CA2578186A1 - System and method for access control - Google Patents
System and method for access control Download PDFInfo
- Publication number
- CA2578186A1 CA2578186A1 CA002578186A CA2578186A CA2578186A1 CA 2578186 A1 CA2578186 A1 CA 2578186A1 CA 002578186 A CA002578186 A CA 002578186A CA 2578186 A CA2578186 A CA 2578186A CA 2578186 A1 CA2578186 A1 CA 2578186A1
- Authority
- CA
- Canada
- Prior art keywords
- identifier
- server
- gateway
- encryption key
- certificate
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract 27
- 230000004913 activation Effects 0.000 abstract 4
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/069—Authentication using certificates or pre-shared keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
- H04W12/082—Access security using revocation of authorisation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
- H04W12/084—Access security using delegated authorisation, e.g. open authorisation [OAuth] protocol
Abstract
A system and method for access control is provided. In one embodiment, a system includes a computing device connected to an access server that controls the ability of the computing device to access to a computing resource, such as the Internet.
The access server connects to an activation server via a network. The activation server is operable to receive a request for to generate a certificate for the computing device from the activation server. The activation server is operable to generate the certificate and embed a unique identifier of the computing device and/or the access server and/or the like inside the certificate. Once generated, the certificate is installed in the computing device. When the computing device initiates a request to access the computing resource, the computing device initially sends the certificate to the access server. If the certificate received by the access server does not include the expected unique identifier(s), then access to the computing resource is prevented and/or restricted. If the key received by the access server includes the expected unique identifier(s), then access to the computing resource is permitted.
The access server connects to an activation server via a network. The activation server is operable to receive a request for to generate a certificate for the computing device from the activation server. The activation server is operable to generate the certificate and embed a unique identifier of the computing device and/or the access server and/or the like inside the certificate. Once generated, the certificate is installed in the computing device. When the computing device initiates a request to access the computing resource, the computing device initially sends the certificate to the access server. If the certificate received by the access server does not include the expected unique identifier(s), then access to the computing resource is prevented and/or restricted. If the key received by the access server includes the expected unique identifier(s), then access to the computing resource is permitted.
Claims (54)
1. In a gateway server, a method of controlling access to a resource comprising:
receiving a digital certificate from a device;
extracting an identifier embedded into said certificate;
determining if said identifier is valid;
if said identifier is determined to be valid, permitting said device to access said resource; and, if said identifier is determined to be invalid, denying said device access to said resource.
receiving a digital certificate from a device;
extracting an identifier embedded into said certificate;
determining if said identifier is valid;
if said identifier is determined to be valid, permitting said device to access said resource; and, if said identifier is determined to be invalid, denying said device access to said resource.
2. The method of claim 1 further comprising, if said identifier is determined to be invalid, revoking said digital certificate.
3. The method of claim 1 further comprising determining whether said certificate has been revoked, and, if said certificate has been revoked, denying said device access to said resource.
4. The method of claim 1 wherein said identifier is a gateway identifier associated with said gateway server and said determining step involves comparing said extracted identifier with a local store of said identifier.
5. The method of claim 4 wherein said identifier is selected from the group consisting of a serial number associated with a central processing unit of said gateway server; a hard drive identifier associated with a hard drive local to said gateway server; a unique name of said server assigned to an operating system executing on said server; a name associated with a set of gateway servers.
6. The method of claim 1 wherein said identifier is a device identifier unique to said device.
7. The method of claim 6 wherein said determining step comprises comparing said extracted identifier with a list of one or more valid device identifiers for at least one of the gateway server and the resource.
8. The method of claim 6 wherein said determining step comprises receiving a second device identifier from the device and comparing said extracted identifier with said second device identifier, said device identifier being valid if said extracted device identifier is equivalent to said second device identifier.
9. The method of claim 8 wherein said step of receiving the digital certificate comprises receiving one or more packets from the device and the step of receiving the second device identifier comprises extracting said second device identifier from a header of at least one of the packets.
10. The method of claim 6 wherein said identifier is selected from the group consisting of a serial number associated with a central processing unit of said device; a hard drive identifier associated with a hard drive local to said device; a unique name of said device assigned to an operating system executing on said device.
11. The method of claim 1 wherein said certificate includes a device public encryption key associated with said device and said identifier is a digital signature generated by signing said device public encryption key with a gateway server public encryption key associated with said server, and wherein said determining step comprises determining a validity of said digital signature using a gateway server private encryption key, said identifier being invalid if said digital signature cannot be verified using said gateway server private encryption key.
