Electrical computers and digital processing systems: multicomput – Computer network managing – Computer network access regulating
Reexamination Certificate
2006-02-24
2009-11-24
Barqadle, Yasin M (Department: 2456)
Electrical computers and digital processing systems: multicomput
Computer network managing
Computer network access regulating
C709S229000, C726S004000
Reexamination Certificate
active
07624181
ABSTRACT:
Techniques for authenticating a user for access to an IP network include receiving from the user's host a DHCP request which includes user identifier data. A random challenge value is determined and sent to the user's host in a DHCP message format. A response message that includes a response value is received from the user's host in DHCP format. A verification value is determined based on a password value associated with the user identifier value in an AAA server and the current challenge value using a secure process that renders impractical an attempt to derive the password. If it is determined that the response value does not match the verification value, then a DHCP offer is prevented from being sent to the user's host in response to the DHCP request. Thus, a user is authenticated using DHCP instead of PPP.
REFERENCES:
patent: 6092110 (2000-07-01), Maria et al.
patent: 6286039 (2001-09-01), Van Horne et al.
patent: 7082535 (2006-07-01), Norman et al.
patent: 7342906 (2008-03-01), Calhoun
patent: 7461251 (2008-12-01), Oishi
patent: 7568040 (2009-07-01), Townsley et al.
patent: 2002/0006133 (2002-01-01), Kakemizu et al.
patent: 2002/0013844 (2002-01-01), Garrett et al.
patent: 2002/0098840 (2002-07-01), Hanson et al.
patent: 2003/0101243 (2003-05-01), Donahue et al.
patent: 2003/0143973 (2003-07-01), Nagy et al.
patent: 2004/0252693 (2004-12-01), Cheriton et al.
patent: 2005/0105529 (2005-05-01), Arberg et al.
patent: 2005/0286518 (2005-12-01), Park et al.
patent: 2006/0174324 (2006-08-01), Zur et al.
patent: 2007/0180499 (2007-08-01), Van Bemmel
patent: 2007/0203999 (2007-08-01), Townsley et al.
patent: 1020020077049 (2002-12-01), None
patent: WO2005104500 (2005-11-01), None
RFC 2865—Remote Authentication Dial In User Service (RADIUS), Rigney et al., Jun. 2000.
RFC 3748—Extensible Authentication Protocol (EAP), Aboda et al., Jun. 2004.
Simpson, W., PPP Challenge Handshake Authetnication Protocol (CHAP), www.ietf.org/rfc/rfc1994.txt, Aug. 1, 1996, p. 12, Publisher: Internet Engineering Task Force, , Published in: Internet.
Patrick, M., DHCP Relay Agent Information Option, www.ietf.org/rfc/rfc3046.txt, Jan. 1, 2001, p. 14, Publisher: Internet Engineering Task Force, Published in: Internet.
Droms, R., Authentication for DHCP Messages, www.ietf.org/rfc/rfc3118.txt, Jun. 1, 2001, p. 17, Publisher: Internet Engineering Task Force, Published in: Internet.
Droms, “RFC 2132—DHCP Options and BOOTP Vendor Extensions,” Mar. 1997, Internet: ietf.org, 32 pages.
Droms, “RFC 2131—Dynamic Host Configuration Protocol,” Mar. 1997, Internet: ietf.org, 43 pages.
Kivinen, “Using RADIUS backend for DHCP over IKE,” Apr. 2003, Internet: ietf.org, 4 pages.
Droms et al., “RFC 4014—Remote Authentication Dial-In User Service (RADIUS) Attributes Suboption for the Dynamic Host Configuration Protocol (DHCP) Relay Agent Information Option,” Feb. 2005, Internet: ietf.org, 8 pages.
Congdon et al., “RFC 3580—IEEE 802.1x Remote Authentication Dial in User Service (RADIUS) Usage Guidelines,” Sep. 2003, Internet: ietf.org, 29 pages.
Dec Wojciech
Droms Ralph
Townsley William Mark
Barqadle Yasin M
Cisco Technology Inc.
Patent Capital Group
LandOfFree
Techniques for authenticating a subscriber for an access... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Techniques for authenticating a subscriber for an access..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Techniques for authenticating a subscriber for an access... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4100080