OBSCURING AUTHENTICATION DATA OF REMOTE USER
First Claim
1. A method comprising:
- obtaining a plurality of user authentication data parts from a remote user device as part of an authentication request, wherein the user authentication data parts were received in a plurality of messages, at lest two of the plurality of messages message having been received at different logical ports;
assembling the plurality of user authentication data parts into user authentication data;
checking the authenticity of the authentication request using the user authentication data; and
enabling communication with the remote user device if the authentication request data is determined to be authentic.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method in which authentication data, such as a password, which is sent to a server/firewall as part of an authentication request, for example a logon request, is received at the server/firewall in a plurality of messages at a plurality of logical ports from the user, thus improving protection against replay attacks. In one embodiment, a plurality of user authentication data parts is obtained from a remote user device as part of an authentication request, the plurality of user authentication data parts is assembled into user authentication data; the authenticity of the authentication request is checked using the user authentication data; and communication with the remote user device is enabled if the authentication request data is determined to be authentic.
-
Citations
8 Claims
-
1. A method comprising:
-
obtaining a plurality of user authentication data parts from a remote user device as part of an authentication request, wherein the user authentication data parts were received in a plurality of messages, at lest two of the plurality of messages message having been received at different logical ports; assembling the plurality of user authentication data parts into user authentication data; checking the authenticity of the authentication request using the user authentication data; and enabling communication with the remote user device if the authentication request data is determined to be authentic. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method comprising:
-
receiving a plurality of messages from a user device at a plurality of logical ports; determining each message comprises a part of an authentication request from the user device, providing each of the plurality of message to a data processing host for processing as part of an authentication request. - View Dependent Claims (8)
-
Specification