Authentication and authorization mechanisms for Fortezza passwords
First Claim
1. A method for receiving and authenticating a Fortezza password within a computer system that also receives and authenticates passwords of other types and to thereby selectively permit a client associated with the Fortezza password to access a network that is protected by the computer system, the method comprising the steps of:
- receiving, from the client, user access information associated with a particular user of the client;
determining, based on the user access information and a database that contains profile information associated with the user, a password type associated with the user;
when the password type is FORTEZZA, requesting authentication of the password from a Fortezza server;
granting the client access to the network when the Fortezza server approves the password; and
when the password type is any type other than FORTEZZA, requesting authentication of the password from an authentication process that is associated with that password type.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus that provide network access control are disclosed. In one embodiment, a network access control apparatus is configured to receive and authenticate a password that uses the “Fortezza” cryptographic protocol, and to receive and authenticate passwords of other types, to thereby selectively permit a client associated with the Fortezza password to access a protected network. A Fortezza card reader is coupled to the client and associated with a Fortezza card that contains the Fortezza password. A network access server is logically coupled to the client. An access control server is coupled logically between the client and the protected network and that controls access of the client to the protected network. A Fortezza authentication server is coupled to the access control server for communication therewith. A database is coupled to the access control server and that contains profile information associated with the user. The access control server receives, from the client, user access information associated with a particular user of the client; determining, based on the user access information and a database, a type of a password associated with the user; when the password type is FORTEZZA, requesting authentication of the password from a Fortezza server; granting the client access to the network when the Fortezza server approves the password; and when the password type is any type other than FORTEZZA, requesting authentication of the password from an authentication process that is associated with that password type.
228 Citations
15 Claims
-
1. A method for receiving and authenticating a Fortezza password within a computer system that also receives and authenticates passwords of other types and to thereby selectively permit a client associated with the Fortezza password to access a network that is protected by the computer system, the method comprising the steps of:
-
receiving, from the client, user access information associated with a particular user of the client;
determining, based on the user access information and a database that contains profile information associated with the user, a password type associated with the user;
when the password type is FORTEZZA, requesting authentication of the password from a Fortezza server;
granting the client access to the network when the Fortezza server approves the password; and
when the password type is any type other than FORTEZZA, requesting authentication of the password from an authentication process that is associated with that password type. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A computer-readable medium carrying one or more sequences of instructions for receiving and authenticating a Fortezza password within a computer system that also receives and authenticates passwords of other types and to thereby selectively permit a client associated with the Fortezza password to access a network that is protected by the computer system, wherein execution of the one or more sequences of instructions by one or more processors causes the one or more processors to perform the steps of:
-
receiving, from the client, user access information associated with a particular user of the client;
determining, based on the user access information and a database that contains profile information associated with the user, a password type associated with the user;
when the password type is FORTEZZA, requesting authentication of the password from a Fortezza server;
granting the client access to the network when the Fortezza server approves the password; and
when the password type is any type other than FORTEZZA, requesting authentication of the password from an authentication process that is associated with that password type. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A password authentication apparatus configured to receive and authenticate a Fortezza password and to receive and authenticate passwords of other types, to thereby selectively permit a client associated with the Fortezza password to access a protected network, the apparatus comprising:
-
an access control server logically interposed between the client and the protected network;
a Fortezza authentication server coupled to the access control server for communication therewith;
a database coupled to the access control server and that contains profile information associated with the user;
means for generating the Fortezza password, coupled to the client;
means in the access control server for receiving, from the client, user access information associated with a particular user of the client;
determining, based on the user access information and a database, a password type associated with the user;
when the password type is FORTEZZA, requesting authentication of the password from a Fortezza server;
granting the client access to the network when the Fortezza server approves the password; and
when the password type is any type other than FORTEZZA, requesting authentication of the password from an authentication process that is associated with that password type.- View Dependent Claims (12, 13, 14)
-
-
15. A password authentication apparatus configured to receive and authenticate a Fortezza password and to receive and authenticate passwords of other types, to thereby selectively permit a client associated with the Fortezza password to access a protected network, the apparatus comprising:
-
a Fortezza card reader coupled to the client and associated with a Fortezza card that contains the Fortezza password;
a network access server logically coupled to the client;
an access control server coupled logically between the client and the protected network and that controls access of the client to the protected network;
a Fortezza authentication server coupled to the access control server for communication therewith;
a database coupled to the access control server and that contains profile information associated with the user;
means in the access control server for receiving, from the client, user access information associated with a particular user of the client;
determining, based on the user access information and a database, a password type associated with the user;
when the password type is FORTEZZA, requesting authentication of the password from a Fortezza server;
granting the client access to the network when the Fortezza server approves the password; and
when the password type is any type other than FORTEZZA, requesting authentication of the password from an authentication process that is associated with that password type.
-
Specification