12. The method of claim 1 wherein said identifier is at least one of: a) a gateway identifier associated with said gateway server; b) a device identifier unique to said device;
and c) a digital signature generated by signing a device public encryption key embedded in said certificate.
and c) a digital signature generated by signing a device public encryption key embedded in said certificate.
13. The method of claim 1 wherein said extracted identifier comprises a plurality of identifiers and wherein said determining step comprises determining if each of said plurality of identifiers is valid.
14.The method of claim 13 wherein said plurality of identifiers comprise a gateway identifier associated with said gateway server and a device identifier unique to said device.
15. The method of claim 14, wherein said step of determining if each of said plurality of identifiers is valid comprises comparing said gateway identifier with a local store of said gateway identifier; and comparing said device identifier with a list of one or more valid device identifiers for at least one of the gateway server and the resource.
16. The method of claim 14 wherein said step of determining if each of said plurality of identifiers is valid comprises comparing said gateway identifier with a local store of said gateway identifier; and receiving a second device identifier from the device and comparing said extracted device identifier with said second device identifier, said device identifier being valid if said extracted device identifier is equivalent to said second device identifier.
17. The method of claim 14, wherein said certificate includes a device public encryption key associated with said device and said plurality of identifiers further comprise a digital signature generated by signing said device public encryption key with a gateway server public encryption key associated with said server; and wherein said step of determining if each of said plurality of identifiers is valid further comprises determining a validity of said digital signature using a gateway server private encryption key, said digital signature being invalid if said digital signature cannot be verified using said gateway server private encryption key.
18. The method of claim 13 wherein said certificate includes a device public encryption key associated with said device and said plurality of identifiers comprise a device identifier unique to said device and a digital signature generated by signing said device public encryption key with a gateway server public encryption key associated with said server; and wherein said step of determining if each of said plurality of identifiers is valid comprises determining if said device identifier is valid; and determining a validity of said digital signature using a gateway server private encryption key, said digital signature being invalid if said digital signature cannot be verified using said gateway server private encryption key.
19. The method of claim 18 wherein the step of determining if said device identifier is valid comprises comparing said device identifier with a list of one or more valid device identifiers for at least one of the gateway server and the resource.
20. The method of claim 18 wherein the step of determining if said device identifier is valid comprises receiving a second device identifier from the device and comparing said extracted device identifier with said second device identifier, said device identifier being valid if said extracted device identifier is equivalent to said second device identifier.
21. The method of claim 1 wherein said resource is selected from the group consisting of at least one of the Internet and a local area network.
22. A gateway server comprising a first interface for connection to a local device and a second interface for connection to a resource, said server further comprising a microcomputer intermediate said interfaces, said microcomputer operable to receive a request for access to said resources from said device, said request including a certificate received from said device, said microcomputer operable to extract an identifier embedded into said certificate and further operable to permit said device to access said resource if said identifier is valid; and to deny said device access to said resource if said identifier is invalid.
23. The server of claim 22 wherein said microcomputer is further operable to revoke said certificate if said identifier is invalid.
24. The server of claim 22 wherein said microcomputer is further operable to determine whether said certificate has been revoked using a certificate revocation list and, if said certificate has been revoked, denying said device access to said resource.
25. The server of claim 22 wherein said identifier is a gateway identifier associated with said gateway server.
26. The server of claim 25 wherein said identifier is selected from the group consisting of a serial number associated with a central processing unit of said gateway server; a hard drive identifier associated with a hard drive local to said gateway server; a unique name of said server assigned to an operating system executing on said server; a name associated with a set of gateway servers.
27. The server of claim 22 wherein said identifier is a device identifier unique to said device.
28. The server of claim 27 wherein the microcomputer is operable to determine a validity of said device identifier using a list of one or more valid device identifiers for at least one of the gateway server and the resource, said identifier being valid if said device identifier is within the list of valid device identifiers.
29. The server of claim 27 wherein the microcomputer is operable to determine a validity of said device identifier using a second device identifier received from said device, said device identifier being valid if said extracted device identifier is equivalent to said second device identifier.
30. The method of claim 29 wherein the microcomputer is operable to extract said second device identifier from a header of at least one packet received from said device.
