Information security – Access control or authentication – Network
Reexamination Certificate
2003-12-04
2009-11-24
LaForgia, Christian (Department: 2439)
Information security
Access control or authentication
Network
C713S170000, C380S270000
Reexamination Certificate
active
07624431
ABSTRACT:
The present invention provides a technique for securely implementing port-based authentication on a shared media port in an intermediate node, such as a router. To that end, the invention provides enhanced port-based network access control that includes client-based control at the shared media port. Unlike previous implementations, the port does not permit multiple client nodes to access a trusted subnetwork as soon as a user at any one of those nodes is authenticated by the subnetwork. Instead, port-based authentication is performed for every client node that attempts to access the trusted subnetwork through the shared media port. As such, access to the trusted subnetwork is not compromised by unauthenticated client nodes that “piggy-back” over the shared media port after a user at another client node has been authenticated by the trusted subnetwork.
REFERENCES:
patent: 6891819 (2005-05-01), Inoue et al.
patent: 6990592 (2006-01-01), Richmond et al.
patent: 2003/0152067 (2003-08-01), Richmond et al.
patent: 2003/0154380 (2003-08-01), Richmond et al.
patent: 2003/0217122 (2003-11-01), Roese et al.
patent: 2004/0073793 (2004-04-01), Takeda
patent: 2004/0158735 (2004-08-01), Roese
patent: 2004/0172559 (2004-09-01), Luo et al.
patent: 2004/0208151 (2004-10-01), Haverinen et al.
patent: 2005/0055570 (2005-03-01), Kwan et al.
patent: 2005/0080921 (2005-04-01), Lu
patent: 2005/0111466 (2005-05-01), Kappes et al.
patent: 2005/0177865 (2005-08-01), Ng et al.
patent: 2006/0277187 (2006-12-01), Roese et al.
Radia Perlman, Interconnections, Second Edition: Bridges, Routers, Switches, and Internetworking Protocols, Addison-Wesley Longman, Inc., Chapter 1, pp. 1-17, Jan. 2000.
LAN/MAN Standards Committee of the IEEE Computer Society, IEEE Standard for Local and Metropolitan Area Networks: Port-Based Network Access Control, IEEE Std 802.1X-2001, American National Standards Institute, pp. 1-134, Oct. 25, 2001.
L. Blunk et al., PPP Extensible Authentication Protocol (EAP), RFC 2284, Network Working Group, pp. 1-15, Mar. 1998.
LAN/MAN Standards Committee, IEEE Standard for Local and Metropolitan Area Networks: Overview and Architecture, IEEE Standard 802-2001, IEEE Computer Society, pp. 1-36, Mar. 8, 2002.
C. Rigney et al., Radius Extensions, RFC 2869, Network Working Group, pp. 1-47, Jun. 2000.
D. Harrington, et al., An Architecture for Describing SNMP Management Frameworks, RFC 2571, Standards Track, Network Working Group, pp. 1-62, Apr. 1999.
Funk Software, Inc., Architecting Your 802.1x-Based WLAN Deployment: Using Odyssey and Steel Belted Radius, White Paper, pp. 1-12, Oct. 2002.
David C. Plummer, An Ethernet Address Resolution Protocol or Converting Network Protocol Addressess to 48 bit Ethernet Address for Transmission on Ethernet Hardware, RFC 826, Network Working Group, Nov. 1982.
Congdon, Paul, IEEE 802.1X Overview: Port Based Network Access Control, IEEE Plenary Meeting, Albuquerque, New Mexico, Mar. 2000.
Cox Brian Francis
McMurdo Bruce
Yarlagadda Venkateswara Rao
Cesari and McKenna LLP
Cisco Technology Inc.
LaForgia Christian
LandOfFree
802.1X authentication technique for shared media does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with 802.1X authentication technique for shared media, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and 802.1X authentication technique for shared media will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4101324