Systems and methods for user access authentication based on network access point
First Claim
1. A method of user access authentication, the method comprising:
- receiving by a first network access point a first authentication request from a second network access point based on a user device access request for accessing a secure data network;
sending a second authentication request based on the first authentication request to an identity server wherein the second authentication request is associated with the second network access point;
obtaining from the user device access request a first network access point identity of the first network access point and a second network access point identity of the second network access point;
determining at the identity server whether to grant a user device access to the secure data network by comparing a user identity and the first and second access point identities to a stored plurality of user identities and corresponding validated pairs of network access point identities; and
granting access to the secure data network when the user identity and the access point identities obtained match with one of the stored plurality of user identities and its corresponding validated pair of network point identities.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods of authenticating user access based on an access point to a secure data network include a secure data network having a plurality of a network access points serving as entry points for a user to access the secure data network using a user device. The user is associated with a user identity, each network access point with a network access point identity. The user uses a user device to send an access request, requesting access to the secure data network, to the network access point, which then sends an authentication request to an identity server. The identity server processes the authentication request, by validating the combination of the user identity and the network access point identity, and responds with an authentication response, granting or denying access, as communicated to the user device via an access response.
84 Citations
32 Claims
-
1. A method of user access authentication, the method comprising:
-
receiving by a first network access point a first authentication request from a second network access point based on a user device access request for accessing a secure data network; sending a second authentication request based on the first authentication request to an identity server wherein the second authentication request is associated with the second network access point; obtaining from the user device access request a first network access point identity of the first network access point and a second network access point identity of the second network access point; determining at the identity server whether to grant a user device access to the secure data network by comparing a user identity and the first and second access point identities to a stored plurality of user identities and corresponding validated pairs of network access point identities; and granting access to the secure data network when the user identity and the access point identities obtained match with one of the stored plurality of user identities and its corresponding validated pair of network point identities. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for user access authentication, the system comprising:
-
a secure data network comprising at least a first network access point and a second network access point, the first network access point that receives a first authentication request from the second network access point based on a user device access request for accessing the secure data network; and an identity server in communication with the secure data network via one of the network access points, wherein the identity server receives a second authentication request associated with the second network access point;
whereinthe identity server obtains from the user device access request a first network access point identity of the first network access point and a second network access point identity of the second network access point; determines whether to grant a user device access to the secure data network by comparing a user identity and the first and second access point identities to a stored plurality of user identities and corresponding validated pairs of network access point identities; and grants access to the secure data network when the user identity and the access point identities obtained match with one of the stored plurality of user identities and its corresponding validated pair of network point identities. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A method of user access authentication, the method comprising:
-
receiving at a first network access point an access request to a secure data network from a user device; generating an authentication request in response to receiving the access request wherein the authentication request comprises a log of a communication path; sending the authentication request from the first network access point via a second network access point to an identity server for processing; obtaining from the user device access request a first network access point identity of the first network access point and a second network access point identity of the second network access point; determining at the identity server whether to grant a user device access to the secure data network by comparing a user identity and the first and second access point identities to a stored plurality of user identities and corresponding validated pairs of network access point identities; and granting access to the secure data network when the user identity and the access point identities obtained match with one of the stored plurality of user identities and its corresponding validated pair of network point identities. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. A system for user access authentication comprising:
-
a secure data network comprising at least a first network access point and a second network access point, and an identity server, wherein the first network access point receives an access request to the secure data network from a user device; wherein the system generates an authentication request in response to receiving the access request, the authentication request comprising a log of a communication path; sends the authentication request from the first network access point via the second network access point to an identity server for processings; obtains from the user device access request a first network access point identity of the first network access point and a second network access point identity of the second network access point; determines at the identity server whether to grant a user device access to the secure data network by comparing a user identity and the first and second access point identities to a stored plurality of user identities and corresponding validated pairs of network access point identities; and grants access to the secure data network when the user identity and the access point identities obtained match with one of the stored plurality of user identities and its corresponding validated pair of network point identities. - View Dependent Claims (29, 30, 31, 32)
-
Specification