31. The server of claim 27 wherein said identifier is selected from the group consisting of a serial number associated with a central processing unit of said device; a hard drive identifier associated with a hard drive local to said device; a unique name of said server assigned to an operating system executing on said device.
32. The server of claim 22 wherein said certificate includes a device public encryption key associated with said device and said identifier is a digital signature generated by signing said device public encryption key with a gateway server public encryption key associated with said server, and wherein said microcomputer is operable to determine a validity of said digital signature using a gateway server private encryption key, said identifier being invalid if said digital signature cannot be verified using said gateway server private encryption key.
33. The server of claim 22 wherein said identifier is at least one of: a) a gateway identifier associated with said gateway server; b) a device identifier unique to said device;
and c) a digital signature generated by signing a device public encryption key embedded in said certificate.
and c) a digital signature generated by signing a device public encryption key embedded in said certificate.
34. The server of claim 22 wherein said identifier comprises a plurality of identifiers and wherein said microcomputer is operable to permit said device to access said resource if each of said plurality of identifiers is valid.
35. The server of claim 34 wherein said plurality of identifiers comprise a gateway identifier associated with said gateway server and a device identifier unique to said device.
36. The server of claim 35 wherein said microcomputer is operable to determine a validity of said gateway identifier using a local store of said gateway identifier, said gateway identifier being valid if said gateway identifier is equivalent to said local store of said gateway identifier; and said microcomputer is operable to determine a validity of said device identifier using a list of one or more valid device identifiers for at least one of the gateway server and the resource, said device identifier being valid if said device identifier is within the list of valid device identifiers.
37. The server of claim 35 wherein said microcomputer is operable to determine a validity of said gateway identifier using a local store of said gateway identifier, said gateway identifier being valid if said gateway identifier is equivalent to said local store of said gateway identifier; and said microcomputer is operable to determine a validity of said device identifier using a second device identifier received from said device, said device identifier being valid if said extracted device identifier is equivalent to said second device identifier.
38. The server of claim 35 wherein said certificate includes a device public encryption key associated with said device and said plurality of identifiers further comprise a digital signature generated by signing said device public encryption key with a gateway server public encryption key associated with said server; and wherein said microcomputer is operable to determine a validity of said digital signature using a gateway server private encryption key, said digital signature being invalid if said digital signature cannot be verified using said gateway server private encryption key.
39. The server of claim 34 wherein said certificate includes a device public encryption key associated with said device and said plurality of identifiers comprise a device identifier unique to said device and a digital signature generated by signing said device public encryption key with a gateway server public encryption key associated with said server.
40. The server of claim 39 wherein said microcomputer is operable to determine a validity of said device identifier using a list of one or more valid device identifiers for at least one of the gateway server and the resource, said device identifier being valid if said device identifier is within the list of valid device identifiers; and said microcomputer is operable to determine a validity of said digital signature using a gateway server private encryption key, said digital signature being invalid if said digital signature cannot be verified using said gateway server private encryption key.
41. The server of claim 39 wherein said microcomputer is operable to determine a validity of said device identifier using a second device identifier received from said device, said device identifier being valid if said extracted device identifier is equivalent to said second device identifier; and said microcomputer is operable to determine a validity of said digital signature using a gateway server private encryption key, said digital signature being invalid if said digital signature cannot be verified using said gateway server private encryption key.
42. The server of claim 22 wherein said resource is selected from the group consisting of at least one of the Internet and a local area network.
43. A digital certificate for use on a client device, said digital certificate including an identifier embedded therein, said identifier being extractable by a server to which said device can connect such that said server can permit or deny access to a resource connected to said server based on a validity of said identifier.
44. The certificate of claim 43 wherein said identifier is an identifier associated with said server.
45. The certificate of claim 44 wherein said identifier is selected from the group consisting of a serial number associated with a central processing unit of said gateway server; a hard drive identifier associated with a hard drive local to said gateway server; a unique name of said server assigned to an operating system executing on said server; a name associated with a set of gateway servers.
46. The certificate of claim 43 wherein said identifier is a device identifier unique to said device.
47.The certificate of claim 46 wherein said identifier is selected from the group consisting of a serial number associated with a central processing unit of said device; a hard drive identifier associated with a hard drive local to said device; a unique name of said server assigned to an operating system executing on said device.
48. The certificate of claim 43 wherein said certificate includes a device public encryption key associated with said device and said identifier is a digital signature generated by signing said device public encryption key with a server public encryption key associated with said server, and wherein said server is operable to determine said validity of said digital signature using a gateway server private encryption key, said identifier being invalid if said digital signature cannot be verified using said server private encryption key.
