[특허]Dual authentication of a requestor using a mail server and an authentication server

Dual authentication of a requestor using a mail server and an authentication server 원문보기

IPC분류정보
국가/구분	United States(US) Patent 등록
국제특허분류(IPC7판)	G06F-013/00
출원번호	US-0060525 (2002-01-29)
발명자 / 주소	Tock,Theron Srinivas,Sampath Sang,Yvonne Pui Fung
출원인 / 주소	Juniper Networks, Inc.
대리인 / 주소	Harrity Snyder LLP
인용정보	피인용 횟수 : 17 인용 특허 : 21

초록 ▼

Improved approaches for providing secure remote access to email resources maintained on private networks are disclosed. The secure access can be provided through a public network using a standard network browser. Multiple remote users are able to gain restricted and controlled access to email on a mail server within a private network through a common access point. The solution provided by the improved approaches allow not only native access to email resources but also robust authentication approaches.

대표청구항 ▼

What is claimed is: 1. A method for facilitating remote access by a mail client to a mail server via an intermediary server, said method comprising: (a) receiving a mail access request at the intermediary server, the mail access request being sent to the intermediary server from the mail client for a requestor; (b) receiving a password associated with the mail access request; (c) authenticating the requestor with the mail server based on the received password; (d1) retrieving a previously stored hashed password associated with the requestor or the mail client; (d2) determining whether a hashed version of the received password matches the retrieved hashed password; (d3) authenticating, based on the received password, the requestor with an authentication server that couples to a private network that includes the mail server; and (d4) bypassing said authenticating (d3) and deeming the received password authenticated when said determining (d2) determines that the hashed version of the received password matches the retrieved hashed password. 2. A method as recited in claim 1, wherein said retrieving (d1) further includes at least retrieving a time last used password, and wherein said method further comprises: (d5) determining whether the time last used password exceeds a predetermined duration; and (d6) preventing said bypassing (d4) from bypassing said authenticating (d3) when said determining (d5) determines that the time last used password exceeds the predetermined duration. 3. A method as recited in claim 2, wherein the predetermined duration is a maximum idle duration. 4. A method as recited in claim 3, wherein a mail server password and an authentication server password are included in or derived from the received password, wherein said authenticating (c) authenticates the requestor with the mail server using the mail server password, and wherein said authenticating (d3) authenticates the requestor with the authentication server using the authentication server password. 5. A method as recited in claim 1, wherein said retrieving (d1) further includes at least retrieving a time last authorized by the authentication server, and wherein said method further comprises: (d5) determining whether the time last authorized by the authentication server exceeds a predetermined duration; and (d6) preventing said bypassing (d4) from bypassing said authenticating (d3) when said determining (d5) determines that the time last authorized by the authentication server exceeds the predetermined duration. 6. A method as recited in claim 5, wherein the predetermined duration is a maximum session duration. 7. A method as recited in claim 5, wherein a mail server password and an authentication server password are included in or derived from the received password, wherein said authenticating (c) authenticates the requestor with the mail server using the mail server password, and wherein said authenticating (d3) authenticates the requestor with the authentication server using the authentication server password. 8. A method as recited in claim 1, wherein a mail server password and an authentication server password are included in or derived from the received password, wherein said authenticating (c) authenticates the requestor with the mail server using the mail server password, and wherein said authenticating (d3) authenticates the requestor with the authentication server using the authentication server password. 9. A method as recited in claim 1, wherein a mail server password and an authentication server password are separated by a password separator in the received password, wherein said authenticating (c) authenticates the requestor with the mail server using the mail server password, and wherein said authenticating (d3) authenticates the requestor with the authentication server using the authentication server password. 10. A method for authenticating a requestor of a remote mail client seeking access to a mail server, said method comprising: (a) receiving a password from the remote mail client; (b) retrieving a previously stored hashed password; (c) determining whether a hashed version of the received password matches the previously stored hashed password; (d) authenticating the requestor with the mail server based on the received password; and (e) further authenticating the requestor with an authentication server based on the received password when said determining (c) determines that the hashed version of the received password does not match the previously stored hashed password, the authentication server couples to or resides on a private network that includes the mail server. 11. A method as recited in claim 10, wherein said receiving (a) further receives a time last authorized by the authentication server and a time last used password, wherein said determining (c) further determines whether a time since the time last authorized by the authentication server exceeds a first predetermined duration and whether the time since the time last used password exceeds a second predetermined duration, and wherein said authenticating (e) is performed when said determining (c) determines that the time since the time last authorized by the authentication server exceeds the first predetermined duration or that the time since the time last used password exceeds the second predetermined duration, regardless of whether said determining (c) determines that the hashed version of the received password matches the previously stored hashed password. 