Token based two factor authentication and virtual private networking system for network management and security and online third party multiple network management method

US 8,973,122 B2
Filed: 04/20/2012
Issued: 03/03/2015
Est. Priority Date: 03/04/2004
Status: Active Grant

First Claim

Patent Images

1. Secure electronic device networks comprising:

A plurality of independent networks;

, wherein each independent network has a network host and a plurality of end user devices attachable to the network forming nodes thereof, wherein each end user device has input plugs for coupling accessories thereto and each network host includes a private network host credential unique for each network host ;

A network managing system which is configured for authenticating the end user devices attached to one independent network;

A plurality of authenticating keys, with each key attachable to an input plug of an end user device, each key containing at least three authenticating credentials therein for each independent network, wherein the three authentication credentials for each independent network includei) a first credential in the form of a global identifier including a certificate having selected end user information, wherein the global identifier is common for each network,ii) a second credential in the form of a private credential identifying an individual end user which is generated by the network host of the associated network following receipt of the first credential, andiii) a third credential in the form of a connection profile generated by the associated network,whereby the authenticating is accomplished through the network managing system'"'"'s confirmation of the presence of the four credentials including the private network host credential from the network host and the three authentication credentials on the key when the key is coupled to the end user device, and wherein this presence of the four credentials is validated prior to granting access to the independent network.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A two-factor network authentication system uses “something you know” in the form of a password/Pin and “something you have” in the form of a key token. The password is encrypted in a secure area of the USB device and is protected from brute force attacks. The key token includes authentication credentials. Users cannot authenticate without the key token. Four distinct authentication elements that the must be present. The first element is a global unique identifier that is unique to each key. The second is a private credential generated from the online service provider that is stored in a secure area of the USB device. The third element is a connection profile that is generated from the online service provider. The fourth element is a credential that is securely stored with the online service provider. The first two elements create a unique user identity. The second two elements create mutual authentication.

53 Citations

View as Search Results

17 Claims

1. Secure electronic device networks comprising:
- A plurality of independent networks;
  
  , wherein each independent network has a network host and a plurality of end user devices attachable to the network forming nodes thereof, wherein each end user device has input plugs for coupling accessories thereto and each network host includes a private network host credential unique for each network host ;
  
  A network managing system which is configured for authenticating the end user devices attached to one independent network;
  
  A plurality of authenticating keys, with each key attachable to an input plug of an end user device, each key containing at least three authenticating credentials therein for each independent network, wherein the three authentication credentials for each independent network includei) a first credential in the form of a global identifier including a certificate having selected end user information, wherein the global identifier is common for each network,ii) a second credential in the form of a private credential identifying an individual end user which is generated by the network host of the associated network following receipt of the first credential, andiii) a third credential in the form of a connection profile generated by the associated network,whereby the authenticating is accomplished through the network managing system'"'"'s confirmation of the presence of the four credentials including the private network host credential from the network host and the three authentication credentials on the key when the key is coupled to the end user device, and wherein this presence of the four credentials is validated prior to granting access to the independent network.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The secure electronic device networks as claimed in claim 1 wherein each key attaches to a universal serial bus port of the end user device.
  - 3. The secure electronic device networks as claimed in claim 2 wherein the network managing system utilizes at least one additional network access validating tool which is distinct from the authenticating keys for access to the networks.
  - 4. The secure electronic device networks as claimed in claim 3 wherein the network managing system utilizes at least one of a user inputted Personal Identification Number and a user inputted password.
  - 5. The secure electronic device networks as claimed in claim 1 wherein each key includes password management software thereon.
  - 6. The secure electronic device networks as claimed in claim 1 wherein each key further includes network protection software.
  - 7. The secure electronic device networks as claimed in claim 1 wherein at least one independent network is a Wi-Fi network.