49. The certificate of claim 43 wherein said identifier is at least one identifier selected from the group consisting of: a) a gateway identifier associated with said gateway server;
b) a device identifier unique to said device; and c) a digital signature generated by signing a device public encryption key embedded in said certificate.
b) a device identifier unique to said device; and c) a digital signature generated by signing a device public encryption key embedded in said certificate.
50. The certificate of claim 43 wherein said identifier is a plurality of identifiers selected from the group consisting of: a) a gateway identifier associated with said gateway server; b) a device identifier unique to said device; and c) a digital signature generated by signing a device public encryption key embedded in said certificate.
51. The certificate of claim 43 wherein said resource is selected from the group consisting of at least one of the Internet and a local area network.
52. A method of generating a digital certificate for use on a client device comprising:
receiving at least one unique identifier;
generating a digital certificate payload;
embedding said at least one unique identifier and said payload into a certificate.
receiving at least one unique identifier;
generating a digital certificate payload;
embedding said at least one unique identifier and said payload into a certificate.
53. The method of claim 52 wherein said unique identifier is at least one identifier selected from the group consisting of: a) a gateway identifier associated with said gateway server; b) a device identifier unique to said device; and c) a digital signature generated by signing a device public encryption key embedded in said certificate.
54. A computer readable media containing a set of programming instructions for use in a gateway server, said instructions including a method of controlling access to a resource comprising:
receiving a digital certificate from a device;
extracting an identifier embedded into said certificate;
determining if said identifier is valid;
if said identifier is determined to be valid, permitting said device to access said resource; and, if said identifier is determined to be invalid, denying said device access to said resource.
receiving a digital certificate from a device;
extracting an identifier embedded into said certificate;
determining if said identifier is valid;
if said identifier is determined to be valid, permitting said device to access said resource; and, if said identifier is determined to be invalid, denying said device access to said resource.
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/CA2004/001821 WO2006039771A1 (en) | 2004-10-12 | 2004-10-12 | System and method for access control |
Publications (2)
Publication Number | Publication Date |
---|---|
CA2578186A1 true CA2578186A1 (en) | 2006-04-20 |
CA2578186C CA2578186C (en) | 2012-07-10 |
Family
ID=36147983
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA2578186A Active CA2578186C (en) | 2004-10-12 | 2004-10-12 | System and method for access control |
Country Status (3)
Country | Link |
---|---|
US (1) | US7904952B2 (en) |
CA (1) | CA2578186C (en) |
WO (1) | WO2006039771A1 (en) |
Families Citing this family (54)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4250100B2 (en) * | 2004-02-23 | 2009-04-08 | 大日本印刷株式会社 | Computer system |
US8245280B2 (en) | 2005-02-11 | 2012-08-14 | Samsung Electronics Co., Ltd. | System and method for user access control to content in a network |
US20080262863A1 (en) * | 2005-03-11 | 2008-10-23 | Tracesecurity, Inc. | Integrated, Rules-Based Security Compliance And Gateway System |
US8452961B2 (en) * | 2006-03-07 | 2013-05-28 | Samsung Electronics Co., Ltd. | Method and system for authentication between electronic devices with minimal user intervention |
DE102006011402A1 (en) * | 2006-03-11 | 2007-09-13 | Bayer Innovation Gmbh | Method and apparatus for safe processing of sensitive information |
US8510812B2 (en) | 2006-03-15 | 2013-08-13 | Fortinet, Inc. | Computerized system and method for deployment of management tunnels |
US7827275B2 (en) | 2006-06-08 | 2010-11-02 | Samsung Electronics Co., Ltd. | Method and system for remotely accessing devices in a network |
US20070288487A1 (en) * | 2006-06-08 | 2007-12-13 | Samsung Electronics Co., Ltd. | Method and system for access control to consumer electronics devices in a network |
