Security Mechanism within a Local Area Network

US 20090187760A1
Filed: 01/23/2008
Published: 07/23/2009
Est. Priority Date: 01/23/2008
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

sending a first request to a server, said first request comprising a request for a server public key;

receiving said server public key;

using said server public key to establish a secure communication channel with said server;

sending a second request for a client security certificate using said secure communication channel;

receiving said client security certificate from said server; and

installing said security certificate.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A local area network server may issue security certificates to client devices on the network for two-way authentication across the network. The certificates may be issued through a transaction performed over the network and, in some cases, may be automated. The server may have a self signed or a trusted security certificate which may serve as a basis for issuing certificates to various clients. After a certificate is issued, future communications on the network may be authenticated by both the server and client, and the communications may be encrypted using the certificates.

Citations

20 Claims

1. A method comprising:
- sending a first request to a server, said first request comprising a request for a server public key;
  
  receiving said server public key;
  
  using said server public key to establish a secure communication channel with said server;
  
  sending a second request for a client security certificate using said secure communication channel;
  
  receiving said client security certificate from said server; and
  
  installing said security certificate.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, said request being transmitted over a local area network.
  - 3. The method of claim 1, said server public key being issued based on a server security certificate, said server security certificate being used to generate said client security certificate.
  - 4. The method of claim 3, said server security certificate being a self signed certificate.
  - 5. The method of claim 1, said second request comprising transmitting a password.
  - 6. The method of claim 1 further comprising:
    - using said client security certificate for authenticating with said server.
  - 7. The method of claim 1 further comprising:
    - using said client security certificate for encrypting a communication with said server.
  - 8. The method of claim 1 being performed without user interaction.

9. A server comprising:
- a server security certificate;
  
  a network connection configured to receive secure communications and non-secure communications, said secure communications being performed using said server security certificate;
  
  a certificate generator configured to create a client security certificate;
  
  a certificate issuer configured to;
  
  receive a request for said client security certificate from a client device, said request being made over said network connection; and
  
  transmit said client security certificate to said client device using said secure communication on said network connection.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The server of claim 9, said network connection being a connection to a local area network connection.
  - 11. The server of claim 10, said client device being within said local area network.
  - 12. The server of claim 9, said server security certificate being a self signed certificate.
  - 13. The server of claim 9, said request comprising a password.
  - 14. The server of claim 9, said certificate issuer being configured to operate without user interaction.

15. A client device comprising:
- a network connection configured to communicate with a server using secure communication and non-secure communication, said secure communication being performed with a server security certificate; and
  
  a security establisher configured to;
  
  using a public key from said server security certificate, establish a secure communication channel with said server;
  
  send a request for a client security certificate using said secure communication channel;
  
  receive said client security certificate from said server; and
  
  install said client security certificate.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The client device of claim 15, said network connection being a connection to a local area network connection.
  - 17. The client device of claim 16, said client device and said server being within said local area network.
  - 18. The client device of claim 15, said server security certificate being a self signed certificate.
  - 19. The client device of claim 15, said request comprising a password.
  - 20. The client device of claim 15, said security establisher being configured to operate without using interaction.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Elizarov, Michael, Fishman, Neil, Musayev, Eldar

Granted Patent

US 9,281,947 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/156
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/80   Wireless

H04L 63/0823   using certificates cryptogr...

H04L 63/20   for managing network securi...

H04L 9/3263   involving certificates, e.g...

H04L 9/3273   for mutual authentication n...

Security Mechanism within a Local Area Network

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Security Mechanism within a Local Area Network

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links