Intelligent token protected system with network authentication

US 5,892,902 A
Filed: 09/05/1996
Issued: 04/06/1999
Est. Priority Date: 09/05/1996
Status: Expired due to Term

First Claim

Patent Images

1. In a system including a local host computer and a remote host computer, a method of accessing the remote host computer comprising:

selecting an intelligent token having critical information stored thereon;

communicating user authentication information between a user and the intelligent token to authenticate the user to the intelligent token;

communicating host authentication information between the intelligent token and the local host computer responsive to authentication of the user to the intelligent token to authenticate the local host computer to the intelligent token; and

communicating user authentication information between the intelligent token and the remote host computer without further user input to allow the remote host computer access to the critical information stored on the intelligent token responsive to authentication of the local host computer to the intelligent token.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An intelligent token protected system includes a local host computer, an intelligent token in communication with the local host computer and a remote host computer in communication with the local host computer. The intelligent token interacts with the local host computer to perform a secure boot on the local host computer with minimal user input. Without additional user input, the intelligent token also interacts with the remote host computer to authenticate the local host computer to the remote host computer.

Citations

21 Claims

1. In a system including a local host computer and a remote host computer, a method of accessing the remote host computer comprising:
- selecting an intelligent token having critical information stored thereon;
  
  communicating user authentication information between a user and the intelligent token to authenticate the user to the intelligent token;
  
  communicating host authentication information between the intelligent token and the local host computer responsive to authentication of the user to the intelligent token to authenticate the local host computer to the intelligent token; and
  
  communicating user authentication information between the intelligent token and the remote host computer without further user input to allow the remote host computer access to the critical information stored on the intelligent token responsive to authentication of the local host computer to the intelligent token.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of accessing the remote host computer of claim 1 wherein communicating user authentication information between the intelligent token and the remote host computer includes:
    - sending a request for access from the intelligent token to the remote host computer and sending a challenge from the remote host computer to the intelligent token in response to the request for access.
  - 3. The method of accessing the remote host computer of claim 2 wherein communicating user authentication information between the intelligent token and the remote host computer further includes:
    - storing the challenge in a memory of the remote host computer, generating a response to the challenge in the intelligent token, sending the response to the remote host computer, and validating the response using the stored challenge.
  - 4. The method of accessing the remote host computer of claim 3 wherein the challenge is randomly generated.
  - 5. The method of accessing the remote host computer of claim 3 wherein the response to the challenge is based on a secret.
  - 6. the method of accessing the remote host computer of claim 2 wherein communicating user authentication information between the intelligent token and the remote host computer includes validating the response to the challenge using the remote host computer.

7. An intelligent token for use in a computer system, comprising:
- a CPU;
  
  a first memory unit storing an operating system; and
  
  a second memory unit storing authentication information for a local host computer and access information for a remote domain to provide a user with access to the local host computer and the remote domain.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The intelligent token of claim 7 wherein said second memory unit stores critical information for a remote host computer.
  - 9. The intelligent token of claim 8 wherein the critical information includes authentication information for the remote host computer.
  - 10. The intelligent token of claim 8 wherein the critical information includes a remote access code.
  - 11. The intelligent token of claim 7 wherein the operating system includes an operating system of a local host computer.

12. A system comprising:
- a local host computer;
  
  a remote domain in communication with said local host computer; and
  
  an intelligent token coupled to said local host computer, said intelligent token including a memory storing authentication information for said local host computer and access information for said remote domain to provide a user with access to said local host computer and to said remote domain.
- View Dependent Claims (13, 14, 15, 16)
- - 13. The system of claim 12 wherein said remote domain includes a network of computers.
  - 14. The system of claim 12 wherein said remote domain includes a remote host computer.
  - 15. The system of claim 14 wherein said intelligent token includes means for generating a request for access to said remote host computer and said remote computer includes a challenge generator that generates a challenge responsive to the request for access and transmits the challenge to said intelligent token.
  - 16. The system of claim 15 wherein said intelligent token includes means for generating a response to the challenge and the remote host computer includes means for validating the response.

17. In a system including a local host computer and a remote domain, a method of accessing the local host computer and the remote domain comprising:
- selecting an intelligent token having critical information stored thereon including boot information, host access codes;
  
  reading the host access code from the intelligent token;
  
  validating the host access code in the local host computer;
  
  reading boot information from the intelligent token upon validation of the host access code;
  
  executing the boot operation using boot information read from the intelligent token;
  
  communicating user authentication information between the intelligent token and the remote domain, the remote domain including a host computer, to authenticate the remote host computer to the intelligent token.
- View Dependent Claims (18, 19, 20, 21)
- - 18. The method of claim 17 wherein communicating user authentication information between the intelligent token and the remote host computer includes:
    - sending a request for access from the intelligent token to the remote host computer responsive to completion of the boot operation and sending a challenge from the remote host computer to the intelligent token in response to the request for access.
  - 19. The method of claim 18 wherein communicating user authentication information between the intelligent token and the remote host computer further includes:
    - storing the challenge in a memory of the remote host computer, generating a response to the challenge in the intelligent token and sending the response to the remote host computer.
  - 20. The method of claim 19 further comprising validating the response in the remote host computer to allow the remote host computer access to the critical information stored on the intelligent token.
  - 21. The method of claim 20 wherein the remote domain includes a computer network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intellectual Ventures Assets 19 LLC (Intellectual Ventures LLC)
Original Assignee
Paul C. Clark
Inventors
Clark, Paul C.
Primary Examiner(s)
Beausoliel, Jr., Robert W.
Assistant Examiner(s)
Baderman, Scott T.

Application Number

US08/708,412
Time in Patent Office

943 Days
Field of Search

395/187.01, 395/186, 395/188.01, 380/3, 380/4, 380/25, 364/286.5
US Class Current

726/5
CPC Class Codes

G06F 21/34   involving the use of extern...

G06F 21/575   Secure boot

G06F 2221/2103   Challenge-response

Intelligent token protected system with network authentication

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Intelligent token protected system with network authentication

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links