System console device authentication in a network environment
First Claim
1. A method for providing secure access to console functions of a computer system comprising:
- initiating a first EKE sequence to generate a device shared secret utilizing a default device identifier and associated shared secret on a system-attached device from which a console operation is desired enabled;
generating said device shared secret from said first EKE sequence, wherein said device shared secret is utilized in place of said default device shared secret in subsequent console authentication procedures; and
storing said device shared secret within a storage location of said system and on said system-attached device.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for providing secure access to console functions of a computer system and authentication of a console device is disclosed. The method comprises first initiating a first EKE sequence to generate a unique shared secret per device utilizing a default device identifier and associated default shared secret on a system-attached device from which a console operation is desired to be enabled. Then, a shared secret is generated from the first EKE sequence, and the generated shared secret is utilized in place of the default device shared secret in subsequent console authentication procedures for that device. Following, the shared secret is securely stored within a storage location of the system and on the system-attached device. The device'"'"'s shared secret is subsequently replaced on each connection from that device.
59 Citations
27 Claims
-
1. A method for providing secure access to console functions of a computer system comprising:
-
initiating a first EKE sequence to generate a device shared secret utilizing a default device identifier and associated shared secret on a system-attached device from which a console operation is desired enabled;
generating said device shared secret from said first EKE sequence, wherein said device shared secret is utilized in place of said default device shared secret in subsequent console authentication procedures; and
storing said device shared secret within a storage location of said system and on said system-attached device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for providing secure access to console functions of a computer system comprising logic for:
-
initiating a first EKE sequence to generate a device shared secret utilizing a default device identifier and associated shared secret on a system-attached device from which a console operation is desired enabled;
generating said device shared secret from said first EKE sequence, wherein said device shared secret is utilized in place of said default device shared secret in subsequent console authentication procedures; and
storing said device shared secret within a storage location of said system and on said system-attached device. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 18, 19, 20, 21, 22, 23, 24, 26)
-
-
17. A computer program product comprising:
-
a computer readable medium; and
program code on said computer readable medium for providing secure access to console functions of a computer system by;
initiating a first EKE sequence to generate a device shared secret utilizing a default device identifier and associated shared secret on a system-attached device from which a console operation is desired enabled;
generating a device shared secret from said first EKE sequence, wherein said device shared secret is utilized in place of said default device shared secret in subsequent console authentication procedures; and
storing said device shared secret within a storage location of said system and on said system-attached device.
-
-
25. A method of signing in authenticated users to a console function of a system, comprising:
-
determining via a first EKE sequence whether a device identifier and associated shared secret of a system-attached device matches a stored device identifier and associated shared secret on said system;
responsive to both ends having identical shared secrets, receiving a user-entered identifier and password;
responsive to said receiving, initiating a second EKE sequence to determine whether said user-entered identifier and password matches a user identifier and password combination stored on a storage location of said system; and
granting said user access to console functions only when said second EKE sequence is successful.
-
-
27. A method for secure authentication of a system console device within a network environment, comprising:
-
establishing a first console session from an authentication device, wherein a default device identifier is utilized to initiate an EKE sequence between a network-attached console device and a.. generating a shared secret key via an EKE sequence utilized to establish said first console session; and
subsequently authenticating a console operator via a second EKE sequence, wherein said shared secret key is utilized to encrypt data of an authentication process for said console operator attempting to utilize said console operation.
-
Specification