Systems and methods for providing dynamic network authorization authentication and accounting
DCFirst Claim
1. A method for selectably controlling and customizing source access to a network, wherein the source is associated with a source computer, comprising:
- receiving at the gateway device a request from the source computer for access to the network wherein the gateway device enables the source computer to access any network regardless of network configurations via a packet translation learned during a self configuration and no configuration software need be installed on the source computer to access the network;
identifying an attribute associated with the source based upon a packet transmitted from the source computer and received by the gateway device;
accessing a source profile corresponding to the source and stored in a source profile database, wherein the source profile is accessed based upon the attribute, and wherein the source profile database is located external to the gateway device and in communication with the gateway device, anddetermining the access rights of the source based upon the source profile, wherein access rights define the rights of the source to access the network.
8 Assignments
Litigations
0 Petitions
Accused Products
Abstract
Systems and methods for selectably controlling and customizing source access to a network, where the source is associated with a source computer, and wherein the source computer has transparent access to the network via a gateway device and no configuration software need be installed on the source computer to access the network. A user may be prevented access from a particular destination or site based upon the user'"'"'s authorization while being permitted to access to other sites that the method and system deems accessible. The method and system can identify a source without that source'"'"'s knowledge, and can access customizable access rights corresponding to that source in a source profile database. The source profile database can be a remote authentication dial-in user service (RADIUS) or a lightweight directory access protocol (LDAP) database. The method and system use source profiles within the source profile database to dynamically authorize source access to networks and destinations via networks.
334 Citations
24 Claims
-
1. A method for selectably controlling and customizing source access to a network, wherein the source is associated with a source computer, comprising:
-
receiving at the gateway device a request from the source computer for access to the network wherein the gateway device enables the source computer to access any network regardless of network configurations via a packet translation learned during a self configuration and no configuration software need be installed on the source computer to access the network; identifying an attribute associated with the source based upon a packet transmitted from the source computer and received by the gateway device; accessing a source profile corresponding to the source and stored in a source profile database, wherein the source profile is accessed based upon the attribute, and wherein the source profile database is located external to the gateway device and in communication with the gateway device, and determining the access rights of the source based upon the source profile, wherein access rights define the rights of the source to access the network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for selectably controlling and customizing access, to a network, by a source, where the source is associated with a source computer, and wherein no configuration software need be installed on the source computer to access the network, comprising:
-
a gateway device, wherein the gateway device receives a request from the source for access to the network and provides the source computer with access to the network regardless of network configurations via a packet translation learned during a self configuration; a source profile database in communication with the gateway device and located external to the gateway device, wherein the source profile database stores access information identifiable by an attribute associated with the source, and wherein the attribute is identified based upon a data packet transmitted from the source computer and received by the gateway device, and an Authentication, Authorization and Accounting (AAA) server in communication with the gateway device and source profile database, wherein the AAA server determines if the source is entitled to access the network based upon the access information stored within the source profile database, and wherein the AAA server determines the access rights of the source, wherein access rights define the rights of the source to access destination sites via the network. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A method for redirecting a source attempting to access a destination through a gateway device, wherein source is associated with a source computer, and wherein the gateway device enables the source to communicate with a network, comprising:
-
receiving at the gateway device a request from the source to access the network regardless of network configurations via a packet translation learned during a self configuration and without requiring the source computer to include network software configured for the network; identifying the source based upon an attribute associated with the source; accessing a source profile database located external to the gateway device, the source profile database storing access rights of the source; determining the access rights of the source based upon the identification of the source, wherein the access rights define the rights of the source to access destination sites via the network; and directing the source to a redirection site when the source profile is not located within the source profile database. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
-
Specification