TUNNELING SECURITY ASSOCIATION MESSAGES THROUGH A MESH NETWORK
First Claim
Patent Images
1. A network, comprising:
- a first node configured to transmit a first packet to a mesh authenticator node, wherein the first packet comprises an EAP request message;
a mesh authenticator node configured to receive the first packet and to transmit a first EAP encapsulation request message, wherein the first EAP encapsulation request message comprises the EAP request message;
a mesh key distributor configured to receive the first EAP encapsulation request message over a secure channel between the mesh authenticator node and mesh key distributor; and
an authentication server configured to receive the contents of the first EAP encapsulation message over a wired link from the mesh key distributor, to authenticate the first node, to generate a final EAP response message, and to transmit the final EAP response message to the mesh key distributor,wherein the mesh key distributor is configured to receive the final EAP response message from the authentication server, to generate a final EAP encapsulation response message to the mesh authenticator node, wherein the final EAP encapsulation response message comprises an EAP response message and has a message type, and to transmit the final EAP encapsulation response message to the mesh authenticator over the secure channel.
7 Assignments
0 Petitions
Accused Products
Abstract
The disclosure relates to techniques and technologies for establishing a secure link between a mesh authenticator and a mesh key distributor for transporting security association messages. The secure link can allow the mesh key distributor to communicate results of an authentication process to the mesh authenticator.
84 Citations
43 Claims
-
1. A network, comprising:
-
a first node configured to transmit a first packet to a mesh authenticator node, wherein the first packet comprises an EAP request message; a mesh authenticator node configured to receive the first packet and to transmit a first EAP encapsulation request message, wherein the first EAP encapsulation request message comprises the EAP request message; a mesh key distributor configured to receive the first EAP encapsulation request message over a secure channel between the mesh authenticator node and mesh key distributor; and an authentication server configured to receive the contents of the first EAP encapsulation message over a wired link from the mesh key distributor, to authenticate the first node, to generate a final EAP response message, and to transmit the final EAP response message to the mesh key distributor, wherein the mesh key distributor is configured to receive the final EAP response message from the authentication server, to generate a final EAP encapsulation response message to the mesh authenticator node, wherein the final EAP encapsulation response message comprises an EAP response message and has a message type, and to transmit the final EAP encapsulation response message to the mesh authenticator over the secure channel. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A method, comprising:
-
transmitting, from a first node, a first packet to a second node, wherein the first packet comprises an EAP request message; receiving the first packet at the second node; transmitting, from the second node, a first EAP encapsulation request message to a mesh key distributor over the secure channel between the second node and the mesh key distributor, wherein the first EAP encapsulation request message comprises the EAP request message; and transmitting, from the mesh key distributor, a final EAP encapsulation response message to the second node over the secure channel between the second node and the mesh key distributor, wherein the final EAP encapsulation response message comprises an indication of a message type. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43)
-
Specification