System and method for secure access of a remote system

US 9,313,196 B2
Filed: 11/05/2010
Issued: 04/12/2016
Est. Priority Date: 11/06/2009
Status: Active Grant

First Claim

Patent Images

1. A method for providing a user of a plurality of users with remote access to a network device via a computer system that comprises a processing device and memory accessible by the processing device, and that is configured to communicate with the network device via a first network and with a user of the plurality of users via a second network, wherein the memory stores computer-accessible program code and a web application, the method comprising the steps of:

receiving, at the web application via the second network, a login request from a first user of the plurality of users that includes a login credential;

validating the login credential received from the first user at the login request receiving step against a predetermined login credential that is unique to the first user with respect to login credentials among other users of the plurality of users;

receiving, at the web application via the second network, a request from the first user for access to the network device;

retrieving from memory a login credential for the network device that is common to the plurality of users;

dynamically creating a path to the network device that comprises the first network, an endpoint of the path being automatically defined by masked data within the memory comprising at least one of the group consisting of login credential, IP address, and port setting of the network device, and forwarding the login credential of the network device retrieved from memory to the network device via the path;

thereafter receiving a response from the network device; and

providing the first user access, by the web application via the second network, to the response from the network device without providing the first user access to the at least one of the login credential, IP address, and port setting that comprise the masked data.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for providing a user with secure access to devices operatively connected to a network comprising at least one processing device that has access to a database. The database maintains information for each user of the system, such as the user'"'"'s login credentials and access level or permissions, along with information corresponding to each network device, such as, for example, the device'"'"'s login credentials, IP address, and port settings. The processing device authenticates each user and then provides each user with access to the network devices as defined by the data maintained in the database corresponding to the respective user and the network devices.

27 Citations

View as Search Results

8 Claims

1. A method for providing a user of a plurality of users with remote access to a network device via a computer system that comprises a processing device and memory accessible by the processing device, and that is configured to communicate with the network device via a first network and with a user of the plurality of users via a second network, wherein the memory stores computer-accessible program code and a web application, the method comprising the steps of:
- receiving, at the web application via the second network, a login request from a first user of the plurality of users that includes a login credential;
  
  validating the login credential received from the first user at the login request receiving step against a predetermined login credential that is unique to the first user with respect to login credentials among other users of the plurality of users;
  
  receiving, at the web application via the second network, a request from the first user for access to the network device;
  
  retrieving from memory a login credential for the network device that is common to the plurality of users;
  
  dynamically creating a path to the network device that comprises the first network, an endpoint of the path being automatically defined by masked data within the memory comprising at least one of the group consisting of login credential, IP address, and port setting of the network device, and forwarding the login credential of the network device retrieved from memory to the network device via the path;
  
  thereafter receiving a response from the network device; and
  
  providing the first user access, by the web application via the second network, to the response from the network device without providing the first user access to the at least one of the login credential, IP address, and port setting that comprise the masked data.
- View Dependent Claims (6)
- - 6. The method of claim 1, wherein,in the providing step, the memory includes an identification of access permission rights for the first user,after the access request receiving step and before the login credential forwarding step, the method includes the step of retrieving the access permission rights for the first user, andthe login credential forwarding step is performed based on whether the access permission rights identify the first user as having permission to access the network device.

2. A system for automating a login to a network device, comprising:
- a computer system that comprises a processing device and memory accessible by the processing device, and that is configured to communicate with a network device via a first network and with a first user of a plurality of users via a second network, wherein the memory stores computer-executable program code that comprises a database,wherein the database includes, for each user of the plurality of users, a login credential that is unique to the user with respect to login credentials among the other users of the plurality of users and includes a login credential for the network device that is common to the plurality of users, andwherein the computer-executable program code is executable by the processing device to implement a method comprising the steps ofreceiving a login request from the first user via the second network that includes a login credential,validating the login credential received from the first user at the login request receiving step against the unique login credential for the first user at the database,receiving, from the first user via the second network, a request to access the network device,in response to the request at the access request receiving step, retrieving the login credential for the network device, dynamically creating a path to the network device that comprises the first network, an endpoint of the path being automatically defined by masked data within the database comprising at least one of the group consisting of login credential, IP address, and port setting of the network device, and forwarding the retrieved login credential to the network device via the path,thereafter receiving a response from the network device and providing the first user access, via the second network, to the response without providing the first user access to the at least one of the login credential, IP address, and port setting for the network device that comprise the masked data.
- View Dependent Claims (3, 4, 7)
- - 3. The system as in claim 2, wherein the first network and the second network are the same network.
  - 4. The system as in claim 3, wherein the first network and the second network include the Internet.
  - 7. The system as in claim 2, whereinthe database includes an identification of access permission rights for the first user,after the access request receiving step and before the login credential forwarding step, the method includes the step of retrieving the access permission rights for the first user, andthe login credential forwarding step is performed based on whether the access permission rights identify the first user as having permission to access the network device.

5. A system for automating a login to a network device, comprising:
- a computer system that comprises a processing device and memory accessible by the processing device, and that is in communication with a network device via a first network and configured to communicate with a first user of a plurality of users via a second network, wherein the memory stores computer-executable program code,wherein the memory includes a login credential for the network device that is common to the plurality of users and includes a login credential for the first user, andwherein the computer-executable program code is executable by the processing device to implement a method comprising the steps ofreceiving a login request from the first user via the second network, the login request including a login credential,validating the login credential received from the first user at the login request receiving step against the login credential for the first user at the memory,receiving, from the first user via the second network, a request to access the network device,in response to the request at the access request receiving step, retrieving the login credential for the network device, dynamically creating a path to the network device that comprises the first network, an endpoint of the path being automatically defined by masked data within the memory comprising at least the login credential of the network device, and forwarding the retrieved login credential to the network device, via the path,thereafter receiving a response from the network device, removing from the response the login credential for the network device that comprises the masked data, and thereafter providing the first user access, via the second network, to the response.
- View Dependent Claims (8)
- - 8. The system as in claim 5, whereinthe memory includes an identification of access permission rights for the first user,after the access request receiving step and before the login credential forwarding step, the method includes the step of retrieving the access permission rights for the first user, andthe login credential forwarding step is performed based on whether the access permission rights identify the first user as having permission to access the network device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bohicketsc LLC
Original Assignee
Certified Cyber Solutions, Inc.
Inventors
Pritchard, John Russell Jr.
Primary Examiner(s)
Lagor, Alexander

Application Number

US12/940,177
Publication Number

US 20110277019A1
Time in Patent Office

1,985 Days
Field of Search

726 4- 8
US Class Current

1/1
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/0815   providing single-sign-on or...

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04L 63/10   for controlling access to d...

System and method for secure access of a remote system

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

27 Citations

8 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for secure access of a remote system

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

27 Citations

8 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links