System for and method of securing a network utilizing credentials

US 9,160,735 B2
Filed: 06/16/2014
Issued: 10/13/2015
Est. Priority Date: 05/24/2006
Status: Active Grant

First Claim

Patent Images

1. A method of increasing network security comprising:

a. transmitting an initial packet from a first device to a second device;

b. receiving the initial packet at the second device from the first device;

c. verifying the initial packet for proper credentials;

d. sending an acknowledgment from the second device to the first device only if the proper credentials are verified; and

e. transmitting one or more subsequent packets from the first device to the second device without verifying the subsequent packets have proper credentials;

wherein the verification of the initial packet is performed independent of whether a device identifier or a user identifier of the first device is recognized by the second device, and further wherein the credentials are verified at the second device.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for and method of securing a network are described herein. A receiving device listens for packets with proper credentials. If a transmitting device sends the correct credentials, the receiving device will respond with an acknowledgment and further data is able to be transmitted. However, if the transmitting device does not send a packet with the proper credentials, then the receiving device will drop the packet and not respond. Thus, the transmitting device will be unaware of the presence of the receiving device, in particular when hackers are using scanning software to locate target devices.

287 Citations

37 Claims

1. A method of increasing network security comprising:
- a. transmitting an initial packet from a first device to a second device;
  
  b. receiving the initial packet at the second device from the first device;
  
  c. verifying the initial packet for proper credentials;
  
  d. sending an acknowledgment from the second device to the first device only if the proper credentials are verified; and
  
  e. transmitting one or more subsequent packets from the first device to the second device without verifying the subsequent packets have proper credentials;
  
  wherein the verification of the initial packet is performed independent of whether a device identifier or a user identifier of the first device is recognized by the second device, and further wherein the credentials are verified at the second device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method as claimed in claim 1 wherein the first device is a client and the second device is a server.
  - 3. The method as claimed in claim 1 wherein the first device is a server and the second device is a client.
  - 4. The method as claimed in claim 1 further comprising dropping the initial packet if the proper credentials are not verified.
  - 5. The method as claimed in claim 1 wherein a protocol for receiving the initial packet is User Datagram Protocol or any functionally equivalent protocol.
  - 6. The method as claimed in claim 1 wherein a protocol for sending an acknowledgment is Transmission Control Protocol or any functionally equivalent protocol.
  - 7. The method as claimed in claim 1 wherein the first device and the second device are coupled by a network.
  - 8. The method as claimed in claim 7 wherein the network is the Internet.
  - 9. The method as claimed in claim 7 wherein the network is an intranet.

10. A method of increasing network security comprising:
- a. transmitting an initial packet from a first device to a second device;
  
  b. receiving the initial packet at the second device from the first device;
  
  c. verifying the initial packet for proper credentials;
  
  d. sending an acknowledgment from the second device to the first device only if the proper credentials are verified;
  
  e. dropping the initial packet if the proper credentials are not verified; and
  
  f. transmitting one or more subsequent packets from the first device to the second device without verifying the subsequent packets have proper credentials;
  
  wherein the verification of the initial packet is performed independent of whether a device identifier or a user identifier of the first device is recognized by the second device.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The method as claimed in claim 10 wherein the first device is a client and the second device is a server.
  - 12. The method as claimed in claim 10 wherein the first device is a server and the second device is a client.
  - 13. The method as claimed in claim 10 wherein a protocol for receiving the initial packet is User Datagram Protocol or any functionally equivalent protocol.
  - 14. The method as claimed in claim 10 wherein a protocol for sending an acknowledgment is Transmission Control Protocol or any functionally equivalent protocol.
  - 15. The method as claimed in claim 10 wherein the first device and the second device are coupled by a network.
  - 16. The method as claimed in claim 15 wherein the network is the Internet.
  - 17. The method as claimed in claim 15 wherein the network is an intranet.

