Information security – Access control or authentication – Network
Reexamination Certificate
2011-08-02
2011-08-02
Song, Hosuk (Department: 2435)
Information security
Access control or authentication
Network
C726S003000, C726S005000, C713S181000, C380S277000
Reexamination Certificate
active
07992193
ABSTRACT:
A method and an apparatus are disclosed for securing authentication, authorization and accounting (AAA) protocol messages. An encryption key, a device identifier value, and verification data are received and stored at a network device. The verification data comprises in part a copy the encryption key and the device identifier value, and has been encrypted using a private key of a server. A shared secret is generated by applying a computational function to the encryption key and the device identifier value. Based on the shared secret, a first message integrity check value for a message is generated. The message, the first integrity check value, and the verification data are sent to the server. The server decrypts the verification data using the private key, extracts the encryption key and the device identifier value, and generates the same shared secret by applying the same computational function to the extracted encryption key and device identifier value. Based on this generated shared secret, a second message integrity check value is generated and compared to the received first message integrity check value.
REFERENCES:
patent: 6687252 (2004-02-01), Bertrand et al.
patent: 6721886 (2004-04-01), Uskela
patent: 6912223 (2005-06-01), Sloane
patent: 6985519 (2006-01-01), Barnes et al.
patent: 7181530 (2007-02-01), Halasz et al.
patent: 2002/0012433 (2002-01-01), Haverinen et al.
patent: 2002/0026573 (2002-02-01), Park
patent: 2003/0110394 (2003-06-01), Sharp et al.
patent: 2003/0235175 (2003-12-01), Naghian et al.
patent: 2004/0255164 (2004-12-01), Wesemann
patent: 2004/0268140 (2004-12-01), Zimmer et al.
patent: 2005/0076210 (2005-04-01), Thomas et al.
patent: 2005/0081036 (2005-04-01), Hsu
patent: 2005/0086504 (2005-04-01), You et al.
patent: 2005/0273592 (2005-12-01), Pryor et al.
patent: 2006/0259759 (2006-11-01), Maino et al.
Blunk, et al., “PPP Extensible Authentication Protocol (EAP)”, RFC 2284, 1998.
Tsai et al., “A Simulation for Verification and Development of Fibre Channel”, IEEE Explore, 1993.
C. Finseth, “An Access Control Protocol, Sometimes called TACACS”, Network Working Group Request for Comments: 1492, Jul. 1993.
G. Zorn, “Microsoft Vendor-specific RADIUS Attributes”, Network Working Group Request for Comments: 2548, Mar. 1999.
C. Rigney, et al., “Remote Authentication Dial in User Service (RADIUS)”, Network Working Group Request for Comments: 2865, Jun. 2000.
P. Calhoun, et al., “Diameter Base Protocol”, Network Working Group Request for Comments: 3588, Sep. 2003.
Maino, Fabio. “EAP: a Common Extensible Encapsulation Protocol for Authentication in FC-SP.” Published Dec. 9, 2002 to the T11 Website, pp. 1-18.
Cam Winget, N. et al., “Draft-cam-winget-eap-fast-00.txt”, Internet Draft, Information, http://tools.ietf.org/id/draft-cam-winget-eap-fast-00.txt, Feb. 9, 2004, 66 pages.
Fine Michael
Kuffel Irene
Maino Fabio
Zavalkovsky Arthur
Cisco Technology Inc.
Debnath Suman
Hickman Palermo & Truong & Becker LLP
Song Hosuk
LandOfFree
Method and apparatus to secure AAA protocol messages does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus to secure AAA protocol messages, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus to secure AAA protocol messages will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2708955