Arrangement for tracking IP address usage based on authenticated link identifier
First Claim
1. A method in an Internet Protocol (IP) based router in a network, the method comprising:
- creating a cache entry specifying an authenticated client identifier and a corresponding authenticated link identifier for a client device attached to the network based on the authenticated link identifier;
receiving a message that specifies the authenticated link identifier and a source IP address;
adding the source IP address to the cache entry specifying the authenticated link identifier based on parsing the message; and
outputting to an audit resource a record that specifies the source IP address and the authenticated link identifier.
1 Assignment
0 Petitions
Accused Products
Abstract
Link layer authentication information is supplied by a link layer authentication device to an access router for tracking IP address usage by a client device. The authentication information supplied to the access router includes an authenticated client identifier and a corresponding authenticated link identifier for the client device that attached to the network based on the authenticated link identifier. The access router, in response to receiving a message that specifies the authenticated link identifier and a source IP address, adds the source IP address to a cache entry that specifies the authenticated client identifier and the corresponding authenticated link identifier, and outputs to an audit resource a record that specifies the source IP address and the authenticated link identifier.
-
Citations
31 Claims
-
1. A method in an Internet Protocol (IP) based router in a network, the method comprising:
-
creating a cache entry specifying an authenticated client identifier and a corresponding authenticated link identifier for a client device attached to the network based on the authenticated link identifier;
receiving a message that specifies the authenticated link identifier and a source IP address;
adding the source IP address to the cache entry specifying the authenticated link identifier based on parsing the message; and
outputting to an audit resource a record that specifies the source IP address and the authenticated link identifier. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method in a network, the method comprising:
-
in a link layer authentication device;
(1) detecting an establishment of a link with a client device on an identified link port, (2) attempting authentication of the client device attached to the identified link port based on sending, to an authentication server, client device information including a client identifier, and (3) outputting to an IP router, based on authentication of the client device by the authentication server, the client identifier as an authenticated client identifier and an authenticated link identifier relative to the corresponding link port; and
in the IP router;
(1) receiving the authenticated client identifier and the corresponding authenticated link identifier, (2) creating a cache entry specifying the authenticated client identifier and the corresponding authenticated link identifier, (3) receiving a message that specifies the authenticated link identifier and a source IP address, (4) adding the source IP address to the cache entry specifying the authenticated link identifier based on parsing the message, and (5) outputting to an audit resource a record that specifies the source IP address and the authenticated link identifier. - View Dependent Claims (9, 10, 11, 12)
-
-
13. An Internet Protocol (IP) based router configured for outputting IP packets in a network, the router comprising:
-
means for creating a cache entry specifying an authenticated client identifier and a corresponding authenticated link identifier for a client device attached to the network based on the authenticated link identifier;
means for receiving a message that specifies the authenticated link identifier and a source IP address, the means for creating configured for adding the source IP address to the cache entry specifying the authenticated link identifier based on parsing the message; and
means for outputting to an audit resource a record that specifies the source IP address and the authenticated link identifier. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
-
20. A network comprising:
-
an IP router; and
a link layer authentication device having;
(1) means for detecting an establishment of a link with a client device on an identified link port, (2) means for attempting authentication of the client device attached to the identified link port based on sending, to an authentication server, client device information including a client identifier, and (3) means for outputting to the IP router, based on authentication of the client device by the authentication server, the client identifier as an authenticated client identifier and an authenticated link identifier relative to the corresponding link port;
the IP router comprising;
(1) means for receiving an authentication message specifying the authenticated client identifier and the corresponding authenticated link identifier, (2) means for creating a cache entry specifying the authenticated client identifier and the corresponding authenticated link identifier based on the authentication message, (3) the means for receiving further configured for receiving a message that specifies the authenticated link identifier and a source IP address, the means for creating configured for adding the source IP address to the cache entry specifying the authenticated link identifier based on parsing the message, and (4) means for outputting to an audit resource a record that specifies the source IP address and the authenticated link identifier. - View Dependent Claims (21, 22, 23, 24)
-
-
25. A computer readable medium having stored thereon sequences of instructions, executable by a router, for tracking Internet Protocol (IP) address usage, the sequences of instructions including instructions for:
-
creating a cache entry specifying an authenticated client identifier and a corresponding authenticated link identifier for a client device attached to the network based on the authenticated link identifier;
receiving a message that specifies the authenticated link identifier and a source IP address;
adding the source IP address to the cache entry specifying the authenticated link identifier based on parsing the message; and
outputting to an audit resource a record that specifies the source IP address and the authenticated link identifier. - View Dependent Claims (26, 27, 28, 29, 30, 31)
-
Specification