SYSTEMS AND METHODS FOR NETWORK MANAGEMENT USING SECURE MESH COMMAND AND CONTROL FRAMEWORK
First Claim
1. A method of distributing a network command, comprising;
- generating at least one network command via a set of targets;
authenticating a security credential for at least one target in the set of targets to identify at least one trusted target;
establishing a secure channel between the at least one trusted target and at least one controlled target in the set of targets;
validating the authorization of the at least one trusted target to execute the network command via an access control list; and
communicating command data to the at least one controlled target from the at least one trusted target.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments relate to systems and methods for network management using a secure mesh command and control framework. A network management server can communicate with a set of supervisory hosts, which in turn communicate with an underlying set of targets. The set of targets can have associated digital certificates which can be authenticated by common certificate authorities. A controlled target can authenticate one or more other target requesting access to the controlled target via the trusted common certificate authority. One authenticated target can therefore mesh on a trusted basis with another target to perform installation, monitoring, testing, or other activities directly on the target of interest, without channeling commands through an intervening supervisory host.
-
Citations
19 Claims
-
1. A method of distributing a network command, comprising;
-
generating at least one network command via a set of targets; authenticating a security credential for at least one target in the set of targets to identify at least one trusted target; establishing a secure channel between the at least one trusted target and at least one controlled target in the set of targets; validating the authorization of the at least one trusted target to execute the network command via an access control list; and communicating command data to the at least one controlled target from the at least one trusted target. - View Dependent Claims (2, 3, 4, 5, 6, 7, 12)
-
-
8. A mesh network system, comprising:
-
an interface to a set of targets in a network; and at least one trusted target; and at least one controlled target, the at least one controlled target communicating with the at least one trusted target via the interface and being configured to receive a request for the initiation of a at least one network command from the at least one trusted target, initiate the authentication of a security credential of the at least one trusted target, and validate the authorization of the at least one trusted target to execute the network command via an access control list. - View Dependent Claims (9, 10, 11, 13, 14)
-
-
15. A network command communicated to a controlled target machine, the network command being generated by a method comprising:
-
generating at least one network command via a set of targets; authenticating a security credential for at least one target in the set of targets to identify at least one trusted target; establishing a secure channel between the at least one trusted target and at least one controlled target in the set of targets; validating the authorization of the at least one trusted target to execute the network command via an access control list; and communicating command data to the at least one controlled target from the at least one trusted target. - View Dependent Claims (16, 17, 18, 19)
-
Specification