System and method for secure legacy enclaves in a public key infrastructure

US 6,898,710 B1
Filed: 12/05/2000
Issued: 05/24/2005
Est. Priority Date: 06/09/2000
Status: Expired due to Term

First Claim

Patent Images

1. A system for a secure legacy enclave in a Public Key Infrastructure (PKI) comprising:

at least one legacy server, the at least one legacy server containing at least one legacy application;

at least one client platform operatively connected to a network, the at least one client platform containing legacy client software employable by at least one user to access the at one legacy application;

a directory operably connected to the network, the directory containing information on the at least one user, the directory further containing information on each at least one user designating whether each at least one user is authorized to access the at least one legacy server; and

a Virtual Private Network (VPN) extranet gateway, the VPN extranet gateway operatively connected between the at least one legacy server and the network, the VPN extranet gateway requesting a signature certificate of the at least one user attempting access to the legacy application to authenticate the at least one user, the VPN extranet gateway querying the directory to confirm the at least one user is allowed access to the legacy server after authenticating the at least one user, the VPN extranet gateway establishing a connection between the legacy client software and the legacy application if the at least one user is allowed access to the legacy server.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

System and method for secure legacy enclaves in a Public Key Infrastructure that includes one or more legacy servers, client platforms, directories, and a Virtual Private Network extranet gateway. The servers contain one or more legacy applications and are connected to a first network. The client plafforms are connected to a second network and contain legacy software employable by users to access the legacy applications. The directories are connected to the second network and contain information on user authorization to access the servers. The gateway is connected between the servers and the second network. The gateway requests a signature certificate of each user attempting access to a legacy application; queries the directory to confirm the user is allowed access to the server after authenticating the user; and establishes a connection between the legacy software and the legacy application if the user is allowed access to the server.

49 Citations

View as Search Results

11 Claims

1. A system for a secure legacy enclave in a Public Key Infrastructure (PKI) comprising:
- at least one legacy server, the at least one legacy server containing at least one legacy application;
  
  at least one client platform operatively connected to a network, the at least one client platform containing legacy client software employable by at least one user to access the at one legacy application;
  
  a directory operably connected to the network, the directory containing information on the at least one user, the directory further containing information on each at least one user designating whether each at least one user is authorized to access the at least one legacy server; and
  
  a Virtual Private Network (VPN) extranet gateway, the VPN extranet gateway operatively connected between the at least one legacy server and the network, the VPN extranet gateway requesting a signature certificate of the at least one user attempting access to the legacy application to authenticate the at least one user, the VPN extranet gateway querying the directory to confirm the at least one user is allowed access to the legacy server after authenticating the at least one user, the VPN extranet gateway establishing a connection between the legacy client software and the legacy application if the at least one user is allowed access to the legacy server.
- View Dependent Claims (2)
- - 2. The system according to claim 1, wherein the directory comprises a database.

3. A system for a secure legacy enclave in a Public Key Infrastructure (PKI) comprising:
- at least one legacy server, the at least one legacy server containing at least one legacy application;
  
  at least one client platform operatively connected to a network, the at least one client platform containing legacy client software employable by at least one user to access the at one legacy application;
  
  a directory operably connected to the network, the directory containing information on the at least one user, the directory further containing information on each at least one user designating whether each at least one user is authorized to access the at least one legacy server;
  
  a Virtual Private Network (VPN) extranet gateway, the VPN extranet gateway operatively connected between the at least one legacy server and the network, the VPN extranet gateway requesting a signature certificate of the at least one user attempting access to the legacy application to authenticate the at least one user, the VPN extranet gateway querying the directory to confirm the at least one user is allowed access to the legacy server after authenticating the at least one user, the VPN extranet gateway establishing a connection between the legacy client software and the legacy application if the at least one user is allowed access to the legacy server; and
  
  a second network, the at least one legacy server operatively connected to the second network, the VPN extranet gateway operatively connected between the second network and the network.

4. A method for secure legacy enclaves in a Public Key Infrastructure (PKI) comprising:
- installing a virtual private network (VPN) extranet gateway between at least one legacy server and a legacy client platform;
  
  attempting access to a legacy application on the at least one legacy server by a user employing legacy client software on the legacy client platform;
  
  requesting a signature certificate of the user by the VPN extranet gateway to authenticate the user;
  
  querying a directory by the VPN extranet gateway after authenticating the user to confirm the user is allowed access to the at least one legacy server; and
  
  establishing a connection between the legacy client software and the legacy application if the user is allowed access to the at least one legacy server.
- View Dependent Claims (5, 6, 7, 8)
- - 5. The method according to claim 4, further comprising configuring the VPN extranet gateway with users allowed access to the at least one legacy server after the installing the VPN extranet gateway between the at least one legacy server and the legacy client platform.
  - 6. The method according to claim 4, wherein the directory comprises a database.
  - 7. The method according to claim 4, further comprising requesting a user ID and password from the user by the legacy server after the connection is established between the legacy client software and the legacy application.
  - 8. The method according to claim 4, further comprising requesting a user ID and password from the user by the VPN extranet gateway before the connection is established between the legacy client software and the legacy application.

9. An article comprising a storage medium having instructions stored therein, the instructions when executed causing a processing device to perform:
- receiving an attempt to access a legacy application on a legacy server by a user employing legacy client software;
  
  requesting a signature certificate of the user to authenticate the user;
  
  querying a directory to confirm the user is allowed access to the legacy server after authenticating the user; and
  
  establishing a connection between the legacy client software and the legacy application if the user is allowed access to the legacy server.
- View Dependent Claims (10, 11)
- - 10. The article according to claim 9, further comprising requesting a user ID and password from the user before the connection is established between the legacy client software and the legacy application.
  - 11. The article according to claim 9, receiving configuration information regarding users allowed access to the at least one legacy server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Northrop Grumman Systems Corporation (Northrop Grumman Corporation)
Original Assignee
Northrop Grumman Corporation
Inventors
Aull, Kenneth W.
Primary Examiner(s)
Peeso, Thomas R.

Application Number

US09/730,044
Time in Patent Office

1,631 Days
Field of Search

713/182, 713/189, 713/200, 713/201
US Class Current

713/182
CPC Class Codes

G06F 21/33   using certificates

H04L 63/0272   Virtual private networks

H04L 63/0442   wherein the sending and rec...

H04L 63/0815   providing single-sign-on or...

H04L 63/0823   using certificates cryptogr...

H04L 9/006   involving public key infras...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

System and method for secure legacy enclaves in a public key infrastructure

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

49 Citations

11 Claims

Specification

Use Cases

Quick Links

Others

System and method for secure legacy enclaves in a public key infrastructure

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

49 Citations

11 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others