12. A method as recited in claim 11, wherein the received password is an authentication password, and wherein the authentication password serves to authenticate the requestor or the remote mail client to the authentication server. 13. A method as recited in claim 11, wherein the first predetermined duration is a maximum session duration, and wherein the second predetermined duration is a maximum idle duration. 14. A method as recited in claim 10, wherein the received password is an authentication password, and wherein the authentication password serves to authenticate the requestor or the remote mail client to the authentication server. 15. A method as recited in claim 10, wherein said receiving (a) further receives a time last authorized by the authentication server, wherein said determining (c) further determines whether a time since the time last authorized by the authentication server exceeds a predetermined duration, and wherein said authenticating (e) is performed when said determining (c) determines that the time since the time last authorized by the authentication server exceeds the predetermined duration, regardless of whether said determining (c) determines that the hashed version of the received password matches the previously stored hashed password. 16. A method as recited in claim 10, wherein said receiving (a) further receives a time last used password, wherein said determining (c) further determines whether a time since the time last used password exceeds a predetermined duration, and wherein said authenticating (e) is performed when said determining (c) determines that the time since the time last used password exceeds the predetermined duration, regardless of whether said determining (c) determines that the hashed version of the received password matches the previously stored hashed password. 17. A computer readable storage medium including at least computer program code for authenticating a requestor of a remote mail client seeking access to a mail server, said computer readable storage medium comprising: computer program code for receiving a password from the remote mail client; computer program code for retrieving a previously stored hashed password; computer program code for determining whether a hashed version of the received password matches the previously stored hashed password; computer program code for authenticating the requestor with the mail server based on the received password; and computer program code for authenticating the requestor with an authentication server based on the received password when said computer program code for determining determines that the hashed version of the received password does not match the previously stored hashed password, the authentication server on a private network that includes the mail server. 18. A computer readable storage medium as recited in claim 17, wherein the received password is an authentication password, and wherein the authentication password serves to authenticate the requestor or the remote mail client to the authentication server. 19. A computer readable storage medium as recited in claim 17, wherein said computer program code for receiving further receives a time last authorized by the authentication server, wherein said computer program code for determining further determines whether a time since the time last authorized by the authentication server exceeds a predetermined duration, and wherein the authenticating is performed by said computer program code for authenticating when said computer program code for determining determines that the time since the time last authorized by the authentication server exceeds the predetermined duration, regardless of whether said computer program code for determining determines that the hashed version of the received password matches the previously stored hashed password. 20. A computer readable storage medium including at least computer program code for facilitating remote access by a mail client to a mail server via an intermediary server, said computer readable storage medium comprising: computer program code for receiving a mail access request at the intermediary server, the mail access request being sent to the intermediary server from the mail client for a requestor; computer program code for receiving a password associated with the mail access request; computer program code for authenticating the requestor with the mail server based on the received password; computer program code for retrieving a previously stored hashed password associated with the requestor or the mail client and determining whether the retrieved hashed password matches a hashed version of the received password; computer program code for authenticating the requestor with an authentication server based on the received password, the authentication server being coupled to or included in a private network that includes the mail server; and computer program code for bypassing the authenticating with the authentication server and deeming the received password as authenticated when the hashed version of the received password matches the retrieved hashed password. 21. A computer readable storage medium as recited in claim 20, wherein a mail server password and an authentication server password are included in or derived from the received password, wherein said computer program code for authenticating operates to authenticate the requestor with the mail server using the mail server password, and wherein said computer program code for authenticating operates to authenticate the requestor with the authentication server using the authentication server password.

