sweet Spot Solutions, Inc. (DigitalBridge Group, Inc.)
Inventors
Beck, Justin, Swensen, Chad

Application Number

US11/735,579
Publication Number

US 20070186099A1
Time in Patent Office

Days
Field of Search
US Class Current

713/159
CPC Class Codes

G06F 21/34   involving the use of extern...

H04L 2463/082   applying multi-factor authe...

H04L 63/0272   Virtual private networks

H04L 63/06   for supporting key manageme...

H04L 63/0823   using certificates cryptogr...

H04L 63/0853   using an additional device,...

H04L 63/0869   for achieving mutual authen...

H04L 63/162   at the data link layer

H04L 9/3226   using a predetermined code,...

H04L 9/3234   involving additional secure...

H04L 9/3263   involving certificates, e.g...

H04L 9/3273   for mutual authentication n...

H04W 12/068   using credential vaults, e....

H04W 12/069   using certificates or pre-s...

H04W 84/12   WLAN [Wireless Local Area N...

H04W 88/08   Access point devices

TOKEN BASED TWO FACTOR AUTHENTICATION AND VIRTUAL PRIVATE NETWORKING SYSTEM FOR NETWORK MANAGEMENT AND SECURITY AND ONLINE THIRD PARTY MULTIPLE NETWORK MANAGEMENT METHOD

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

66 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

TOKEN BASED TWO FACTOR AUTHENTICATION AND VIRTUAL PRIVATE NETWORKING SYSTEM FOR NETWORK MANAGEMENT AND SECURITY AND ONLINE THIRD PARTY MULTIPLE NETWORK MANAGEMENT METHOD

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

66 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links