Information security – Access control or authentication – Network
Reexamination Certificate
2007-11-06
2007-11-06
Zand, Kambiz (Department: 2134)
Information security
Access control or authentication
Network
C713S168000
Reexamination Certificate
active
10613659
ABSTRACT:
The present invention teaches methods and systems for blocking unauthorized access to cable modem configuration files stored on trivial file transfer protocol (TFTP) servers. Filenames are modified by the DHCP to incorporate an authentication key (and optional cloaking) prior to transmission to the cable modem. When the TFTP server receives a modified filename, it also generates an authentication key. The authentication keys must match in order for the cable modem to receive the configuration file requested. At a minimum, authentication keys depend upon the un-modified filename, the cable modem IP address and a “coordination pass phrase” known to the TFTP server and DHCP server, but not known to the cable modem. Variations include optional cloaking, various actions performed for non-matching authentication keys, selection of authentication key generating algorithm and inclusion of cable modem MAC address in the authentication key for all cable modems or for premium service customer cable modems.
REFERENCES:
patent: 5528595 (1996-06-01), Walsh et al.
patent: 6049826 (2000-04-01), Beser
patent: 6170061 (2001-01-01), Beser
patent: 6195689 (2001-02-01), Bahlmann
patent: 6208656 (2001-03-01), Hrastar et al.
patent: 6249523 (2001-06-01), Hrastar et al.
patent: 6286058 (2001-09-01), Hrastar et al.
patent: 6324267 (2001-11-01), Hraster et al.
patent: 6359882 (2002-03-01), Robles et al.
patent: 6405253 (2002-06-01), Schutte et al.
patent: 6430193 (2002-08-01), Raissinia et al.
patent: 6546017 (2003-04-01), Khaunte
patent: 6598057 (2003-07-01), Synnestvedt et al.
patent: 6917628 (2005-07-01), McKinnin et al.
patent: 2001/0032311 (2001-10-01), White
patent: 2002/0023160 (2002-02-01), Garrett et al.
patent: 2002/0035623 (2002-03-01), Lawande et al.
patent: 2002/0073433 (2002-06-01), Furuta
patent: 2002/0144284 (2002-10-01), Burroughs et al.
patent: 2003/0033379 (2003-02-01), Civanlar et al.
patent: 2003/0070063 (2003-04-01), Boyle et al.
patent: 2003/0093669 (2003-05-01), Morais et al.
Alexander, et al, “DHCP Options and BOOTP Vendor Extensions”, Mar. 1997.
Cable Television Laboratories, Inc., “Data-Over-Cable Service Interface Specifications: Baseline Privacy Plus Interface Specification”, SP-BPI+-I09-020830, Aug. 30, 2002.
Cable Television Laboratories, Inc., “Data-Over-Cable Service Interface Specifications: Radio Frequency Interface Specification”, SP-RFlv1.1-I09-020830, Aug. 30, 2002.
Cable Television Laboratories, Inc., “Data-Over-Cable Service Interface Specifications: Radio Frequency Interface Specification”, SP-RFlv2.0-I03-021218, Dec. 18, 2002.
Communications Technology, “Cable Modem Security: Insulating Your Network While Keeping Your Subscribers Safe from Each Other”, Oct. 2001.
Croft et al, “Bootstrap Protocol (BOOTP)”, Sep. 1985.
Droms, “Dynamic Host Configuration Protocol”, Mar. 1997.
Jacobs, et al, “Bandwidth Burglary in Broad Daylight: How to Prevent a Simple Hack”, Jan. 2003.
Pfendtner, “DOCSIS Network Security at WH-Netz”, Nov. 20, 2002.
Rivest, “The MD5 Message-Digest Algorithm”, Apr. 1992.
Society of Cable Telecommunications Engineers, Inc., “Data-Over-Cable Service Interface Specification: DOCSIS 1.0 Radio Frequency Interface (RFI)”, ANSI/SCTE 22-1 2002 (formerly DSS 02-05).
Sollins, “The TFTP Protocol (Revision 2)”, Jul. 1992.
Technical Communications Corporation, “Technical Discussion on Key Length vs. Time to Break”, 1996.
Wimer, “Clarifications and Extensions for the Bootstrap Protocol”, Oct. 1993.
Danforth Andrew
Gould Kenneth
Bayou Yonas
Roberts Mardula & Wertheim LLC
Time Warner Cable Inc.
Zand Kambiz
LandOfFree
Method to block unauthorized access to TFTP server... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method to block unauthorized access to TFTP server..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method to block unauthorized access to TFTP server... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3863529