이 특허에 인용된 특허 (21)

O'Neal Stephen C. ; Jiang John, Centralized communication control center for visually and audibly updating communication options associated with communication services of a unified messaging system and methods therefor.
상세보기
Freivald Matthew P. ; Richards Mark S. ; Noble Alan C., Change-detection tool indicating degree and location of change of internet documents by comparison of cyclic-redundancy.
상세보기
Kalajan Kevin E. ; Mueller Thomas R., Connection-oriented session emulation.
상세보기
McDonough John C. ; Saravanan Thiagarajan ; Amatucci Michael P. ; Iannucci Louis A. ; Ingham David M., Controlling access to information.
상세보기
Win Teresa ; Belmonte Emilio, Distributed access management of information resources.
상세보기
Noble Alan C. ; Freivald Matthew P., Distributed-client change-detection tool with change-detection augmented by multiple clients.
상세보기
Coley Christopher D. ; Wesinger ; Jr. Ralph E., Firewall system for protecting network elements connected to a public network.
상세보기
Kalajan Kevin E., Mechanism for delivering a message based upon a source address.
상세보기
Hu Wei-Ming (Arlington MA), Method and apparatus for authenticating a client to a server in computer systems which support different security mechan.
상세보기
Cardinal David J. ; March Rod G., Method and apparatus for collecting and displaying information from diverse computer resources.
상세보기
Chiu Suet Mui ; Dockter Michael Jon ; Farber Joel Frank ; Pauser Michael Leon ; Richardt Randal James, Method for creating a hypertext language for a distributed computer network.
상세보기
Montulli Lou, Method of on-line shopping utilizing persistent client state in a hypertext transfer protocol based client-server syste.
상세보기
Farber David A. ; Greer Richard E. ; Swart Andrew D. ; Balter James A., Optimized network resource location.
상세보기
Allavarpu, Sai V.; Bhalerao, Anand J., Pluggable authentication modules for telecommunications management network.
상세보기
Kalajan Kevin E., Remote access-controlled communication.
상세보기
R. Brent Johnson, Secure electronic mail system.
상세보기
Grantges, Jr., David R.; McGrath, Lawrence R., Secure gateway having routing feature.
상세보기
Kalajan Kevin E., Source address directed message delivery.
상세보기
Freivald Matthew P. ; Richards Mark S. ; Noble Alan C., Spreadsheet user-interface for an internet-document change-detection tool.
상세보기
Kaufman Charles W. (Northborough MA) Pearlman Radia J. (Acton MA) Gasser Morrie (Hopkinton MA), System for increasing the difficulty of password guessing attacks in a distributed authentication scheme employing authe.
상세보기
Freivald Matthew P. ; Noble Alan C., Unique-change detection of dynamic web pages using history tables of signatures.
상세보기

이 특허를 인용한 특허 (17)

Ng, Chan-Wah; Tan, Pek-Yew; Ue, Toyoki, Access control at an intermediate network element connecting a plurality of data communications networks.
상세보기
Clarke, David James, Communications system providing multi-layered extensible protocol interface and related methods.
상세보기
Sonoda,Koji; Iwasaki,Masaaki; Kishima,Shinichi, File system.
상세보기
Radicella, Michael; Burkley, Richard M.; Chapman, Kriston L.; Jones, Shirl D.; Matsumoto, Roger Y., Method and system for controlling access to an enclosed area.
상세보기
Radicella, Michael; Burkley, Richard M.; Chapman, Kriston L.; Jones, Shirl D.; Matsumoto, Roger Y., Method and system for controlling access to an enclosed area.
상세보기
Vacanti, Daniel S.; Conley, Todd M.; Geddes, Martin; Anderson, David J., Method and system for embellishing web content during transmission between a content server and a client station.
상세보기
Geddes, Martin; Vacanti, Daniel S.; Conley, Todd M.; Anderson, David J.; Lowrey, Neil E., Method and system for inserting web content through intermediation between a content server and a client station.
상세보기
Ulvenes, Randy, Method and system for managing payment for web content based on size of the web content.
상세보기
Tock, Theron; Srinivas, Sampath, Method and system for providing secure access to private networks.
상세보기
Tock, Theron; Srinivas, Sampath, Method and system for providing secure access to private networks.
상세보기
Jung, Dong-shin; Yi, Kyoung-hoon; Yook, Hyun-gyoo; Yoon, Hyun-sik, Network device, system and method for providing list of controlled devices.
상세보기
Bloemeke, William Joseph; Cashion, Reid Anthony, Network security protection.
상세보기
Radicella, Michael; Burkley, Richard; Chapman, Kriston; Jones, Shirl; Matsumoto, Roger, Security control access system.
상세보기
Radicella, Michael; Matsumoto, Roger; Morrison, Matthew J.; Burkley, Richard; Chapman, Kriston; Jones, Shirl, Security control and access system.
상세보기
Radicella, Michael; Burkley, Richard; Chapman, Kriston; Jones, Shirl; Matsumoto, Roger, System and method for integrating and adapting security control systems.
상세보기
Radicella, Michael; Burkley, Richard; Chapman, Kriston; Jones, Shirl; Matsumoto, Roger, System and method for integrating and adapting security control systems.
상세보기
Radicella, Michael; Burkley, Richard; Chapman, Kriston; Jones, Shirl; Matsumoto, Roger, System and method for integrating and adapting security control systems.
상세보기

