Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

System, method, apparatus and computer program product for facilitating digital communications

a technology of digital communication and computer program, applied in the field of system, method, apparatus and computer program product for facilitating digital communication, can solve the problems of vpn being compromised, vpn using a conventional vpn client is vulnerable to the extent of user's ra credentials vulnerable, and encrypted user id and passwords are not necessarily protected from th

Inactive Publication Date: 2005-04-14
IBM CORP
View PDF54 Cites 56 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the conventional protocol for a remote access (RA) client (a client for creating an Internet connection) communicates the login credentials of the users in an unsecured fashion.
If a user maintains identical login credentials for RA authentication and VPN authentication, then the VPN is compromised if the user's RA credentials are stolen.
Accordingly, a VPN using a conventional VPN client is vulnerable to the extent the user's RA credentials are vulnerable.
Thus even in these situations, encrypted user ID and passwords are not necessarily protected from theft.
In fact, the user ID and password are subject to theft whenever they are communicated in clear text, whether by unscrupulous ISP employees, or others who have hacked into the ISP network.
Accordingly, RA credentials are vulnerable to compromise, potentially leading to theft of Internet access services, and compromise of a VPN accessed by credentials identical to the RA credentials.
Conventional dial-up Internet networks and networking protocols (e.g. PAP and CHAP) do not support the notion of sending challenges to the user.
If either of these message types were returned from the ACESERVER to the dial in server, authentication would fail, as they are unrecognized message types.
By permitting remote users to bypass the network security perimeter, enterprises run a significant risk that a user establishing a VPN connection to the corporate network is doing so from an unsafe and / or already “infected” machine.
This connectivity from an unsafe computer creates a risk that the computer could be used as source of an attack on the network without the end user being aware of it.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System, method, apparatus and computer program product for facilitating digital communications
  • System, method, apparatus and computer program product for facilitating digital communications
  • System, method, apparatus and computer program product for facilitating digital communications

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0041] Referring now to the drawings, wherein like reference numerals designate identical or corresponding parts throughout the several views.

[0042] An exemplary embodiment of the present invention is illustrated in FIG. 4. FIG. 4 shows a computer system including a client 100 running on a computer 110 having a connection to the Internet 40 through NAS 42. Platform 150 is also connected to Internet 40. Remote RADIUS server 190 is connected to platform 150 through IPSec tunnel 188. Platform 150 includes Authentication, Decryption, and Routing System 200 and Single Sign On Application Server (SSOS) 160. Computer 110 has a SECUREID 120 associated therewith.

[0043] When a user requires access to remote server 210 from computer 110, the user enters their login credentials (user ID and password) into computer 110. Client 100 encrypts the user's ID and separately encrypts the user's password prior to passing the encrypted credentials to computer 110, which then transmits the credentials o...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A computer-implemented method and apparatus authenticates a user of a remote computer over a network. In one aspect of the present invention, an authentication challenge is received at said remote computer an authentication challenge message from an authentication server over a network, at least a portion of the network including an Internet communication link. A passcode is received at the remote computer. A response message to the authentication challenge is created, the response message including the passcode. The response message is transmitted from the remote computer to the authentication server over the network. The remote computer receives a verification message from the authentication server that the response message is verified.

Description

CROSS REFERENCE TO RELATED APPLICATIONS [0001] This application claims the benefit of the earlier filing date of U.S. Provisional Application No. 60 / 495,131, filed Aug. 15, 2003, entitled “System, Method, Apparatus and Computer Program Product for Facilitating Digital Communications” and U.S. Provisional Application No. 60 / 581,729, filed Jun. 23, 2004, entitled “System, Method, Apparatus and Computer Program Product for Facilitating Digital Communications,” the entirety of both of which being incorporated herein by reference.FIELD OF THE INVENTION [0002] The present invention generally relates to systems and methods for providing secure digital communications over a computer network. BACKGROUND OF THE INVENTION [0003] A Virtual Private Network (VPN) is a private network created over a public network where exclusive client and host communications occur. A conventional VPN connects users or sites over a public network, usually the Internet. Virtual privacy is derived from secure tunne...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06FG06F11/30G06F21/31G06F21/41H04K1/00H04L9/00H04L12/28H04L12/46H04L12/56H04L29/06
CPCH04L9/3271H04L12/2898H04L63/0272H04L63/0414H04L63/0428H04L69/168H04L63/102H04W74/00H04L9/3226H04L69/16H04L63/083
Inventor NICODEMUS, BLAIR GAVERBLUESTONE, DEREKADAMS, CLINTONPAPPANO, JOSEPH E.PRESSMAN, HOWARD M.
Owner IBM CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com