Roaming secure authenticated network access method and apparatus
First Claim
Patent Images
1. An apparatus comprising:
- an input/output interface adapted to be coupled to a networking interface of a host device on which the apparatus is designed to be installed, the host device, in addition to the networking interface, to further include a processor coupled with the networking interface, adapted to execute an operating system and one or more software components;
non-volatile storage having one or more platform management components adapted to present information associated with a prior network access grant of the host system to obtain a subsequent network access grant for the host device, through the input/output interface of the apparatus and the networking interface of the host device, the information associated with the prior network access grant of the host system to be stored on either the non-volatile storage or a storage of the host device; and
a processing core coupled to the input/output interface and the non-volatile storage to operate the one or more platform management components.
1 Assignment
0 Petitions
Accused Products
Abstract
Secure re-authentication of host devices roaming between different connection and/or access points within a network controlled by the same administrative domain is described. Platform overhead associated with exchanging information for authentication and/or validation on each new connection during mobility is reduced by enabling prior authenticated network access to influence subsequent network access.
-
Citations
28 Claims
-
1. An apparatus comprising:
-
an input/output interface adapted to be coupled to a networking interface of a host device on which the apparatus is designed to be installed, the host device, in addition to the networking interface, to further include a processor coupled with the networking interface, adapted to execute an operating system and one or more software components; non-volatile storage having one or more platform management components adapted to present information associated with a prior network access grant of the host system to obtain a subsequent network access grant for the host device, through the input/output interface of the apparatus and the networking interface of the host device, the information associated with the prior network access grant of the host system to be stored on either the non-volatile storage or a storage of the host device; and a processing core coupled to the input/output interface and the non-volatile storage to operate the one or more platform management components. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 18, 19, 20, 21)
-
-
17. A system comprising:
-
a network interface; a mass storage device; a first processor coupled to the network interface and the mass storage device; a second processor coupled with the network interface; memory configured to store information associated with a prior network connection of the system; an operating system and one or more software components adapted to be executed by the first processor; and one or more platform management components adapted to be executed by the second processor to present the stored information associated with the prior network connection to obtain a subsequent network connection for the system.
-
-
22. A method comprising:
-
receiving an access request to a network for an apparatus; receiving information associated with an access grant of a prior network connection of the apparatus; determining whether to grant the requested network access to the apparatus based at least in part on the received prior network connection access grant information of the apparatus and, if network access is to be granted to the apparatus, further retrieving policy information, if any, to govern the network access to be granted to the apparatus based also at least in part on the received prior network connection information of the apparatus; and transmitting the result of the network access grant determination to the apparatus. - View Dependent Claims (23, 24, 25, 26)
-
-
27. An article of manufacture comprising:
a storage medium having stored therein a plurality of programming instructions that, when activated, cause a processor to determine and maintain information associated with a prior network access grant of a host electronic device on which the processor is installed; transmit the information associated with the prior network access grant to a remote device via a network interface of the host electronic device; receive policy information from the remote device via the network interface, the policy information governing a new access to a network by the host electronic device; and enforce network access by the host electronic device based at least in part on the received policy information. - View Dependent Claims (28)
Specification