Systems and methods of controlling network access
First Claim
1. A method for network access control, the method comprising:
- receiving authentication information and device information from a device seeking network access using an extensible authentication protocol (EAP);
executing an extensible authentication protocol module (EAPM) stored in memory, wherein execution of the EAPM by a processor authenticates the device seeking network access, wherein authentication of the device is based on at least an evaluation of the received authentication information;
directing the received device information to a gatekeeper for approval; and
executing an extensible authentication server layer (ESL) stored in memory, wherein execution of the ESL by a processor configures an access point responsive to gatekeeper approval of the authenticated device seeking network access.
1 Assignment
0 Petitions
Accused Products
Abstract
A new approach to network security includes manipulating an access point such that an initial communication from an external device is passed to a restricted subset of a computing network including a gatekeeper. The gatekeeper is configured to enforce a security policy against the external device before granting access to a less-restricted subset of the computing network. If requirements of the security policy are satisfied, then the gatekeeper reconfigures the access point such that further communication from the external device may be received by elements of the less-restricted subset. Enforcement of the security policy optionally includes performing a security audit of the external device.
-
Citations
5 Claims
-
1. A method for network access control, the method comprising:
-
receiving authentication information and device information from a device seeking network access using an extensible authentication protocol (EAP); executing an extensible authentication protocol module (EAPM) stored in memory, wherein execution of the EAPM by a processor authenticates the device seeking network access, wherein authentication of the device is based on at least an evaluation of the received authentication information; directing the received device information to a gatekeeper for approval; and executing an extensible authentication server layer (ESL) stored in memory, wherein execution of the ESL by a processor configures an access point responsive to gatekeeper approval of the authenticated device seeking network access. - View Dependent Claims (2, 3, 4)
-
-
5. A non-transitory computer-readable storage medium, having embodied thereon a program, the program being executable by a processor to perform a method for network access control, the method comprising:
-
receiving authentication information and device information from a device seeking network access using an extensible authentication protocol (EAP); authenticating the device seeking network access, wherein authentication of the device is based on at least an evaluation of the received authentication information; directing the received device information to a gatekeeper for approval; and configuring an access point responsive to gatekeeper approval of the authenticated device seeking network access.
-
Specification
-
- Resources
-
Current AssigneeInfoExpress, Inc.
-
Original AssigneeInfoExpress, Inc.
-
InventorsLum, Stacey C., Lee, Yuhshiow Alice
-
Primary Examiner(s)Song, Hosuk
-
Application NumberUS13/157,310Publication NumberTime in Patent Office242 DaysField of Search726 1- 4, 726 11- 12, 726/15, 713/150, 713/153, 713/155, 713/168, 713/170, 380/270, 709224-225, 709228-229US Class Current726/2CPC Class CodesH04L 63/0876 based on the identity of th...H04L 63/20 for managing network securi...