US8527770B2 (en) | 2006-07-20 | 2013-09-03 | Research In Motion Limited | System and method for provisioning device certificates |
US8635461B2 (en) * | 2007-05-22 | 2014-01-21 | International Business Machines Corporation | Retrieval and display of encryption labels from an encryption key manager certificate ID attached to key certificate |
WO2009079734A1 (en) | 2007-12-20 | 2009-07-02 | Bce Inc. | Contact-less tag with signature, and applications thereof |
US9479339B2 (en) * | 2008-02-29 | 2016-10-25 | Blackberry Limited | Methods and apparatus for use in obtaining a digital certificate for a mobile communication device |
US10015158B2 (en) * | 2008-02-29 | 2018-07-03 | Blackberry Limited | Methods and apparatus for use in enabling a mobile communication device with a digital certificate |
US8812701B2 (en) * | 2008-05-21 | 2014-08-19 | Uniloc Luxembourg, S.A. | Device and method for secured communication |
US8116749B2 (en) | 2008-09-08 | 2012-02-14 | Proctor Jr James Arthur | Protocol for anonymous wireless communication |
US20120102322A1 (en) | 2008-12-18 | 2012-04-26 | O'brien William G | Processing of communication device signatures for use in securing nomadic electronic transactions |
CA2747553C (en) | 2008-12-18 | 2016-06-07 | Sean Maclean Murray | Validation method and system for use in securing nomadic electronic transactions |
US9047450B2 (en) * | 2009-06-19 | 2015-06-02 | Deviceauthority, Inc. | Identification of embedded system devices |
US9047458B2 (en) * | 2009-06-19 | 2015-06-02 | Deviceauthority, Inc. | Network access protection |
US8621203B2 (en) * | 2009-06-22 | 2013-12-31 | Nokia Corporation | Method and apparatus for authenticating a mobile device |
US20100333213A1 (en) * | 2009-06-24 | 2010-12-30 | Craig Stephen Etchegoyen | Systems and Methods for Determining Authorization to Operate Licensed Software Based on a Client Device Fingerprint |
US8213907B2 (en) | 2009-07-08 | 2012-07-03 | Uniloc Luxembourg S. A. | System and method for secured mobile communication |
US8726407B2 (en) * | 2009-10-16 | 2014-05-13 | Deviceauthority, Inc. | Authentication of computing and communications hardware |
US20110093503A1 (en) * | 2009-10-19 | 2011-04-21 | Etchegoyen Craig S | Computer Hardware Identity Tracking Using Characteristic Parameter-Derived Data |
US9082128B2 (en) * | 2009-10-19 | 2015-07-14 | Uniloc Luxembourg S.A. | System and method for tracking and scoring user activities |
USRE47020E1 (en) * | 2010-11-12 | 2018-08-28 | Sony Mobile Communications Inc. | Certificate based access control in open mobile alliance device management |
US8739258B2 (en) * | 2010-11-12 | 2014-05-27 | Sony Corporation | Certificate based access control in open mobile alliance device management |
AU2011100168B4 (en) * | 2011-02-09 | 2011-06-30 | Device Authority Ltd | Device-bound certificate authentication |
DE102011015711A1 (en) * | 2011-03-31 | 2012-10-04 | Giesecke & Devrient Gmbh | Update a disk application |
AU2011101295B4 (en) | 2011-06-13 | 2012-08-02 | Device Authority Ltd | Hardware identity in multi-factor authentication layer |
US9270471B2 (en) * | 2011-08-10 | 2016-02-23 | Microsoft Technology Licensing, Llc | Client-client-server authentication |
AU2011101297B4 (en) | 2011-08-15 | 2012-06-14 | Uniloc Usa, Inc. | Remote recognition of an association between remote devices |
US8838982B2 (en) | 2011-09-21 | 2014-09-16 | Visa International Service Association | Systems and methods to secure user identification |
US9203819B2 (en) * | 2012-01-18 | 2015-12-01 | OneID Inc. | Methods and systems for pairing devices |
GB2500720A (en) * | 2012-03-30 | 2013-10-02 | Nec Corp | Providing security information to establish secure communications over a device-to-device (D2D) communication link |
JP2014174560A (en) * | 2013-03-05 | 2014-09-22 | Canon Inc | Information processing device, server and control method therefor, and program and storage medium |
US9143496B2 (en) | 2013-03-13 | 2015-09-22 | Uniloc Luxembourg S.A. | Device authentication using device environment information |
US9286466B2 (en) | 2013-03-15 | 2016-03-15 | Uniloc Luxembourg S.A. | Registration and authentication of computing devices using a digital skeleton key |
US9215075B1 (en) * | 2013-03-15 | 2015-12-15 | Poltorak Technologies Llc | System and method for secure relayed communications from an implantable medical device |
