Token based two factor authentication and virtual private networking system for network management and security and online third party multiple network management method
First Claim
1. Secure electronic device networks comprising:
- A plurality of independent networks;
, wherein each independent network has a network host and a plurality of end user devices attachable to the network forming nodes thereof, wherein each end user device has input plugs for coupling accessories thereto and each network host includes a private network host credential unique for each network host ;
A network managing system which is configured for authenticating the end user devices attached to one independent network;
A plurality of authenticating keys, with each key attachable to an input plug of an end user device, each key containing at least three authenticating credentials therein for each independent network, wherein the three authentication credentials for each independent network includei) a first credential in the form of a global identifier including a certificate having selected end user information, wherein the global identifier is common for each network,ii) a second credential in the form of a private credential identifying an individual end user which is generated by the network host of the associated network following receipt of the first credential, andiii) a third credential in the form of a connection profile generated by the associated network,whereby the authenticating is accomplished through the network managing system'"'"'s confirmation of the presence of the four credentials including the private network host credential from the network host and the three authentication credentials on the key when the key is coupled to the end user device, and wherein this presence of the four credentials is validated prior to granting access to the independent network.
0 Assignments
0 Petitions
Accused Products
Abstract
A two-factor network authentication system uses “something you know” in the form of a password/Pin and “something you have” in the form of a key token. The password is encrypted in a secure area of the USB device and is protected from brute force attacks. The key token includes authentication credentials. Users cannot authenticate without the key token. Four distinct authentication elements that the must be present. The first element is a global unique identifier that is unique to each key. The second is a private credential generated from the online service provider that is stored in a secure area of the USB device. The third element is a connection profile that is generated from the online service provider. The fourth element is a credential that is securely stored with the online service provider. The first two elements create a unique user identity. The second two elements create mutual authentication.
53 Citations
17 Claims
-
1. Secure electronic device networks comprising:
-
A plurality of independent networks;
, wherein each independent network has a network host and a plurality of end user devices attachable to the network forming nodes thereof, wherein each end user device has input plugs for coupling accessories thereto and each network host includes a private network host credential unique for each network host ;A network managing system which is configured for authenticating the end user devices attached to one independent network; A plurality of authenticating keys, with each key attachable to an input plug of an end user device, each key containing at least three authenticating credentials therein for each independent network, wherein the three authentication credentials for each independent network include i) a first credential in the form of a global identifier including a certificate having selected end user information, wherein the global identifier is common for each network, ii) a second credential in the form of a private credential identifying an individual end user which is generated by the network host of the associated network following receipt of the first credential, and iii) a third credential in the form of a connection profile generated by the associated network, whereby the authenticating is accomplished through the network managing system'"'"'s confirmation of the presence of the four credentials including the private network host credential from the network host and the three authentication credentials on the key when the key is coupled to the end user device, and wherein this presence of the four credentials is validated prior to granting access to the independent network. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of network management comprising the steps of:
-
Providing a plurality of independent networks, wherein each independent network has a network host and a plurality of end user devices selectively attachable to the independent network forming nodes thereof, wherein each end user device has input plugs for coupling accessories thereto and each network host includes a private network host credential unique for each network host; Providing a plurality of authenticating keys, with each key attachable to an input plug of an end user device, each key containing at least three authenticating credentials for each independent network therein, wherein the three authentication credentials for each independent network include i) a first credential in the form of a global identifier including a certificate having selected user information, wherein the global identifier is common for each network, ii) a second credential in the form of a private credential identifying an individual end user which is generated by the network host of the associated network following receipt of the first credential, and iii) a third credential in the form of a connection profile generated by the associated network; Attaching one authenticating key to an input plug of one end user device; Coupling the end user device to one independent network; authenticating the access of the end user device to the individual network through the confirmation of the presence of the four credentials including the private credential from the network host and the three authentication credentials on the key when the key is coupled to the end user device, wherein each key includes password management software thereon, and wherein each key further includes network protection software.
-
-
9. An authenticating key for access of an end users electronic device to a plurality of independent networks and authenticated by a network management system, the authenticating key comprising a key attachment mechanism which is attachable to an input plug of an end user device, wherein the key is configured to create a communication link between the network management system and the key, each key further containing three authentication credentials for each independent network, wherein the three authentication credentials for each independent network include
i) a first credential in the form of a global identifier including a certificate having selected user information, wherein the global identifier is common for each network, ii) a second credential in the form of a private credential identifying an individual end user which is generated by a network host of the associated network following receipt of the first credential, and iii) a third credential in the form of a connection profile generated by the associated network, wherein the authenticating key is configured to provide the network management system with confirmation of the presence of the credentials using the communication link.
Specification