System and method for enabling authorization of a network device using attribute certificates
First Claim
1. A method for authorizing a network device, comprising:
- determining an attribute based, in part, on a capability of the network device;
generating an attribute certificate based, in part, on the attribute;
storing the attribute certificate including the attribute; and
if the attribute certificate is valid, authorizing access to a resource over a network based, in part, on the attribute associated with the attribute certificate.
6 Assignments
0 Petitions
Accused Products
Abstract
Methods and devices are directed to authorizing a network device to a resource over a network. An access server determines based, in part, on an attribute of the network device associated with the attribute certificate, whether the network device may be authorized access to the resource over the network. The attribute may be associated with a capability granted to the network device, a condition to be satisfied for the attribute to be valid, and the like. The attribute may belong to a group of network devices, or one or more users accessing the network through the network device. In one embodiment, the attribute certificate may be provided based on an automated security scan of the network device. In another embodiment, the access server may make the attribute available to a network resource associated with the access server.
48 Citations
14 Claims
-
1. A method for authorizing a network device, comprising:
-
determining an attribute based, in part, on a capability of the network device;
generating an attribute certificate based, in part, on the attribute;
storing the attribute certificate including the attribute; and
if the attribute certificate is valid, authorizing access to a resource over a network based, in part, on the attribute associated with the attribute certificate. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A network device for managing authorization to a resource over a network, comprising:
-
a first component configured to generate an attribute certificate, wherein the attribute certificate is based, in part, on a capability of another network device;
a second component, coupled to the first component, configured to store the attribute certificate; and
a third component, coupled to the second component, configured to authorize the other network device to the resource over the network based, in part, on the attribute of the other network device associated with the attribute certificate. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A network device for managing authorization to a resource over a network, comprising:
-
a means for generating an attribute certificate, wherein the attribute certificate is based on a capability of another network device;
a means for storing the attribute certificate; and
a means for authorizing the other network device to the resource over the network based, in part, on the attribute of the other network device associated with the attribute certificate.
-
Specification
-
- Resources
-
Current AssigneePiece Future Pte., Ltd.
-
Original AssigneeNokia, Inc. (Nokia Corporation)
-
InventorsCain, Adam, Barrett, Jeremey, Watkins, Craig R.
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current709/226
-
CPC Class CodesG06F 21/32 using biometric data, e.g. ...G06F 21/33 using certificatesG06F 21/335 for accessing specific reso...G06F 21/56 Computer malware detection ...G06F 2221/2105 Dual mode as a secondary as...G06F 2221/2141 Access rights, e.g. capabil...H04L 2209/80 Wireless network architectu...H04L 63/0823 using certificates cryptogr...H04L 9/3263 involving certificates, e.g...
