NETWORK DEVICE AUTHENTICATION
First Claim
1. A method comprising:
- generating, via a first optical network device, a notification message;
transmitting, via the first optical network device, the notification message to a second optical network device;
receiving, via the first optical network device, a first authentication message comprising first message data and a first authentication code generated via the second optical network device based on the first message data and a first key;
generating, via the first optical network device, a second authentication message comprising second message data and a second authentication code generated based on the second message data and a second key;
transmitting, via the first optical network device, the second authentication message to the second optical network device; and
receiving, via the first optical network device, an authentication complete message from the second optical network device.
9 Assignments
0 Petitions
Accused Products
Abstract
In general, this disclosure relates to maintaining security between an optical network terminal (ONT) and an optical network aggregation device in an Active Ethernet network. An optical network aggregation device includes one or more optical Ethernet switches that can be adaptively configured to support authentication of one or more ONTs. For example, the optical network aggregation device may include a controller with an authentication unit for managing ONT authentication and an optical Ethernet interface for transmitting and receiving data over the optical network. The authentication unit may exchange authentication request messages via the optical Ethernet interface with an ONT and grant the ONT access to the provider network based on the exchange, thereby preventing rogue devices from gaining access to the provider network.
46 Citations
29 Claims
-
1. A method comprising:
-
generating, via a first optical network device, a notification message; transmitting, via the first optical network device, the notification message to a second optical network device; receiving, via the first optical network device, a first authentication message comprising first message data and a first authentication code generated via the second optical network device based on the first message data and a first key; generating, via the first optical network device, a second authentication message comprising second message data and a second authentication code generated based on the second message data and a second key; transmitting, via the first optical network device, the second authentication message to the second optical network device; and receiving, via the first optical network device, an authentication complete message from the second optical network device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An optical network device comprising a processor configured to:
-
generate a notification message; transmit the notification message to a second optical network device; receive a first authentication message comprising first message data and a first authentication code, wherein the first authentication code is generated via the second optical network device based on the first message data and a first key; generate a second authentication message comprising second message data and a second authentication code generated based on the second message data and a second key; transmit the second authentication message to the second optical network device; and receive an authentication complete message from the second optical network device. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer-readable storage medium comprising instructions that, upon execution, cause one or more processors to:
-
generate, via a first optical network device, a notification message; transmit, via the first optical network device, the notification message to a second optical network device; receive, via the first optical network device, a first authentication message comprising first message data and a first authentication code generated via the second optical network device based on the first message data and a first key; generate, via the first optical network device, a second authentication message comprising second message data and a second authentication code generated based on the second message data and a second key; transmit, via the first optical network device, the second authentication message to the second optical network device; and receive, via the first optical network device, an authentication complete message from the second optical network device. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
-
22. An optical network device comprising:
-
means for generating a notification message; means for transmitting the notification message to a second optical network device; means for receiving a first authentication message comprising first message data and a first authentication code generated via the second optical network device based on the first message data and a first key; means for generating a second authentication message comprising second message data and a second authentication code generated based on the second message data and a second key; means for transmitting the second authentication message to the second optical network device; and means for receiving an authentication complete message from the second optical network device. - View Dependent Claims (23, 24, 25, 26, 27, 28)
-
-
29. A system comprising:
-
an optical network aggregation device; and an optical network termination device, wherein the optical network termination device comprises a processor configured to; generate a notification message; transmit the notification message to the optical network aggregation device; receive a first authentication message comprising first message data and a first authentication code generated via the optical network aggregation device based on the first message data and a first key; generate a second authentication message comprising second message data and a second authentication code generated based on the second message data and a second key; transmit the second authentication message to the optical network aggregation device; and receive an authentication complete message from the optical network aggregation device.
-
Specification