Electronic information network user authentication and authorization system
First Claim
Patent Images
1. A system for authenticating a user to any service or computer on a heterogenous computer network comprising:
- at least one workstation in communication with a network; and
a removable, personally protectable coprocessor adapted to communicate with the workstation,the coprocessor adapted to receive user-provided initialization information from the workstation,the coprocessor adapted to receive signals including first encrypted authentication information from the workstation, the coprocessor including a preselected first key to decrypt the first encrypted authentication information, the coprocessor further programmed to assemble second authentication information and to encrypt the second authentication information using at least one of (i) a key contained within the first encrypted authentication information and (ii) a preselected second key and to send the second encrypted authentication information to the network via the workstation,whereby the user is authenticated to access the networked computer or service.
3 Assignments
0 Petitions
Accused Products
Abstract
A system for authenticating and authorizing a user to access services on a heterogenous computer network. The system includes at least one workstation and one authorization server connected to each other through a network. A user couples a personally protectable coprocessor (smart card) to the workstation by means of a bidirectional communications channel. The coprocessor is adapted to receive signals including first encrypted authentication information and to decrypt the first encrypted authentication information using a preselected first key. The coprocessor is further adapted to assemble and encrypt second authentication information using a preselected second key and to transmit the encrypted second encrypted authentication information to the workstation. The workstation then communicates the information onto the network whereby the user is authenticated to access the networked computer or service.
344 Citations
4 Claims
-
1. A system for authenticating a user to any service or computer on a heterogenous computer network comprising:
-
at least one workstation in communication with a network; and a removable, personally protectable coprocessor adapted to communicate with the workstation, the coprocessor adapted to receive user-provided initialization information from the workstation, the coprocessor adapted to receive signals including first encrypted authentication information from the workstation, the coprocessor including a preselected first key to decrypt the first encrypted authentication information, the coprocessor further programmed to assemble second authentication information and to encrypt the second authentication information using at least one of (i) a key contained within the first encrypted authentication information and (ii) a preselected second key and to send the second encrypted authentication information to the network via the workstation, whereby the user is authenticated to access the networked computer or service. - View Dependent Claims (2, 3)
-
-
4. A system for authenticating a user to any service or computer on a heterogenous computer network comprising:
-
one authorization server in communication with the network; at least one workstation in communication with the network; and a removable, personally protectable coprocessor adapted to communicate with the workstation, the coprocessor adapted to receive user-provided initialization information from the workstation, the coprocessor adapted to receive signals including first encrypted authentication information from the workstation, the coprocessor programmed to include a preselected first key to decrypt the first encrypted authentication information, the coprocessor further programmed to receive signals including a preselected second key from the authorization server, the coprocessor further programmed to assemble second authentication information and to encrypt the second authentication information using at least one of (i) a key contained within the first encrypted authentication information and (ii) the preselected second key, and to send the second encrypted authentication information to the network via the workstation, whereby the user is authenticated to access the networked computer or service.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeGreen Wireless LLC (Intellectual Ventures LLC)
-
Original AssigneeMitre Corporation
-
InventorsTrostle, Jonathan T., Chodorow, David A., Krajewski, Marjan Jr., Baldwin, Peter T., Chipchak, John C.
-
Primary Examiner(s)Barron, Jr., Gilberto
-
Application NumberUS08/134,399Time in Patent Office1,176 DaysField of Search380/25, 380/4, 380/23, 380/21US Class Current713/159CPC Class CodesG06F 21/335 for accessing specific reso...G06Q 20/341 Active cards, i.e. cards in...G06Q 20/40975 using encryption thereforG07F 7/1008 Active credit-cards provide...H04L 63/06 for supporting key manageme...H04L 63/0807 using tickets, e.g. Kerbero...H04L 63/083 using passwords cryptograph...H04L 63/0853 using an additional device,...H04L 9/3213 using tickets or tokens, e....H04L 9/3234 involving additional secure...H04L 9/3297 involving time stamps, e.g....