IPC	Description
A	생활필수품
A62	인명구조; 소방(사다리 E06C)
A62B	인명구조용의 기구, 장치 또는 방법(특히 의료용에 사용되는 밸브 A61M 39/00; 특히 물에서 쓰이는 인명구조 장치 또는 방법 B63C 9/00; 잠수장비 B63C 11/00; 특히 항공기에 쓰는 것, 예. 낙하산, 투출좌석 B64D; 특히 광산에서 쓰이는 구조장치 E21F 11/00)
A62B-1/08	.. 윈치 또는 풀리에 제동기구가 있는 것

내보내기 구분	파일저장 인쇄 메일전송
구성항목	기본정보 상세정보 관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표IPC 관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 공고번호, 공고일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표출원인, 출원인국적, 출원인주소, 발명자, 발명자E, 발명자코드, 발명자주소, 발명자 우편번호, 발명자국적, 대표IPC, IPC코드, 요약, 미국특허분류, 대리인주소, 대리인코드, 대리인(한글), 대리인(영문), 국제공개일자, 국제공개번호, 국제출원일자, 국제출원번호, 우선권, 우선권주장일, 우선권국가, 우선권출원번호, 원출원일자, 원출원번호, 지정국, Citing Patents, Cited Patents
저장형식	Text(ASCII format) Excel format PIAS분석(.xls)
메일정보	받는사람 (필수) @ 보내는사람 (선택) @ 제목 내용 KISTI 검색결과 이메일 서비스
안내	총 건의 자료가 검색되었습니다. 다운받으실 자료의 인덱스를 입력하세요. (1-10,000) 검색결과의 순서대로 최대 10,000건 까지 다운로드가 가능합니다. 데이타가 많을 경우 속도가 느려질 수 있습니다.(최대 2~3분 소요) 다운로드 파일은 UTF-8 형태로 저장됩니다. 파일의 내용이 제대로 보이지 않을실 때는 웹브라우저 상단의 보기 -> 인코딩 -> 자동선택 여부를 확인하십시오. ~ Text(ASCII format) Excel format

연합인증

Dual authentication of a requestor using a mail server and an authentication server 원문보기

초록 ▼

대표청구항 ▼

연구과제 타임라인

이 특허에 인용된 특허 (21)

이 특허를 인용한 특허 (17)

관련 콘텐츠

특허 원문 보기

IPC 상위 출원인

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

선택된 텍스트

연합인증

Dual authentication of a requestor using a mail server and an authentication server 원문보기

초록 ▼

대표청구항 ▼

연구과제 타임라인

전체(0) 논문(0) 특허(0) 보고서(0)

전체(0) 논문(0) 특허(0) 보고서(0)

이 특허에 인용된 특허 (21)

이 특허를 인용한 특허 (17)

관련 콘텐츠

특허 원문 보기

IPC 상위 출원인

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

선택된 텍스트