US9906497B2 (en) | 2014-10-06 | 2018-02-27 | Cryptzone North America, Inc. | Multi-tunneling virtual network adapter |
US9148408B1 (en) | 2014-10-06 | 2015-09-29 | Cryptzone North America, Inc. | Systems and methods for protecting network devices |
US9866519B2 (en) | 2015-10-16 | 2018-01-09 | Cryptzone North America, Inc. | Name resolving in segmented networks |
US9736120B2 (en) | 2015-10-16 | 2017-08-15 | Cryptzone North America, Inc. | Client network access provision by a network traffic manager |
US10412048B2 (en) | 2016-02-08 | 2019-09-10 | Cryptzone North America, Inc. | Protecting network devices by a firewall |
US9560015B1 (en) | 2016-04-12 | 2017-01-31 | Cryptzone North America, Inc. | Systems and methods for protecting network devices by a firewall |
US11025428B2 (en) | 2016-05-05 | 2021-06-01 | Neustar, Inc. | Systems and methods for enabling trusted communications between controllers |
WO2017193093A1 (en) | 2016-05-05 | 2017-11-09 | Neustar, Inc. | Systems and methods for enabling trusted communications between entities |
US11108562B2 (en) | 2016-05-05 | 2021-08-31 | Neustar, Inc. | Systems and methods for verifying a route taken by a communication |
US10958725B2 (en) | 2016-05-05 | 2021-03-23 | Neustar, Inc. | Systems and methods for distributing partial data to subnetworks |
US11277439B2 (en) | 2016-05-05 | 2022-03-15 | Neustar, Inc. | Systems and methods for mitigating and/or preventing distributed denial-of-service attacks |
US11429762B2 (en) | 2018-11-27 | 2022-08-30 | Amazon Technologies, Inc. | Simulation orchestration for training reinforcement learning models |
US11836577B2 (en) | 2018-11-27 | 2023-12-05 | Amazon Technologies, Inc. | Reinforcement learning model training through simulation |
US11455234B2 (en) * | 2018-11-21 | 2022-09-27 | Amazon Technologies, Inc. | Robotics application development architecture |
US20210067554A1 (en) * | 2019-09-03 | 2021-03-04 | ITsMine Ltd. | Real-time notifications on data breach detected in a computerized environment |
Family Cites Families (26)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5757924A (en) * | 1995-09-18 | 1998-05-26 | Digital Secured Networks Techolognies, Inc. | Network security device which performs MAC address translation without affecting the IP address |
JPH11692A (en) | 1997-06-11 | 1999-01-06 | Nippon Gesuido Jigyodan | Method for operation control of oxidation ditch |
US6088805A (en) * | 1998-02-13 | 2000-07-11 | International Business Machines Corporation | Systems, methods and computer program products for authenticating client requests with client certificate information |
US6484258B1 (en) * | 1998-08-12 | 2002-11-19 | Kyber Pass Corporation | Access control using attributes contained within public key certificates |
JP2000136224A (en) | 1998-08-27 | 2000-05-16 | Bridgestone Corp | Rigid polyurethane foam |
JP2000201143A (en) | 1999-01-05 | 2000-07-18 | Nec Corp | Terminal certification device |
US6393484B1 (en) * | 1999-04-12 | 2002-05-21 | International Business Machines Corp. | System and method for controlled access to shared-medium public and semi-public internet protocol (IP) networks |
US6772331B1 (en) * | 1999-05-21 | 2004-08-03 | International Business Machines Corporation | Method and apparatus for exclusively pairing wireless devices |
US6826690B1 (en) | 1999-11-08 | 2004-11-30 | International Business Machines Corporation | Using device certificates for automated authentication of communicating devices |
US6636975B1 (en) * | 1999-12-15 | 2003-10-21 | Identix Incorporated | Accessing a secure resource using certificates bound with authentication information |
US6772340B1 (en) * | 2000-01-14 | 2004-08-03 | Microsoft Corporation | Digital rights management system operating on computing device and having black box tied to computing device |
JP3945963B2 (en) | 2000-05-09 | 2007-07-18 | 株式会社リコー | Access point device |
US6854056B1 (en) * | 2000-09-21 | 2005-02-08 | International Business Machines Corporation | Method and system for coupling an X.509 digital certificate with a host identity |
US6789193B1 (en) * | 2000-10-27 | 2004-09-07 | Pitney Bowes Inc. | Method and system for authenticating a network user |
US20020136226A1 (en) * | 2001-03-26 | 2002-09-26 | Bluesocket, Inc. | Methods and systems for enabling seamless roaming of mobile devices among wireless networks |
JP3702812B2 (en) * | 2001-06-25 | 2005-10-05 | 日本電気株式会社 | Authentication method and authentication apparatus in wireless LAN system |
