Distributed subscriber management system
First Claim
1. A distributed subscriber management method for a user network for performing user authentication for an external network at an access control node, the external network being connected to the access control node by means of an access network;
- comprising;
(a) receiving, at an access control node operatively connected to a plurality of user networks, a data unit from a user located on one of the plurality of user networks;
(b) determining that the data unit requires authentication;
(c) authenticating the determined data unit; and
(d) determining that the authenticated data unit is eligible for transmission.
4 Assignments
0 Petitions
Accused Products
Abstract
A distributed subscriber management system and method that controls access to a network preventing unauthorized traffic through the access network and providing centralized access control between user networks. The system and method provide controlled access through the use of one of several technologies including user authentication, using PAP, CHAP, RADIUS, TACACS+, or other standard authentication means. The method includes the steps of receiving a connection request from a user located on one of the User Networks; interrogating the user for userid and password information; encrypting the userid and password information; transmitting the encrypted information, via the access network, to an authentication server attached to one of a plurality of external networks; decrypting the information at the authentication server; and transmitting an authentication message from the authentication server of the external network to the access control node via the access network. The preferred method includes the additional step of challenging all data leaving the access control node.
143 Citations
26 Claims
-
1. A distributed subscriber management method for a user network for performing user authentication for an external network at an access control node, the external network being connected to the access control node by means of an access network;
- comprising;
(a) receiving, at an access control node operatively connected to a plurality of user networks, a data unit from a user located on one of the plurality of user networks;
(b) determining that the data unit requires authentication;
(c) authenticating the determined data unit; and
(d) determining that the authenticated data unit is eligible for transmission. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- comprising;
-
15. An integrated access device, for placement between a user network and an external network, the external network having an access rights authentication server, comprising:
-
a user network interface for operatively connecting to a plurality of user networks to receive data units from the plurality of user networks;
an authentication agent, operatively connected to the user network interface for authenticating, authorising and forwarding data units received from the plurality of user networks;
an external network interface, operatively connected to the authentication agent, for forwarding data units authorised by the authentication agent to an external network. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
Specification