TLS tunneling
First Claim
1. A method of authenticating a client computing device comprising:
- authenticating a server computing device;
establishing a secure communication tunnel with the server computing device;
transmitting an identity information to the server computing device through the secure communication tunnel; and
transmitting an authentication information, according to an extensible authentication protocol, to the server computing device through the secure communication tunnel.
2 Assignments
0 Petitions
Accused Products
Abstract
An authentication protocol can be used to establish a secure method of communication between two devices on a network. Once established, the secure communication can be used to authenticate a client through various authentication methods, providing security in environments where intermediate devices cannot be trusted, such as wireless networks, or foreign network access points. Additionally, the caching of session keys and other relevant information can enable the two securely communicating endpoints to quickly resume their communication despite interruptions, such as when one endpoint changes the access point through which it is connected to the network. Also, the secure communication between the two devices can enable users to roam off of their home network, providing a mechanism by which access through foreign networks can be granted, while allowing the foreign network to monitor and control the use of its bandwidth.
312 Citations
75 Claims
-
1. A method of authenticating a client computing device comprising:
-
authenticating a server computing device;
establishing a secure communication tunnel with the server computing device;
transmitting an identity information to the server computing device through the secure communication tunnel; and
transmitting an authentication information, according to an extensible authentication protocol, to the server computing device through the secure communication tunnel. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method of authenticating a client computing device comprising:
-
transmitting authentication information to the client computing device;
establishing a secure connection tunnel with the client computing device;
receiving an identity information from the client computing device through the secure communication tunnel; and
receiving an authentication information, according to an extensible authentication protocol, from the client computing device through the secure communication tunnel. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A computer-readable medium having computer-executable instructions for authenticating a client computing device, the computer-executable instructions performing steps comprising:
-
authenticating a server computing device;
establishing a secure communication tunnel with the server computing device;
transmitting an identity information to the server computing device through the secure communication tunnel; and
transmitting an authentication information, according to an extensible authentication protocol, to the server computing device through the secure communication tunnel. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32)
-
-
33. A computer-readable medium having computer-executable instructions for authenticating a client computing device, the computer-executable instructions performing steps comprising:
-
transmitting authentication information to the client computing device;
establishing a secure connection tunnel with the client computing device;
receiving an identity information from the client computing device through the secure communication tunnel; and
receiving an authentication information, according to an extensible authentication protocol, from the client computing device through the secure communication tunnel. - View Dependent Claims (34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48)
-
-
49. A client computing device comprising:
-
a processing unit performing steps comprising;
authenticating a server computing device; and
establishing a secure communication tunnel with the server computing device; and
a network interface performing steps comprising;
transmitting an identity information to the server computing device through the secure communication tunnel; and
transmitting an authentication information, according to an extensible authentication protocol, to the server computing device through the secure communication tunnel. - View Dependent Claims (50, 51, 52, 53, 54, 55, 56, 57, 58)
-
-
59. A server computing device comprising:
-
a processing unit performing steps comprising;
establishing a secure connection tunnel with a client computing device; and
a network interface performing steps comprising;
transmitting authentication information to the client computing device;
receiving an identity information from the client computing device through the secure communication tunnel; and
receiving an authentication information, according to an extensible authentication protocol, from the client computing device through the secure communication tunnel. - View Dependent Claims (60, 61, 62, 63, 64, 65, 66, 67)
-
-
68. The server computing device of claim 68 wherein the processing unit performs further steps comprising:
- determining a client computing device configuration based on the client computing device identity information and the client computing device authentication information.
-
69. An access point comprising a network interface, the network interface performing steps comprising:
-
receiving authentication information from a server computing device;
transmitting the authentication information to a client computing device;
transmitting encrypted packets, representing a secure connection tunnel, to and from the client computing device and the server computing device;
receiving an identity information encrypted packet from the client computing device;
transmitting the identity information encrypted packet to the server computing device;
receiving an authentication information encrypted packet from the client computing device; and
transmitting the authentication information encrypted packet to the server computing device. - View Dependent Claims (70)
-
-
71. A computer-readable medium having computer-executable instructions for providing access to a secure network, the computer-executable instructions performing steps comprising:
-
establishing a secure communication tunnel;
selecting an authentication mechanism using an extensible authentication protocol through the secure communication tunnel;
transmitting authentication information according to the selected authentication mechanism through the secure communication tunnel; and
providing access to an appropriate amount of the secure network based on the authentication information. - View Dependent Claims (72, 73, 74)
-
-
75. A packet of computer-readable information comprising:
-
a mandatory field comprising data indicating whether the packet contains mandatory information;
a reserved field comprising data indicating whether the packet is reserved;
a type field comprising data indicating a type of an attribute contained in a value field;
a length field comprising data indicating a length of the packet; and
the value field comprising the attribute, wherein the attribute is used with a protected extensible authentication protocol.
-
Specification