Subnet box
First Claim
1. A method of facilitating authentication and security at an edge of a network comprising the steps of:
- receiving a data packet;
determining whether a source identifier exists in said data packet; and
if said source identifier exists, retrieving a cryptographic key from local storage associated with said source identifier, decrypting a portion of said data packet using said identified cryptographic key, and directing said data packet toward its recipient.
2 Assignments
0 Petitions
Accused Products
Abstract
The invention provides an external in-line device (“Subnet Box”) placed between a network and an access point to achieve secure Wi-Fi communications without needing to modify the access point. The Subnet Box comprises an embedded token and will authenticate users based on pre-stored access rights. In at least one embodiment of the invention, the Subnet Box comprises: a first communications port for intercepting data packets communicated to and from a wired communications network; a second communications port for intercepting data packets communicated to and from a wireless access point, wherein the wireless access point is an edge device of the wired communications network; a database comprising a number of serial numbers each associated with a client token and a secret cryptographic key; and a processor for determining whether a computing device having a client token can access the wired communications network via the wireless access point. The processor establishes a secure tunnel between the computing device and the first communications port.
-
Citations
11 Claims
-
1. A method of facilitating authentication and security at an edge of a network comprising the steps of:
-
receiving a data packet;
determining whether a source identifier exists in said data packet; and
if said source identifier exists, retrieving a cryptographic key from local storage associated with said source identifier, decrypting a portion of said data packet using said identified cryptographic key, and directing said data packet toward its recipient. - View Dependent Claims (2, 3, 4, 5)
-
-
6. An apparatus comprising:
-
a first communications port for intercepting data packets communicated to and from a wired communications network;
a second communications port for intercepting data packets communicated to and from a wireless access point, wherein said wireless access point is an edge device of said wired communications network;
a database comprising a number of serial numbers each associated with a client token and a secret cryptographic key; and
a processor for determining whether a computing device having a client token can access said wired communications network via said wireless access point. - View Dependent Claims (7, 8, 9, 10, 11)
-
Specification