Authorization of device access to network services
First Claim
1. A computing system comprising:
- a processor; and
a memory having stored therein instructions that, when executed by the processor, cause the computing system to perform operations comprising;
detecting an authorization request from a first computing device;
displaying said authorization request on a user interface;
in response to an approval provided via said user interface, generating a key for said first computing device, said key usable to allow said first computing device to access at least one network service;
authorizing replication of a security service on said first computing device, said authorizing in response to said approval and a determination that said first computing device is capable of providing security in accordance with said security service, wherein said security service enables the first computing device to replicate the security service on other computing devices;
when a security service on the computing system and the security service on the first computing device have been synchronized, communicating between the computing system and the first computing device an identifier of a device that has been added to a network or removed from the network; and
when one of the computing system or the first computing device has been offline, receiving by the computing system or the first computing device the identifier of the device that has been added to the network.
0 Assignments
0 Petitions
Accused Products
Abstract
The invention provides for authorization of devices entering a network. A new device entering a network sends an authorization request. Another device in the network may receive the request and display a User Interface (UI) which prompts the user to approve the device. The user can use a device identifier provided by the new device in approving the new device. Assuming the identifier provided by the new device matches an identifier accessible by the authorizing device, the user authorizes the new device. A key is then generated for the new device, which allows access to an appropriate range of network services. Authorization decisions can be synchronized among the various devices in a network, so even if an authorizing device leaves the network, the new device key can be validated. A security service can be replicated in a new device once the device is authorized to access the network.
18 Citations
20 Claims
-
1. A computing system comprising:
-
a processor; and a memory having stored therein instructions that, when executed by the processor, cause the computing system to perform operations comprising; detecting an authorization request from a first computing device; displaying said authorization request on a user interface; in response to an approval provided via said user interface, generating a key for said first computing device, said key usable to allow said first computing device to access at least one network service; authorizing replication of a security service on said first computing device, said authorizing in response to said approval and a determination that said first computing device is capable of providing security in accordance with said security service, wherein said security service enables the first computing device to replicate the security service on other computing devices; when a security service on the computing system and the security service on the first computing device have been synchronized, communicating between the computing system and the first computing device an identifier of a device that has been added to a network or removed from the network; and when one of the computing system or the first computing device has been offline, receiving by the computing system or the first computing device the identifier of the device that has been added to the network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A first computing device comprising a computer-readable storage medium having stored thereon computer-readable instructions that, when executed by the first computing device, cause the first computing device to perform operations comprising:
-
detecting that said first computing device is operably connected to a network; determining if said first computing device can access a network service available on said network; sending a first authorization request in response to determining that said first computing device cannot access said network service; accessing a device ID; receiving a first key from a second computing device associated with said network; using said first key to access the network service; replicating a security service on the first computing device, wherein the security service is operable to allow the first computing device to replicate the security service on a third computing device; when a security service on the second computing device and the security service on the first computing device are synchronized, communicating between the second computing device and the first computing device an identifier of a device that has been added to the network or removed from the network; and when one of the second computing device or the first computing device has been offline, receiving in the one of the second computing device or the first computing device the identifier of the device that has been added to the network. - View Dependent Claims (10, 11, 12)
-
-
13. A method for securing a network comprising a plurality of devices, comprising:
-
receiving, from a first device, an authorization request to access at least one network service and a device identifier (ID); receiving, via an interface, an approval of the first device that is based on the device ID; in response to determining that the first device is not a disallowed device, generating, based on the device ID, a key for the first device, wherein said at least one network service may be accessed using said key; replicating a security service to the first device based on a determination that the first device can provide the security service and serve as an authorizing device for subsequent device approvals and validations; and synchronizing, to the first device and to other devices of the plurality of devices, security information indicative of access to said at least one network service. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification