Secure Key Distribution to Internet Clients
First Claim
1. A method comprising:
- receiving a first request for evidence of authentication from a client device, said request being received through a wide area network;
analyzing said first request to determine that said first request meets a predefined guideline;
transfer said first request to a credential server within a local area network;
receiving a set of evidence of authentication from said credential server; and
transferring said set of evidence of authentication to said client, said set of evidence of authentication being usable to establish an authenticated connection to a service provided from within said local area network.
2 Assignments
0 Petitions
Accused Products
Abstract
A server may bridge between a wide area network, such as the Internet, and a local area network and may process authentication requests from clients on the wide area network. The server may filter the requests to enable specific types of requests to pass, and may forward the requests to a credential server within the local area network and pass any responses back to the client. The server may be configured with some or all of a set of domain services objects, but such objects may be stored in a read only format. The server may further contain a minimum of or no sensitive data such that, if compromised, an attacker may gain little advantage. The client may request evidence of authentication available to devices within the local area network and may use the evidence of authentication to access services made available to the wide area network.
-
Citations
20 Claims
-
1. A method comprising:
-
receiving a first request for evidence of authentication from a client device, said request being received through a wide area network; analyzing said first request to determine that said first request meets a predefined guideline; transfer said first request to a credential server within a local area network; receiving a set of evidence of authentication from said credential server; and transferring said set of evidence of authentication to said client, said set of evidence of authentication being usable to establish an authenticated connection to a service provided from within said local area network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system comprising:
-
a connection to the Internet; a connection to a local area network; an authentication request processor configured to; receive a first request for evidence of authentication from a client device, said request being received through said Internet; analyze said first request to determine that said first request meets a predefined guideline; transfer said first request to a credential server within a local area network; receive a set of evidence of authentication from said credential server; and transfer said set of evidence of authentication to said client, said set of evidence of authentication being usable to establish an authenticated connection to a service provided from said local area network. - View Dependent Claims (14, 15, 16, 17, 18)
-
-
19. A method comprising:
-
connecting to a credential server on a local area network; receiving a copy of a set of domain services objects from said credential server; making said copy of a set of domain services objects available to a wide area network; receiving a first request for evidence of authentication from a client device, said request being received through said wide area network; analyzing said first request to determine that said first request meets a predefined guideline; transfer said first request to a credential server within a local area network; receiving a set of evidence of authentication from said credential server; and transferring said set of evidence of authentication to said client, said set of evidence of authentication being usable to establish an authenticated connection to a service provided from said local area network. - View Dependent Claims (20)
-
Specification