18. A system for increasing network security comprising:
- a. one or more first devices for transmitting an initial packet and one or more subsequent packets;
  
  b. one or more second devices for receiving the initial packet and one or more subsequent packets, wherein the one or more second devices are coupled to the one or more first devices through a network; and
  
  c. a set of credentials within the initial packet for verification, wherein the one or more second devices send an acknowledgment back to the one or more first devices only if the set of credentials are verified;
  
  wherein the verification of the initial packet is performed independent of whether a device identifier or a user identifier of each of the first devices is recognized by the second devices, and further wherein the first devices transmit and the second devices receive the subsequent packets without verifying the subsequent packets have proper credentials if the acknowledgment is received.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25)
- - 19. The system as claimed in claim 18 wherein the first device is a client and the second device is a server.
  - 20. The system as claimed in claim 18 wherein the first device is a server and the second device is a client.
  - 21. The system as claimed in claim 18 wherein the one or more second devices drop the initial packet if the set of credentials are not verified.
  - 22. The system as claimed in claim 18 wherein a protocol for receiving the initial packet is User Datagram Protocol or any functionally equivalent protocol.
  - 23. The system as claimed in claim 18 wherein a protocol for sending an acknowledgment is Transmission Control Protocol or any functionally equivalent protocol.
  - 24. The system as claimed in claim 18 wherein the network is the Internet.
  - 25. The system as claimed in claim 18 wherein the network is an intranet.

26. A network of devices for increasing network security comprising:
- a. one or more client devices for transmitting an initial packet and one or more subsequent packets;
  
  b. one or more server devices for receiving the initial packet and the subsequent packets, wherein the one or more server devices are coupled to the one or more client devices through a network; and
  
  c. a set of credentials within the packet for verification, wherein the one or more server devices send an acknowledgment back to the one or more client devices only if the set of credentials are verified;
  
  wherein the verification of the initial packet is performed independent of whether a device identifier or a user identifier of each of the client devices is recognized by the server devices, and further wherein the client devices transmit and the server devices receive the subsequent packets without verifying the subsequent packets have proper credentials if the acknowledgment is received.
- View Dependent Claims (27, 28, 29, 30, 31)
- - 27. The network of devices as claimed in claim 26 wherein the one or more server devices drop the initial packet if the set of credentials are not verified.
  - 28. The network of devices as claimed in claim 26 wherein a protocol for receiving the packet is User Datagram Protocol or any functionally equivalent protocol.
  - 29. The network of devices as claimed in claim 26 wherein a protocol for sending an acknowledgment is Transmission Control Protocol or any functionally equivalent protocol.
  - 30. The network of devices as claimed in claim 26 wherein the network is the Internet.
  - 31. The network of devices as claimed in claim 26 wherein the network is an intranet.

32. An apparatus comprising a memory device, the memory device comprising:
- a. an initial packet for increasing network security, the initial packet comprising;
  
  i. data; and
  
  ii. a set of credentials,wherein the set of credentials are analyzed by a receiving device such that the receiving device sends an acknowledgment back and receives one or more subsequent packets without verifying the subsequent packets have proper credentials only if the set of credentials are valid, further wherein the apparatus is configured to transmit the initial packet to the receiving device independent of whether a device identifier or a user identifier of the receiving device is recognized by the apparatus.
- View Dependent Claims (33, 34, 35, 36, 37)
- - 33. The packet as claimed in claim 32 wherein the set of credentials are selected from the group consisting of a key, a code and a signature.
  - 34. The packet as claimed in claim 32 wherein the set of credentials are stored within a header.
  - 35. The packet as claimed in claim 32 wherein the set of credentials are stored within a wrapper.
  - 36. The packet as claimed in claim 32 wherein the set of credentials are encrypted.
  - 37. The packet as claimed in claim 32 wherein the initial packet is a User Datagram Protocol packet or any functionally equivalent protocol.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Inventors
Keith, Robert O. Jr.
Primary Examiner(s)
HO, DUC CHI

Application Number

US14/306,044
Publication Number

US 20140304791A1
Time in Patent Office

484 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

H04L 2101/663   Transport layer addresses, ...

H04L 47/27   Evaluation or update of win...

H04L 63/0254   Stateful filtering

H04L 63/08   for authentication of entit...

H04L 63/10   for controlling access to d...

H04L 63/1441   Countermeasures against mal...

H04L 63/1466   Active attacks involving in...

System for and method of securing a network utilizing credentials

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

287 Citations

37 Claims

Specification

Solutions

Use Cases

Quick Links

System for and method of securing a network utilizing credentials

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

287 Citations

37 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links