8. A method of network management comprising the steps of:
- Providing a plurality of independent networks, wherein each independent network has a network host and a plurality of end user devices selectively attachable to the independent network forming nodes thereof, wherein each end user device has input plugs for coupling accessories thereto and each network host includes a private network host credential unique for each network host;
  
  Providing a plurality of authenticating keys, with each key attachable to an input plug of an end user device, each key containing at least three authenticating credentials for each independent network therein, wherein the three authentication credentials for each independent network includei) a first credential in the form of a global identifier including a certificate having selected user information, wherein the global identifier is common for each network,ii) a second credential in the form of a private credential identifying an individual end user which is generated by the network host of the associated network following receipt of the first credential, andiii) a third credential in the form of a connection profile generated by the associated network;
  
  Attaching one authenticating key to an input plug of one end user device;
  
  Coupling the end user device to one independent network;
  
  authenticating the access of the end user device to the individual network through the confirmation of the presence of the four credentials including the private credential from the network host and the three authentication credentials on the key when the key is coupled to the end user device, wherein each key includes password management software thereon, and wherein each key further includes network protection software.

9. An authenticating key for access of an end users electronic device to a plurality of independent networks and authenticated by a network management system, the authenticating key comprising a key attachment mechanism which is attachable to an input plug of an end user device, wherein the key is configured to create a communication link between the network management system and the key, each key further containing three authentication credentials for each independent network, wherein the three authentication credentials for each independent network includei) a first credential in the form of a global identifier including a certificate having selected user information, wherein the global identifier is common for each network,ii) a second credential in the form of a private credential identifying an individual end user which is generated by a network host of the associated network following receipt of the first credential, andiii) a third credential in the form of a connection profile generated by the associated network, wherein the authenticating key is configured to provide the network management system with confirmation of the presence of the credentials using the communication link.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
- - 10. The authenticating key as claimed in claim 9 wherein the key further includes network protection software.
  - 11. The authenticating key as claimed in claim 10 wherein the key includes password management software.
  - 12. The authenticating key claimed in claim 11 wherein the key attaches to a universal serial bus port of the end user device.
  - 13. The authenticating key as claimed in claim 12 wherein the key is a USB port flash drive.
  - 14. The authenticating key as claimed in claim 11 wherein the key is a flash drive.
  - 15. The authenticating key claimed in claim 9 wherein the key attaches to a universal serial bus port of the end user device.
  - 16. The authenticating key as claimed in claim 15 wherein the key is a USB port flash drive.
  - 17. The authenticating key as claimed in claim 16 wherein key includes password management software.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Directpointe Incorporated
Original Assignee
Directpointe Incorporated
Inventors
Beck, Justin M., Swensen, Chad L
Primary Examiner(s)
SIMITOSKI, MICHAEL J

Application Number

US13/451,743
Publication Number

US 20130104214A1
Time in Patent Office

1,047 Days
Field of Search

713/156, 713/169, 713/170, 713/185, 726/5, 726/9, 726/29, 380/270, 709/225, 709/229, 705/55, 705/67
US Class Current

726/9
CPC Class Codes

G06F 21/34   involving the use of extern...

H04L 2463/082   applying multi-factor authe...

H04L 63/0272   Virtual private networks

H04L 63/06   for supporting key manageme...

H04L 63/0823   using certificates cryptogr...

H04L 63/0853   using an additional device,...

H04L 63/0869   for achieving mutual authen...

H04L 63/162   at the data link layer

H04L 9/3226   using a predetermined code,...

H04L 9/3234   involving additional secure...

H04L 9/3263   involving certificates, e.g...

H04L 9/3273   for mutual authentication n...

H04W 12/068   using credential vaults, e....

H04W 12/069   using certificates or pre-s...

H04W 84/12   WLAN [Wireless Local Area N...

H04W 88/08   Access point devices

Token based two factor authentication and virtual private networking system for network management and security and online third party multiple network management method

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

53 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Token based two factor authentication and virtual private networking system for network management and security and online third party multiple network management method

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

53 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links