US7310821B2 (en) * | 2001-08-27 | 2007-12-18 | Dphi Acquisitions, Inc. | Host certification method and system |
JP2003178022A (en) * | 2001-09-14 | 2003-06-27 | Sony Computer Entertainment Inc | Identification information issuing apparatus and method therefor, storage medium with identification information issuing program stored therein, identification information issuing program, information processing device and method therefor, storage medium with information processing program stored therein, and information processing program |
AU2002343424A1 (en) * | 2001-09-28 | 2003-04-14 | Bluesocket, Inc. | Method and system for managing data traffic in wireless networks |
KR100883648B1 (en) * | 2002-03-16 | 2009-02-18 | 삼성전자주식회사 | Method of access control in wireless environment and recording medium in which the method is recorded |
US20030217263A1 (en) * | 2002-03-21 | 2003-11-20 | Tsutomu Sakai | System and method for secure real-time digital transmission |
GB2388498B (en) | 2002-05-07 | 2005-10-19 | Nokia Corp | Method and apparatus for ensuring address information of a wireless terminal device in communications network |
US20030233580A1 (en) * | 2002-05-29 | 2003-12-18 | Keeler James D. | Authorization and authentication of user access to a distributed network communication system with roaming features |
US20040030887A1 (en) * | 2002-08-07 | 2004-02-12 | Harrisville-Wolff Carol L. | System and method for providing secure communications between clients and service providers |
US20060005237A1 (en) * | 2003-01-30 | 2006-01-05 | Hiroshi Kobata | Securing computer network communication using a proxy server |
JP2004272792A (en) * | 2003-03-11 | 2004-09-30 | Toshiba Corp | Method for controlling network access, information providing device, and apparatus for issuing certificate |
-
2004
- 2004-10-12 WO PCT/CA2004/001821 patent/WO2006039771A1/en active Application Filing
- 2004-10-12 CA CA2578186A patent/CA2578186C/en active Active
- 2004-12-03 US US11/002,315 patent/US7904952B2/en not_active Expired - Fee Related
Also Published As
Publication number | Publication date |
---|---|
WO2006039771A1 (en) | 2006-04-20 |
CA2578186C (en) | 2012-07-10 |
US7904952B2 (en) | 2011-03-08 |
US20060080534A1 (en) | 2006-04-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA2578186A1 (en) | System and method for access control | |
JP5889988B2 (en) | HTTP-based authentication | |
US8024488B2 (en) | Methods and apparatus to validate configuration of computerized devices | |
US8966263B2 (en) | System and method of network equipment remote access authentication in a communications network | |
US9237021B2 (en) | Certificate grant list at network device | |
US8800013B2 (en) | Devolved authentication | |
CN101741860B (en) | Computer remote security control method | |
CN106921663B (en) | Identity continuous authentication system and method based on intelligent terminal software/intelligent terminal | |
JP2009538478A5 (en) | ||
CN101534192B (en) | System used for providing cross-domain token and method thereof | |
JP2005085102A (en) | Guarantee system | |
EP2404427B1 (en) | Method and apparatus for securing network communications | |
WO2010108354A1 (en) | Method and system for accessing web service safely | |
CN108173827B (en) | Block chain thinking-based distributed SDN control plane security authentication method | |
CN102271136A (en) | Access control method and equipment under NAT (Network Address Translation) network environment | |
US20150281211A1 (en) | Network security | |
CN1725687A (en) | Security identification method | |
CN108011873A (en) | A kind of illegal connection determination methods based on set covering | |
CN114070559A (en) | Industrial Internet of things session key negotiation method based on multiple factors | |
CN110891067B (en) | Revocable multi-server privacy protection authentication method and revocable multi-server privacy protection authentication system | |
US10298588B2 (en) | Secure communication system and method | |
CN110771087A (en) | Private key update | |
CN1595897A (en) | Method and system for unified process of domain authentication and user network authority control | |
CN102739613A (en) | Dynamic pathway method of crossing firewall and system thereof | |
KR102162108B1 (en) | Lw_pki system for nfv environment and communication method using the same |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
EEER | Examination request |