DYNAMICALLY MAPPING NETWORK TRUST RELATIONSHIPS
First Claim
1. A method comprising:
- receiving an access request, from an authenticator device, to grant a supplicant device access to a data network;
transmitting the access request to an authentication server;
after sending a response that the access request was granted, updating a trust topology map by including in the trust topology map information that has been obtained from the response and that indicates a secure link between the authenticator device and the supplicant device, and causing displaying the updated trust topology map as a logical map depicting one or more network devices present in the data network and roles assigned to the one or more network devices;
wherein the method is performed by one or more computing devices.
1 Assignment
0 Petitions
Accused Products
Abstract
In an embodiment, the method is comprising, receiving an access request, from an authenticator device, to grant a supplicant device access to a data network; transmitting the access request to an authentication server; after sending a response that the access request was granted, updating a trust topology map by including in the trust topology map information that has been obtained from the response and that indicates a secure link between the authenticator device and the supplicant device, and causing displaying the updated trust topology map as a logical map depicting one or more network devices and roles assigned to the one or more network devices; wherein the method is performed by one or more computing device.
73 Citations
18 Claims
-
1. A method comprising:
-
receiving an access request, from an authenticator device, to grant a supplicant device access to a data network; transmitting the access request to an authentication server; after sending a response that the access request was granted, updating a trust topology map by including in the trust topology map information that has been obtained from the response and that indicates a secure link between the authenticator device and the supplicant device, and causing displaying the updated trust topology map as a logical map depicting one or more network devices present in the data network and roles assigned to the one or more network devices; wherein the method is performed by one or more computing devices. - View Dependent Claims (2)
-
-
3. A method comprising:
-
receiving one or more authentication protocol messages, from an authenticator device, to authenticate a supplicant device; transmitting the one or more authentication protocol messages to an authentication server; after sending one or more corresponding response messages comprising one or more positive responses to the one or more authentication protocol messages, updating a trust topology map to include information reflecting changes in one or more security trust relationships between the authenticator device and the supplicant device based on the authentication protocol messages and the response messages; wherein the method is performed by one or more processors. - View Dependent Claims (4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. An internetworking device, comprising:
-
one or more processors; an access unit coupled to the one or more processors and configured as a management device and configured to perform; receiving an access request, from an authenticator device, to grant a supplicant device access to a data network; transmitting the access request to an authentication server; after sending a confirmation that the access request was successfully granted and establishing a secure link between the authenticator device and the supplicant device, updating a trust topology map by including in the trust topology map information about the secure link; a policy unit coupled to the one or more processors and configured to perform; receiving a peer policy request, from the authenticator device, to obtain a peer policy for the supplicant device; after sending the peer policy for the supplicant device, updating the trust topology map by including the peer policy in the trust topology map; a topology unit coupled to the one or more processors and configured to perform; displaying the updated trust topology map as a logical map depicting one or more network devices present in the data network and depicting roles that the one or more network devices assume in the data network. - View Dependent Claims (13, 14, 15)
-
-
16. A non-transitory computer-readable storage medium storing one or more sequences of instructions which, when executed by one or more processors, cause the one or more processors of a management device to perform:
-
receiving an access request, from an authenticator device, to grant a supplicant device access to a data network; transmitting the access request to an authentication server; after sending a confirmation that the access request was successfully granted and establishing a secure link between the authenticator device and the supplicant device, updating a trust topology map by including in the trust topology map information that was obtained from the response and that indicates that the secure link has been established; receiving a peer policy request, from the authenticator device, to obtain a peer policy for the supplicant device; after sending the peer policy for the supplicant device, updating the trust topology map by including the peer policy in the trust topology map; displaying the updated trust topology map as a logical map depicting one or more network devices present in the data network and depicting roles that the one or more network devices assume in the data network. - View Dependent Claims (17, 18)
-
Specification