Secure network access method
First Claim
1. An authentication process comprising the steps of:
- sending out from a mobile client a solicitation message that contains a proof of identity of the mobile client;
verifying the proof by a trusted entity; and
returning an advertising message from an access router only when the proof is successfully verified.
3 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides network-layer authentication protocols for authenticating mobile client and access router to each other. The present invention uses Router Discovery as a carrier to implement the authentication protocols. In an embodiment of the present invention, a mobile client sends out a solicitation message to request connectivity service. The solicitation message contains a proof of identity of the mobile client. An access router that receives the solicitation message will not respond to it until the proof of the identity is verified. Only when the proof of identity of the mobile client is verified, will the access router respond and return an advertising message to the mobile client, thereby preventing unauthorized mobile clients from obtaining network access.
90 Citations
37 Claims
-
1. An authentication process comprising the steps of:
-
sending out from a mobile client a solicitation message that contains a proof of identity of the mobile client;
verifying the proof by a trusted entity; and
returning an advertising message from an access router only when the proof is successfully verified. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A mobile client comprising:
-
a transmitter for sending out a solicitation message that contains a proof of identity of the mobile client; and
a receiver for receiving an advertising message from an access router, wherein the mobile client receives the advertising message only when the proof is successfully verified. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
-
-
24. An AAA network comprised of a plurality of administrative domains each served by at least one administrative server and each having at least one access router deployed therein, comprising:
-
a mobile client that sends out a solicitation message that contains a proof of identity of the mobile client;
a trusted entity that verifies the proof; and
an access router that returns an advertising message only when the proof is successfully verified. - View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37)
-
Specification