Controlling access to a protected network
First Claim
1. A system for controlling access to a protected network via a computer, the system comprising:
- a network access control module coupled to the protected network, the network access control module configured to restrict access to the network to a user via the computer coupled to the protected network; and
a communication device associated with the computer, the communication device configured to automatically transmit a unique identifier in response to activation of a dedicated log-on button on said communication device to request access, via the computer, to the protected network, the unique identifier identifying the communication device to the network access control module,wherein the network access control module is further configured to authenticate the communication device based on the unique identifier in response to the network access control module receiving the unique identifier,wherein said network access control module is further configured to authenticate and authorize the user via the communication device subsequent to authenticating the communication device, andwherein said network access control module is further configured to establish a secure communication channel with said computer and subsequently submit log-on information of the user directly to a log-on interface of the computer subsequent to authenticating and authorizing the user, wherein said submitting log-on information to said computer causes said computer to use said log-on information to provide to said user access to said protected network so that the user can use the protected network via the computer.
1 Assignment
0 Petitions
Accused Products
Abstract
A system for controlling access to a protected network includes a network access control module that is coupled to the protected network and which is configured to restrict access to the network to an authorized user through a computer coupled to the protected network. The system also includes a communication device associated with the computer. The communication device automatically transmits a unique identifier corresponding to the communication device to the network access control module when a user uses the communication device to request access to the protected network via the computer. When the network access control module receives the unique identifier, the network access control module is configured to authenticate the communication device based on the unique identifier, to authenticate the user via the communication device when the communication device is authenticated, and when the user is authenticated, to submit log-on information directly to a log-on interface of the computer associated with the communication device so that the user can access the protected network via the computer.
24 Citations
24 Claims
-
1. A system for controlling access to a protected network via a computer, the system comprising:
-
a network access control module coupled to the protected network, the network access control module configured to restrict access to the network to a user via the computer coupled to the protected network; and a communication device associated with the computer, the communication device configured to automatically transmit a unique identifier in response to activation of a dedicated log-on button on said communication device to request access, via the computer, to the protected network, the unique identifier identifying the communication device to the network access control module, wherein the network access control module is further configured to authenticate the communication device based on the unique identifier in response to the network access control module receiving the unique identifier, wherein said network access control module is further configured to authenticate and authorize the user via the communication device subsequent to authenticating the communication device, and wherein said network access control module is further configured to establish a secure communication channel with said computer and subsequently submit log-on information of the user directly to a log-on interface of the computer subsequent to authenticating and authorizing the user, wherein said submitting log-on information to said computer causes said computer to use said log-on information to provide to said user access to said protected network so that the user can use the protected network via the computer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for controlling access to a protected network, the method comprising:
-
receiving by a network access control module coupled to the protected network a unique identifier from a communication device, said unique identifier corresponding to said communication device, wherein said communication device is associated with a computer, wherein said unique identifier is transmitted by said communication device in response to a user activating a dedicated log-on button on the communication device to request access to the protected network; using, by said network access control module, the unique identifier to authenticate the communication device; in response to successfully authenticating the communication device, said network access control module authenticating the user via the communication device; and in response to successfully authenticating the user, said network access control module establishing a secure communication channel with said computer and subsequently submitting log-on information of the user directly to a log-on interface of the computer, said submitting log-on information to said computer causing said computer to use said log-on information to provide to said user access to said protected network so that the user can use the protected network via the computer. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A non-transitory computer readable storage medium containing program instructions which when executed perform a method for controlling access to a protected network, the computer readable storage medium comprising program instructions for:
-
receiving over a secure communication channel a unique identifier that identifies a communication device associated with a computer when said user uses the communication device to request access to a protected network by activating a dedicated log-on button on the communication device; using the unique identifier to authenticate the communication device; in response to successfully authenticating the communication device, authenticating the user via the communication device; and in response to successfully authenticating the user, establishing a secure communication channel with said computer and subsequently submitting log-on information of the user directly to a log-on interface of the computer, said submitting log-on information to said computer causing said computer to use said log-on information to provide to said user access to said protected network associated with the communication device so that the user can use the protected network via the computer. - View Dependent Claims (19)
-
-
20. A server for controlling access to a protected network, the server comprising:
-
a network access module configured to restrict access to the protected network to a user; a data store communicatively coupled to the network access control module for storing information comprising authentication information and log-on information of a computer coupled to a protected network; and a communication interface communicatively coupled to the network access control module and configured to receive over a first secure communication channel from a separate communication device a unique identifier that identifies the separate communication device, said communication device associated with the computer, wherein said communication device is configured to transmit said unique identifier in response to a dedicated log-on button on said communication device being activated; wherein the network access control module is further configured to authenticate the communication device based on the unique identifier in response to receiving the unique identifier; wherein the network access control module is further configured to authenticate the user via the communication device over the first secure communication channel when the communication device is successfully authenticated; and wherein the network access control module is further configured to establish, in response to authenticating the user, a second secure communication channel and transmit over said second secure communication channel log-on information of the user to a log-on interface of the computer associated with the communication device, said transmitting said log-on information to said log-on interface of the computer causing said computer to use said log-on information to provide to said user access to the protected network so that the user can use the protected network via the computer. - View Dependent Claims (21, 22, 23)
-
-
24. A computer-implemented method for controlling access to a protected network, the method comprising:
-
receiving, by a processor, over a secure communication channel a unique identifier that identifies a communication device and that is transmitted by said communication device in response to a log-on button thereon being activated, said communication device associated with a computer; using, by a processor, the unique identifier to authenticate the communication device; subsequently authenticating, by a processor, the user via the successfully authenticated communication device; establishing, by a processor, a secure communication channel with said computer in response to successfully authenticating the user; and subsequently submitting log-on information of the user directly to a log-on interface of the computer, said submitting log-on information to said computer causing said computer to use said log-on information to provide to said user access to said protected network so that the user can use the protected network via the computer.
-
Specification