Method and apparatus for initializing security information on a network device
First Claim
1. A method for initializing security information for a network device over a network, comprising:
- creating an account having a security parameter, wherein a first protocol having no encryption capability is used to create said account and said account corresponds to a second protocol which does support encryption;
transmitting said security parameter unencrypted to a network management application over said network in accordance with said first protocol;
encrypting said security information using said security parameter;
transmitting encrypted security information over said network to said network device in accordance with said second protocol;
initializing said network device with said security information.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for initializing security information for a network device. Two protocols are used. A first protocol, which has no encryption capability, is used to create an initial account. However, the initial account corresponds to a second protocol, and this second protocol does have encryption capability. A security parameter which is used to encrypt data and which corresponds to the initial account is transmitted by the network device to the network management application. The security parameter may be transmitted from the network device to the network management application openly via the first protocol. The network management application then uses this security parameter to encrypt sensitive security information needed for initially configuring the network device. The encrypted security information can now be transmitted securely over the network to the network device by means of the second protocol. Thereby, the network device can be initially configured with the requisite security information in an easy-to-use and relatively secure manner.
18 Citations
25 Claims
-
1. A method for initializing security information for a network device over a network, comprising:
-
creating an account having a security parameter, wherein a first protocol having no encryption capability is used to create said account and said account corresponds to a second protocol which does support encryption;
transmitting said security parameter unencrypted to a network management application over said network in accordance with said first protocol;
encrypting said security information using said security parameter;
transmitting encrypted security information over said network to said network device in accordance with said second protocol;
initializing said network device with said security information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of configuring a network device, comprising:
-
creating an account by using a first protocol, wherein said account includes a security parameter in accordance with a second protocol;
encoding security information corresponding to said security parameter;
configuring said network device with security information, wherein said security information is encoded according to said security parameter and transmitted to said network device in accordance with said second protocol. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. An apparatus for configuring a network device over a network, comprising:
-
means for creating an initial account having a security parameter, wherein a first protocol is used to create said initial account and said initial account corresponds to a second protocol which supports encryption;
means for transmitting said security parameter to a network management application over said network in accordance with said first protocol;
means for encrypting transmissions from said network management application to said network device according to said security parameter;
means for initializing said network device with said security information by said network management application over said network in an encrypted mode in accordance with said second protocol. - View Dependent Claims (17, 18)
-
-
19. A computer-readable medium having stored thereon instructions for configuring a network device over a network, comprising:
-
creating an initial SNMPv3 account by using SNMPv1;
transmitting an object corresponding to said initial SNMPv3 account over said network by using SNMPv1;
encrypting a security parameter according to said object;
transmitting an encrypted security parameter to said network device;
configuring said network device with said security parameter by using SNMPv3. - View Dependent Claims (20, 21)
-
-
22. A method for initializing security information on a network device over a network, comprising:
-
creating a temporary user account having a security feature, wherein said temporary user account is created via a first protocol and said temporary user account corresponds to a second protocol;
configuring said network device over said network in a secure manner according to said security feature via said second protocol;
destroying said temporary user account after said network device has been configured. - View Dependent Claims (23)
-
-
24. A method for configuring a network device with a security parameter over a network, comprising:
-
creating a user account and an associated account object via a first protocol, wherein said user account corresponds to a second protocol;
transmitting said account object to a management application over said network in accordance with said first protocol;
configuring said network device with said security parameter over said network in accordance with said second protocol, wherein communications with said network device is in a secure mode provided by said account object. - View Dependent Claims (25)
-
Specification