Method and system for inter-subnet pre-authentication
First Claim
1. A method for performing inter-subnet pre-authentication, comprising receiving a pre-authentication request by a first access point associated with a first subnet from a mobile node requesting pre-authentication with a second access point on a second subnet;
- forwarding the pre-authentication request to a first authenticator, wherein the first authenticator is the authenticator for the first access point;
obtaining from a root infrastructure node, an address for a second authenticator that is the authenticator for the second access point by the first authenticator; and
pre-authenticating the mobile node with the second authenticator by the first access point.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for performing pre-authentication across inter-subnets. A pre-authentication request is received by a first access point associated with a first subnet from a mobile node requesting that is requesting pre-authentication with a second access point associated with a second subnet. The request is forwarded by the access point to a first authenticator that is the authenticator for the first subnet. The first authenticator obtains from a root infrastructure node the address for a second authenticator that is the authenticator for the second access point. The first authenticator then pre-authenticates the mobile node with the second authenticator by sending a message to the address for the second authenticator.
-
Citations
21 Claims
-
1. A method for performing inter-subnet pre-authentication, comprising receiving a pre-authentication request by a first access point associated with a first subnet from a mobile node requesting pre-authentication with a second access point on a second subnet;
-
forwarding the pre-authentication request to a first authenticator, wherein the first authenticator is the authenticator for the first access point;
obtaining from a root infrastructure node, an address for a second authenticator that is the authenticator for the second access point by the first authenticator; and
pre-authenticating the mobile node with the second authenticator by the first access point. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for performing pre-authentication, comprising:
-
authenticating a first authenticator for a first subnet by an infrastructure authenticator associated with a wireless location register;
authenticating a second authenticator for a second subnet by the infrastructure authenticator associated with the wireless location register;
authenticating a first access point associated with the first subnet by the infrastructure authenticator associated with the wireless location register, wherein the first authenticator is the authenticator for the first access point;
authenticating a second access point associated with the second subnet by the infrastructure authenticator associated with the wireless location register, wherein the second authenticator is an authenticator for the second access point;
receiving a pre-authentication request by the first access point from a mobile node requesting pre-authentication with the second access point;
forwarding the pre-authentication request to the first authenticator;
obtaining from the wireless location register the address for the authenticator for the second access point by the first authenticator; and
pre-authenticating the mobile node with the second authenticator via the first access point. - View Dependent Claims (13, 14, 15)
-
-
16. A system for performing pre-authentication, comprising
means for receiving a pre-authentication request by a first access point associated with a first subnet from a mobile node requesting pre-authentication with a second access point on a second subnet; -
means for forwarding the pre-authentication request to a first authenticator, wherein the first authenticator is an authenticator for the first subnet;
means for obtaining from a root infrastructure node, an address for a second authenticator that is an authenticator for the second access point by the first authenticator; and
means for pre-authenticating the mobile node with the second authenticator by the first authenticator. - View Dependent Claims (17, 18, 19, 20)
-
-
21. A hierarchical network, comprising:
-
a root infrastructure node, the root infrastructure node comprising a wireless location register and an associated infrastructure authenticator;
an authentication server coupled to the root infrastructure node via a first communication interface;
a first subnet comprising a first wireless domain server coupled to the root infrastructure node via a second communication interface, the first wireless domain server being co-located with the authenticator for a first subnet;
a second subnet comprising a second wireless domain server coupled to the root infrastructure node via the second communication interface, the second wireless domain server being co-located with the authenticator for the second subnet;
a first wireless access point associated with the first subnet communicatively coupled to the first wireless domain server; and
a second wireless access point associated with the second subnet communicatively coupled to the second wireless domain server;
wherein the infrastructure authenticator is responsive to authenticate the first wireless domain server, the second wireless domain servers, the first access point and the second access point enabling the first wireless domain server, the second wireless domain servers, the first access point and the second access to securely communicate with each other;
wherein the first wireless access point is responsive to receipt of a pre-authentication request from a mobile node that has been previously authenticated by the authentication server attempting to pre-authenticate with the second wireless access point to forward the pre-authentication request to the first wireless domain server;
wherein the first wireless domain server is responsive to obtain the address for the second wireless domain server from the wireless location register; and
wherein the first wireless domain server is responsive to securely communicate the pre-authentication request with the second wireless domain server.
-
Specification