Fast re-authentication with dynamic credentials
First Claim
1. A method for a proxy server to re-authenticate clients, the steps comprising:
- receiving an authentication request for a client from a network access server;
forwarding the request to an authentication server;
receiving authentication keying material from the authentication; and
storing the authenticating keying material as dynamic credentials; and
forwarding the session key to the network access server.
1 Assignment
0 Petitions
Accused Products
Abstract
A proxy server that is inserted between a plurality of network access servers, typically an access points, and an authentication server. When an original authentication request is received by an network access server, the network access server forwards the request to the proxy server which forwards the request to an authentication server. The authentication server then sends the session information to the proxy server which stores the keying material as a dynamic credentials. When the client re-authenticates with one of the plurality of access servers, the re-authentication request is handled by the proxy server using the dynamic credentials. The proxy server may re-authenticate the client using a different method than the method that was originally used. For example, the original authentication may be by Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) and subsequent reauthentications may use Wi-Fi Protected Access (WPA).
-
Citations
21 Claims
-
1. A method for a proxy server to re-authenticate clients, the steps comprising:
-
receiving an authentication request for a client from a network access server;
forwarding the request to an authentication server;
receiving authentication keying material from the authentication; and
storing the authenticating keying material as dynamic credentials; and
forwarding the session key to the network access server. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for providing fast re-authentication with dynamic credentials, comprising:
-
a network access server a proxy authentication server connected to the plurality of network servers; and
an authentication server connected to the proxy authentication server;
wherein the proxy authentication servers appears as the authentication server to the network access server and the proxy authentication server appears as a network access server to the authentication server. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer-readable medium of instructions, comprising:
-
means for receiving an authentication request for a client from a network access server;
means for forwarding the request to an authentication server;
means for receiving authentication keying material from the authentication; and
means for storing the authenticating keying material as dynamic credentials; and
forwarding the session key to the network access server. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification